17

how to capture all fields in the $_POST VARIABLE? into an array?

$email = $_POST;
$emails = array_keys($email);
foreach($emails as $email) {
        echo '$' . nl2br($email);
}
$emailadd = new email_save;
$emailadd->insert_email_into_database("POST VARIABLES GO HERE)

I'm trying to make an email list, name and email address, how do I capture all the variables that where posted that can normal be accessed like $_POST['email'] into an array so i can add them to the arguments in my functions?

My form field has 5 fields. The method is POST.

Instead of writing,

$email = mysql_real_escape_string($_POST['email']);
$firstname = mysql_real_escape_string($_POST['firstname']);

I'm trying to access all the values in the $_POST[] array; So I can save time getting posted variables and add functions to those variables like mysql_real_escape_string();

Other security measures will be figured out.

I want to be able to add a reffrence of the array to a function so I can add them to the database.

Improve this question
4
  • 6
    Why not just pass $_POST directly? it's already an array... Commented Mar 17, 2011 at 22:09
  • I'm still not sure what your intentions are... Yould you try to rephrase the question? Commented Mar 17, 2011 at 22:11
  • 1
    Although I'd have to say that this is very unsafe, as you don't even check any of those values in $_POST - or are you doing this in the insert_email_into_database function? Commented Mar 17, 2011 at 22:11
  • I still need to secure the values in the array.. Commented Mar 17, 2011 at 22:24

3 Answers 3

Reset to default
16

If you want to capture a list from a POSTed form, then use the array syntax trick instead of enumerated input field names:

<input type="email" name="emails[]">
<input type="email" name="emails[]">
<input type="email" name="emails[]">

This way you need no guessing in PHP, because emails[] becomes an array implicitely then:

print_r($_POST["emails"]);
foreach ($_POST["emails"] as $email) {

For database-escaping just use:

$db_emails = array_map("mysql_real_escape_string", $_POST["emails"]);
// that's an array too
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

i'm also adding the names of the people? so with each time it posts I only add 1 of each..
Make the names an array too. <input name="firstname[]"> If they are grouped together, then each field shows up with the same index. foreach ($_POST["emails"] as $i=>$email) { echo $email, $_POST["firstname"][$i]; }
6

$_POST is already an array. Why not just pass that?

Improve this answer

Comments

2

Hmm...would something like this help?

<?php
// blank array to hold emails
$emails = array();

foreach ( $_POST as $key => $value )
{
    if ( preg_match('/email/', $key) )
    {
        $this_email = $value;
        // quick check to see if it is valid
        $this_email = filter_var($this_email, FILTER_VALIDATE_EMAIL);
        // also escape it to prevent SQL injections
        $this_email = $mysqli->real_escape_string($this_email);
        $emails[] = $this_email;
    }
}

// $emails is now a nice, clean array of email addresses
$emailadd->insert_email_into_database($emails);

echo '<pre>';
print_r($emails);
echo '</pre>';
?>

<form method="post" action="index.php">
    <input type="text" name="email1" /><br />
    <input type="text" name="email2" /><br />
    <input type="text" name="email3" /><br />
    <input type="submit" />
</form>
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.