I have the following iteration taking place in my code:
foreach($dirty_array as $k=>$v){
if($v == ''){
$clean_array[$k] = 'BLANK';
}else{
if(get_magic_quotes_gpc()){//Check for Magic Quotes...
$clean_array[$k] = mysql_real_escape_string(stripslashes(strip_tags($v)));//Todo: Sanitize here...
}else{//If no Magic Quotes...
$clean_array[$k] = mysql_real_escape_string(strip_tags($v));//Todo: Sanitize here...
}
}
}
As you can tell, I’m trying to use the mysql_real_escape_string to prep for database insertion, but the thing I learned tonight is that a notice pops-up because it expects a string (and not an array). Now that I see what happens with the foreach split, it makes sense that $v would be of type array because I guess it’s obviously an array element still, but it’s kinda weird to me because I envisioned $v as being a singular scalar value after the iteration. I guess I’m a bit mixed-up.
I’m sure you get the gist of what I’m trying to do above and I want to know if I should keep going with it. I’m just trying to prep everything in the array to be ready for the database. Should I keep going or am I going about this all wrong? If I’m on the right track, how do I fix the array-to-string notice issue?