Chris Shiflett wrote:
>> Maybe a daft question but why would you like to check for a
>> specific value?
>>
>> Can you give an example when this is a good thing to do?
>
> You might have two submit buttons, where you want to take a different
> action depending upon which one the user clicks.
You might also want to restrict any actions you take to specific values -
one part of authenticating that the input is valid and not from, say, a
spoofed form.
Someone else suggested using a function to do this - and this is what I do.
The function is part of a small library that I include into every page.
function clean_post($key, $length=FALSE, $request=FALSE, $stripslash=FALSE,
$stripmeta=FALSE) {
if(array_key_exists($key,$_POST)) {
$request = trim(strip_tags($_POST[$key]));
if($length) {
$request = substr($request,0,$length);
}
if($stripslash) { $request = stripslashes($request); }
if($stripmeta) { strip_meta($request); }
}
return $request;
}
You call with by passing the function a string representing the key you're
searching for in $_POST. If this isn't found, the function returns FALSE.
eg, $passwd = clean_post('passwd');
The value pulled from $_POST is run through strip_tags (you may or may not
want this. In my case, I always do because I don't accept HTML from user
input).The other parameters are optional, but offer increasing levels of
'cleaning' the data = ie, restricting its length, removing slashes and
stripping out meta chars.
The third parameter is a way of passing a default value to the function. In
this case, if the key you're searching for isn't found in $_POST, the
function returns that default value rather than FALSE.
--
@+
Steve
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
