?
Solved

PHP trim and addslashes to multiple input variables

Posted on 2007-04-09
6
Medium Priority
?
2,022 Views
Last Modified: 2013-12-12
Is there a simple way of trimming and adding slashes to multiple, incoming $_POST or $_GET variables in PHP?

I have several input variables coming in (i.e. $_POST['first'],$_POST['last']) and I'd like to loop through them all, trim any newlines or spaces on either end, and add slashes for MySQL all at once, instead of:

$first = addslashes($_POST['first']);
$last = addslashes($_POST['last']);
$first = trim($first);
$last = trim($last);

I don't want to use magic_quotes because I need more control over where and when the form variable characters are escaped.

Thanks
$marc

0
Comment
Question by:marcparillo
  • 3
  • 2
6 Comments
 
LVL 24

Expert Comment

by:glcummins
ID: 18877518
<?php
$arrMyPostVariables = array()

foreach ($_POST as $field=>$value)
{
   $arrMyPostVariables[$field] = addslashes($value);
}
?>

Then, you can cycle through or retrieve values from $arrMyPostVariables as needed.
0
 
LVL 24

Expert Comment

by:glcummins
ID: 18877522
I apologize, I missed a semicolon:

<?php
$arrMyPostVariables = array();
...
0
 
LVL 3

Author Comment

by:marcparillo
ID: 18877566
Thanks,

Could I also add a trim() command to your suggestion?

foreach ($_POST as $field=>$value)
{
   $arrMyPostVariables[$field] = addslashes($value);
   $arrMyPostVariables[$field] = trim($value);
}

And then, to extract the values from the new array, I just call them as needed? Like this? --

$arrMyPostVariables['first']
$arrMyPostVariables['last']


0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 24

Accepted Solution

by:
glcummins earned 800 total points
ID: 18877622
Yes, you can certainly add trim, or any other function. In fact, you can condense the code like this:

foreach ($_POST as $field=>$value)
{
   $arrMyPostVariables[$field] = trim(addslashes($value));
}

To extract the values, you will use your field names from your form. So, if you have a field named 'username', you would access it's value like this:

$arrMyPostVariables['username'];
0
 
LVL 3

Author Comment

by:marcparillo
ID: 18877636
Excellent!
Exactly what I needed. Thank You!
0
 
LVL 51

Expert Comment

by:Steve Bink
ID: 18877639
Take a look at mysql_real_escape_string() also.  

http://www.php.net/manual/en/function.mysql-real-escape-string.php
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses how to implement server side field validation and display customized error messages to the client.
It’s a season to be thankful, and we’re thankful for users like you who engage on site, solve technology problems, and network with others in the industry. What tech are we most thankful for? Keep reading.
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
Suggested Courses
Course of the Month16 days, 10 hours left to enroll

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question