Going through every POST variable

So when using this code on my form I get the following output:




while($i = current($_POST)) {
		echo key($_POST);
		echo '<br />';
		echo $i;
		echo '<br />';

Form (too long to post here): http://pastebin.com/5Gcsz42m

Why doesn’t it echo all of it?

Probably because that is assuming the cursor in $_POST is located at the beginning of the array.

Per the manual

Every array has an internal pointer to its “current” element, which is initialized to the first element inserted into the array.

However, all of the examples are numerically based index arrays. $_POST is not that type of an array, it is an associative array, and so the first inserted element, doesn’t necessarily mean that element is located at the beginning of the array.

It would be best to use a foreach loop, or to skip the loop altogether and just use print_r or var_dump

foreach ($_POST as $key => $val)
  echo $key . '<br />' . $val . '<br />';

// OR
echo '<pre>';
echo '</pre>';

// OR
echo '<pre>';
echo '</pre>';

Thanks, I started with Java and get confused or don’t know every validators in PHP yet. The validators (the brackets after if, English isn’t my primary language so I’m not always sure if the word I’m typing is the correct one) are much more simple in Java because there are less options with more outcomes if you know what I mean.

while($i = current($_POST)) {

is not your best condition to check. If the value is “falsy” (empty string, zero) it will break the loop. That’s likely what was happening to you. foreach() as shown in the previous post would be better.

You may also want to check the $_POST for any illegal characters and sanitize against possible XSS attacks.

Current setup would not prevent code being inserted by placing


in your input box.





would help to avoid this.

Of course I’m clearing unwanted characters, don’t play me for a fool.