Code: Select all
<?
$test['a'] = "blah ' blah ' ";
$test['b'] = "choo ' choo ' ";
?>Code: Select all
$a="blah \' blah \' ";
$b="blah \' blah \' ";SM
Moderator: General Moderators
Code: Select all
<?
$test['a'] = "blah ' blah ' ";
$test['b'] = "choo ' choo ' ";
?>Code: Select all
$a="blah \' blah \' ";
$b="blah \' blah \' ";Code: Select all
$test = array_map('mysql_real_escape_string', $test);Code: Select all
<?
$id = mysql_real_escape_string($_POST['id'];
$link = mysql_real_escape_string($_POST['link'];
$linkimage = mysql_real_escape_string($_POST['linkimage'];
$title = mysql_real_escape_string($_POST['title'];
$content = mysql_real_escape_string($_POST['content'];
?>Code: Select all
<?
function escapeExtractArray($a) {
$temp=array_map("mysql_real_escape_string",$a);
extract($temp);
}
?>Code: Select all
<?php
$available_values = $_POST;
$wanted_variables = array('id', 'link', 'linkimage', 'title', 'content');
function makeVariables($available_values, $wanted_variables) {
foreach($wanted_variables as $wanted_variable) {
if (array_key_exists($wanted_variable, $available_values)) {
${$wanted_variable} = mysql_real_escape_string($available_values[$wanted_variable]);
} else {
// perhaps assign default value??
// or throw an exception??
}
}
}
?>Heh. I figured someone would point that out eventually. I ended up just doingWeirdan wrote:yeah. with some 'global' thrown into it might even workThat seems pretty nice timvw.
Code: Select all
$post=array_map('mysql_real_escape_string',$_POST);
extract($post);Yes. And I checked over my code.Weirdan wrote:You have been warned.I ended up just doing
Code: Select all
$form=array('id', 'link', 'linkimage', 'title', 'content');
foreach($form as $form) {
if (array_key_exists($_POST,$form)) {
${$form} = mysql_real_escape_string($_POST[$form]);
}
}Code: Select all
$form=array('id', 'link', 'linkimage', 'title', 'content');
foreach($form as $var) {
if (array_key_exists($var, $_POST)) {
${$var} = mysql_real_escape_string($_POST[$var]);
} else {
${$var} = null; // or some default value
}
}