Posted by Robert Cummings on 08/25/05 06:20

On Wed, 2005-08-24 at 23:06, Graham Anderson wrote:
> Is there a way to loop thru all of these GET requests by:
> putting the GET variables into an array
> processing the variable strings with trim/striptags/etc in a loop
> exploding the variables back out into separate variables
>
> otherwise this gets a bit tedious :(
>
> many thanks in advance
> g
>
>
> $userID = $_GET['userID'];
> $playlistName = $_GET['playlistName'];
> $language = $_GET['language'];
> $query = $_GET['query'];
> $mediaID = $_GET['mediaID'];
>
>
> # did we get $userID in a GET request ?
> if(!isset($userID)){
> # add a default query here
> $userID = "unknown" ;
> }
> # did we get $playlistName in a GET request ?
> if(!isset($playlistName)){
> # add a default query here
> $playlistName = "Unknown" ;
> }
> # did we get $language in a GET request ?
> if(!isset($language)){
> # add a default language here
> $language = "spanish" ;
> }
> # did we get $query in a GET request ?
> if(!isset($query)){
> $query = "unknown" ;
> }
> # did we get $mediaID in a GET request ?
> if(!isset($mediaID)){
> # add a default query here
> $mediaID = "unknown" ;
> }
> $userID = trim(strip_tags($userID));
> $playlistName = trim(strip_tags($playlistName));
> $language = trim(strip_tags($language));
> $query = trim(strip_tags($query));
> $mediaID = trim(strip_tags($mediaID));
>
> mysql_real_escape_string($userID);
> mysql_real_escape_string($playlistName);
> mysql_real_escape_string($language);
> mysql_real_escape_string($query);
> mysql_real_escape_string($mediaID);


function getGetVar( $key, $default=null )
{
return isset( $_GET[$key] ) ? $_GET[$key] : $default;
}

function getGetVarProcessed( $key, $process, $default=null )
{
return $process( getGetVar( $key, $default ) );
}

function cleanser( $value )
{
return mysql_real_escape_string( trim( $value ) ) );
}

$userID = getGetVarProcessed( 'userID', 'cleanser', 'unknown' );
$playlistName = getGetVarProcessed( 'playerlistName', 'cleanser',
'unknown' );
$language = getGetVarProcessed( 'language', 'cleanser', 'unknown' );
$query = getGetVarProcessed( 'query', 'cleanser', 'unknown' );
$mediaID = getGetVarProcessed( 'mediaID', 'cleanser', 'unknown' );

Cheers,
Rob
--
..------------------------------------------------------------.
| InterJinn Application Framework - http://www.interjinn.com |
:------------------------------------------------------------:
| An application and templating framework for PHP. Boasting |
| a powerful, scalable system for accessing system services |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for |
| creating re-usable components quickly and easily. |
`------------------------------------------------------------'

• Next in forum: Re: [PHP] Easier way to clean GET Variables ?
• Prev in forum: Re: [PHP] php vulnerability
• Thread view: Re: [PHP] Easier way to clean GET Variables ?

[Reply to this message]