>if (is_array($_POST)) {
> foreach($_POST as $name=>$value) {
> ${$name} = $value;
> }
>}
or use this
if (is_array($_POST))
{
extract($_POST);
}
Jaski
__
Do you Yahoo!?
Yahoo! Search - Find what youÂ’re looking for faster
http://search.yahoo.com
--
PHP Gen
'];
>
>
>
> and there you go, you can now easily spot a typo too :-)
>
> Hans
>
>
> PS: If you read this with variable-width font
> you might think I am an idiot. never mind.
>
>
> > Date: Thu, 11 Mar 2004 14:51:25 +
> > From: Mike Map
try'];
and there you go, you can now easily spot a typo too :-)
Hans
PS: If you read this with variable-width font
you might think I am an idiot. never mind.
> Date: Thu, 11 Mar 2004 14:51:25 +
> From: Mike Mapsnac <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subj
ge Reference : Types : Strings
-Messaggio originale-
Da: Mike Mapsnac [mailto:[EMAIL PROTECTED]
Inviato: venerdì 12 marzo 2004 14.40
A: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Oggetto: RE: R: [PHP] Get "nice" variables from POST
I try to use quotes in the query and this doesn'
On 12 Mar 2004 Richard Davey wrote:
> Indeed.. roll-on input filters in PHP5 :)
Hmmm, can't find the docs on those online.
--
Tom
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
On 12 Mar 2004 Mike Mapsnac wrote:
> I try to use quotes in the query and this doesn't work.
>$query = "SELECT * FROM user WHERE user_id = '$_POST['user_id']}'";
> But you use brackets and it works.. Why do you use brackets ?
> $query = "SELECT * FROM user WHERE user_id = ${_POST['user_id']}";
you use brackets and it works.. Why do you use brackets ?
> $query = "SELECT * FROM user WHERE user_id = ${_POST['user_id']}";
>
>
> >From: "Alessandro Vitale" <[EMAIL PROTECTED]>
> >To: "Mike Mapsnac" <[EMAIL PROTECTED]>,<
Try to use
$query = "SELECT * FROM user WHERE user_id = $_POST['user_id']";
-Original Message-
From: Mike Mapsnac [mailto:[EMAIL PROTECTED]
Sent: Friday, March 12, 2004 3:40 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: [PHP] RE: R: [PHP] Get "nice"
er_id']}";
From: "Alessandro Vitale" <[EMAIL PROTECTED]>
To: "Mike Mapsnac" <[EMAIL PROTECTED]>,<[EMAIL PROTECTED]>
Subject: R: [PHP] Get "nice" variables from POST
Date: Thu, 11 Mar 2004 17:30:57 +0100
hi,
why don't you simple use the $_P
Hello trlists,
Friday, March 12, 2004, 3:56:23 AM, you wrote:
tcc> It seems to me that for security one wants both things -- first, to
tcc> move only what you need from _POST into the global symbol table, and
tcc> second, validate it thoroughly.
Indeed.. roll-on input filters in PHP5 :)
--
Bes
On 11 Mar 2004 Chris Shiflett wrote:
> The risk is no greater than what the original poster wants to do anyway:
>
> $foo = $_POST['foo'];
>
> Whether $foo is created by register_globals being enabled or by the
> previous code, there is no difference in risk. The data should still be
> considered
--- [EMAIL PROTECTED] wrote:
> Yes but register_globals carries substantial security risks since a
> hacker can then set any script variable they wish merely by POSTing it
> back in response to your form.
The risk is no greater than what the original poster wants to do anyway:
$foo = $_POST['fo
On 11 Mar 2004 Rob Adams wrote:
> Along the same lines, I've found this helpful when inserting into mysql.
>
> foreach($_POST as $key => $val)
> $$key = mysql_escape_string($val);
I just wrote a cleanup routine which applies a number of
transformations -- it's called at the start of every pag
"Mike Mapsnac" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
>
>
> >From: Marek Kilimajer <[EMAIL PROTECTED]>
> >
> >$fields = array('username', 'password', ...);
> >foreach($fields as $key) $$key = $_POST[$key];
> >
> Thanks.
>
> It looks much nicer :)
Along the same lines, I've fou
PROTECTED]
Oggetto: [PHP] Get "nice" variables from POST
I have about 10 fields in the form. And I get the fields through POST:
//Get Variable from the form
$username = $_POST['username'];
$password = $_POST['password'];
$password2 = $_POST['password2'];
$e
Hey Richard,
> See Chapter 7 (Variables) of the PHP manual.
I remember reading about variable variables and also remember not
understanding them :-)
Will go through ch.7 again.
Thanks.
Cheers,
-Ryan
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/un
Hello Ryan,
Thursday, March 11, 2004, 3:29:32 PM, you wrote:
>> Does this look nicer?
>>
>> $fields = array('username', 'password', ...);
>> foreach($fields as $key) $$key = $_POST[$key];
RA> A bit confused...whats the meaning of the double $ for "key"...or is that a
RA> typo?
It creates a vari
> Does this look nicer?
>
> $fields = array('username', 'password', ...);
> foreach($fields as $key) $$key = $_POST[$key];
Hi Marek,
A bit confused...whats the meaning of the double $ for "key"...or is that a
typo?
Thanks,
-Ryan
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe,
On Thu, Mar 11, 2004 at 02:51:25PM +, Mike Mapsnac wrote:
> I have about 10 fields in the form. And I get the fields through POST:
> //Get Variable from the form
> $username = $_POST['username'];
> $password = $_POST['password'];
> $password2 = $_POST['password2'];
> $email = $_POST['email'];
>
Thanks.
It looks much nicer :)
From: Marek Kilimajer <[EMAIL PROTECTED]>
To: Mike Mapsnac <[EMAIL PROTECTED]>
CC: [EMAIL PROTECTED]
Subject: Re: [PHP] Get "nice" variables from POST
Date: Thu, 11 Mar 2004 15:59:07 +0100
Mike Mapsnac wrote:
I have about 10 fields in t
On 11 Mar 2004 Teren wrote:
> If you have register_globals on in your php.ini file, you don't need to do
> that. You just automatically have access to all of those variables like
> $username and $password etc. Whatever the name is on the field is what the
> string will be called and the action scr
On 11 Mar 2004 Mike Mapsnac wrote:
> I'm looking for "nice" way to get variables from POST?
Well you can do it easily with extract:
extract($_POST);
This has the same security risks as turning register_globals on, it
allows hackers to set any variable they wish.
A better method might
ly by
$+the_field_name.
- Original Message -
From: "Mike Mapsnac" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, March 11, 2004 9:51 AM
Subject: [PHP] Get "nice" variables from POST
> I have about 10 fields in the form. And I get the fields
Mike Mapsnac wrote:
I have about 10 fields in the form. And I get the fields through POST:
//Get Variable from the form
$username = $_POST['username'];
$password = $_POST['password'];
$password2 = $_POST['password2'];
$email = $_POST['email'];
$email2 = $_POST['email2'];
$nickname = $_POST['name']
I have about 10 fields in the form. And I get the fields through POST:
//Get Variable from the form
$username = $_POST['username'];
$password = $_POST['password'];
$password2 = $_POST['password2'];
$email = $_POST['email'];
$email2 = $_POST['email2'];
$nickname = $_POST['name'];
$city = $POST['city
25 matches
Mail list logo
