SitePoint Sponsor

User Tag List

Results 1 to 6 of 6
  1. #1
    SitePoint Evangelist
    Join Date
    Mar 2004
    Location
    Fort Lauderdale
    Posts
    522
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    multidimentional array, mysql_real_escape

    I have this code. I would like to run mysql_real_escape through this array. I know that mysql_....only accepts a string. so How can I look through this array and run the mysql_real_escape through it without doing it one by one?

    Paul

    PHP Code:
    $USER['trainer']['gender'] = $_REQUEST[$FORMS['trainer']['gender']];
    $USER['trainer']['firstname'] = $_REQUEST[$FORMS['trainer']['firstname']] ;
    $USER['trainer']['lastname'] = $_REQUEST[$FORMS['trainer']['lastname']];
    $USER['trainer']['middlename'] = $_REQUEST[$FORMS['trainer']['middlename']];
    $USER['trainer']['address1'] = $_REQUEST[$FORMS['trainer']['address1']];
    $USER['trainer']['address2'] = $_REQUEST[$FORMS['trainer']['address2']];
    $USER['trainer']['country'] = $_REQUEST[$FORMS['trainer']['country']];
    $USER['trainer']['city'] = $_REQUEST[$FORMS['trainer']['city']];
    $USER['trainer']['state'] = $_REQUEST[$FORMS['trainer']['state']];
    $USER['trainer']['zip'] = $_REQUEST[$FORMS['trainer']['zip']];
    $USER['trainer']['phonehome'] = $_REQUEST[$FORMS['trainer']['phonehome']];
    $USER['trainer']['phonecell'] = $_REQUEST[$FORMS['trainer']['phonecell']];
    $USER['trainer']['email'] = $_REQUEST[$FORMS['trainer']['email']];
    $USER['trainer']['emailconfirm'] = $_REQUEST[$FORMS['trainer']['emailconfirm']]; 
    $USER['trainer']['password'] = $_REQUEST[$FORMS['trainer']['password']];
    $USER['trainer']['newpass'] = $_REQUEST[$FORMS['trainer']['newpass']];
    $USER['trainer']['newpassconfirm'] = $_REQUEST[$FORMS['trainer']['newpassconfirm']];
    $USER['trainer']['degree'] = $_REQUEST[$FORMS['trainer']['degree']];
    $USER['trainer']['studyfield'] = $_REQUEST[$FORMS['trainer']['studyfield']];
    $USER['trainer']['insurance'] = $_REQUEST[$FORMS['trainer']['insurance']];
    $USER['trainer']['cpr'] = $_REQUEST[$FORMS['trainer']['cpr']];
    $USER['trainer']['certifications'] = $_REQUEST[$FORMS['trainer']['certifications']];
    $USER['trainer']['trainerbackground'] = $_REQUEST[$FORMS['trainer']['trainerbackground']];
    $USER['trainer']['specialization'] = $_REQUEST[$FORMS['trainer']['specialization']];
    $USER['trainer']['yearsofexperience'] = $_REQUEST[$FORMS['trainer']['yearsofexperience']];
    $USER['trainer']['experiencetext'] = $_REQUEST[$FORMS['trainer']['experiencetext']]; 

  2. #2
    SitePoint Evangelist
    Join Date
    Mar 2004
    Location
    Fort Lauderdale
    Posts
    522
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    PHP Code:
    foreach ($USER['trainer'] as $key => $value)mysql_real_escape_string($key ); 
    somethign like that?

  3. #3
    SitePoint Evangelist
    Join Date
    Mar 2004
    Location
    Fort Lauderdale
    Posts
    522
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    PHP Code:
    $link mysql_connect('localhost''root''triadpass');

    foreach (
    $USER['trainer'] as $key => $value)
       
    $USER['trainer'][$key] = mysql_real_escape_string($value,$link); 
    worked for me...but will this prevent sql injections?

  4. #4
    SitePoint Zealot
    Join Date
    Mar 2004
    Location
    New Jersey
    Posts
    140
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    May I point you to array_map()?
    Last edited by plugged; May 26, 2004 at 04:01.

  5. #5
    SitePoint Enthusiast daveah's Avatar
    Join Date
    Jan 2004
    Location
    chester
    Posts
    51
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Bearing in mind that mysql_real_escape_string doesn't escape % or _.

    Maybe consider addslashes and stripslashes?

  6. #6
    SitePoint Zealot
    Join Date
    Jun 2003
    Location
    hamburg, germany
    Posts
    103
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    "Slash 'em: The War Against Magic Quotes" by: Harry Fuecks

    http://www.webmasterstop.com/tutoria...c-quotes.shtml


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •