0

I have $_POST with 20 keys. I want to apply mysqli_real_escape_string() for the entire $_POST array. So, should I apply mysqli_real_escape_string() to all 20 keys separately? Or is there any loop or any specific function available for it?

My Post array is like the example below:

$_POST =array(
      "A1"=>'xxxxxxxx',
      "A2"=>'xxxxxxxx',
      ........
      ........
      ........
      ..........
      .........
      .........
      "A20"=> 'xxxxxxxxx'
);
Improve this question
1
  • 5
    STOP!! "I want to apply mysqli_real_escape_string() for entire $_POST array" — That is a bad solution to pretty much any problem. Data should be escaped at the last moment before being used for whatever it is being used for (i.e. just before being inserted into SQL not just after it comes out of HTTP). What's more, mysqli_real_escape_string should be avoided in favour of bound variables / prepared statements.
    – Quentin
    Commented May 17, 2018 at 9:09

1 Answer 1

Reset to default
-2

You can do something like this:

$escaped = array_map(function($var) use ($mysqli){
    return mysqli_real_escape_string($mysqli, $var);
},$_POST);
Improve this answer
4

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.