PHP trim and addslashes to multiple input variables

Is there a simple way of trimming and adding slashes to multiple, incoming $_POST or $_GET variables in PHP?

I have several input variables coming in (i.e. $_POST['first'],$_POST['last']) and I'd like to loop through them all, trim any newlines or spaces on either end, and add slashes for MySQL all at once, instead of:

$first = addslashes($_POST['first']);
$last = addslashes($_POST['last']);
$first = trim($first);
$last = trim($last);

I don't want to use magic_quotes because I need more control over where and when the form variable characters are escaped.

Thanks
$marc

LVL 3
marcparilloAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

glcumminsCommented:
<?php
$arrMyPostVariables = array()

foreach ($_POST as $field=>$value)
{
   $arrMyPostVariables[$field] = addslashes($value);
}
?>

Then, you can cycle through or retrieve values from $arrMyPostVariables as needed.
0
glcumminsCommented:
I apologize, I missed a semicolon:

<?php
$arrMyPostVariables = array();
...
0
marcparilloAuthor Commented:
Thanks,

Could I also add a trim() command to your suggestion?

foreach ($_POST as $field=>$value)
{
   $arrMyPostVariables[$field] = addslashes($value);
   $arrMyPostVariables[$field] = trim($value);
}

And then, to extract the values from the new array, I just call them as needed? Like this? --

$arrMyPostVariables['first']
$arrMyPostVariables['last']


0
Cloud Class® Course: Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

glcumminsCommented:
Yes, you can certainly add trim, or any other function. In fact, you can condense the code like this:

foreach ($_POST as $field=>$value)
{
   $arrMyPostVariables[$field] = trim(addslashes($value));
}

To extract the values, you will use your field names from your form. So, if you have a field named 'username', you would access it's value like this:

$arrMyPostVariables['username'];
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
marcparilloAuthor Commented:
Excellent!
Exactly what I needed. Thank You!
0
Steve BinkCommented:
Take a look at mysql_real_escape_string() also.  

http://www.php.net/manual/en/function.mysql-real-escape-string.php
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.