17

how to capture all fields in the $_POST VARIABLE? into an array?

$email = $_POST; $emails = array_keys($email); foreach($emails as $email) { echo '$' . nl2br($email); } $emailadd = new email_save; $emailadd->insert_email_into_database("POST VARIABLES GO HERE)

I'm trying to make an email list, name and email address, how do I capture all the variables that where posted that can normal be accessed like $_POST['email'] into an array so i can add them to the arguments in my functions?

My form field has 5 fields. The method is POST.

Instead of writing,

$email = mysql_real_escape_string($_POST['email']); $firstname = mysql_real_escape_string($_POST['firstname']);

I'm trying to access all the values in the $_POST[] array; So I can save time getting posted variables and add functions to those variables like mysql_real_escape_string();

Other security measures will be figured out.

I want to be able to add a reffrence of the array to a function so I can add them to the database.

Improve this question
4
  • 6
    Why not just pass $_POST directly? it's already an array... Commented Mar 17, 2011 at 22:09
  • I'm still not sure what your intentions are... Yould you try to rephrase the question? Commented Mar 17, 2011 at 22:11
  • 1
    Although I'd have to say that this is very unsafe, as you don't even check any of those values in $_POST - or are you doing this in the insert_email_into_database function? Commented Mar 17, 2011 at 22:11
  • I still need to secure the values in the array.. Commented Mar 17, 2011 at 22:24

3 Answers 3

Reset to default
16

If you want to capture a list from a POSTed form, then use the array syntax trick instead of enumerated input field names:

<input type="email" name="emails[]"> <input type="email" name="emails[]"> <input type="email" name="emails[]">

This way you need no guessing in PHP, because emails[] becomes an array implicitely then:

print_r($_POST["emails"]); foreach ($_POST["emails"] as $email) {

For database-escaping just use:

$db_emails = array_map("mysql_real_escape_string", $_POST["emails"]); // that's an array too
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

i'm also adding the names of the people? so with each time it posts I only add 1 of each..
Make the names an array too. <input name="firstname[]"> If they are grouped together, then each field shows up with the same index. foreach ($_POST["emails"] as $i=>$email) { echo $email, $_POST["firstname"][$i]; }
6

$_POST is already an array. Why not just pass that?

Improve this answer

Comments

2

Hmm...would something like this help?

<?php // blank array to hold emails $emails = array(); foreach ( $_POST as $key => $value ) { if ( preg_match('/email/', $key) ) { $this_email = $value; // quick check to see if it is valid $this_email = filter_var($this_email, FILTER_VALIDATE_EMAIL); // also escape it to prevent SQL injections $this_email = $mysqli->real_escape_string($this_email); $emails[] = $this_email; } } // $emails is now a nice, clean array of email addresses $emailadd->insert_email_into_database($emails); echo '<pre>'; print_r($emails); echo '</pre>'; ?> <form method="post" action="index.php"> <input type="text" name="email1" /><br /> <input type="text" name="email2" /><br /> <input type="text" name="email3" /><br /> <input type="submit" /> </form>
Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.