Tell me more ×
Stack Overflow is a question and answer site for professional and enthusiast programmers. It's 100% free, no registration required.
up vote 5 down vote favorite
1

I am using PHP filter to perfom basic sanitization and validation of form data.

The principle problem I am having is that I mark my form up so that all the data is in one array for the POST input. e.g. form fields, page[name], page[slug], page[body], page[status], etc.

Using the following:

filter_input(INPUT_POST, 'page[name]', FILTER_SANITIZE_STRING);
OR
filter_input(INPUT_POST, "page['name']", FILTER_SANITIZE_STRING);

I am unable to access the variable. Can someone please tell me the correct name to use to access array data using filter_input()

share|improve this question
btw i search like mad on google and turned up nothing. – user137621 May 3 '10 at 20:12
Are you sure the variable has a value before sanitizing? – Anthony Forloney May 3 '10 at 20:24
@anthony yes it does have a value, if i send it through as name it is fine. just not sure of the notation to access an array key using this filter method. – user137621 May 3 '10 at 20:26

2 Answers

up vote 2 down vote accepted

I don't think that you can access the single value (easily, as you want), however you could just filter the page array and get the value that you want.

$page = filter_input(INPUT_POST, 'page', FILTER_SANITIZE_STRING, FILTER_REQUIRE_ARRAY);
if (array_key_exists('name', $page)) {
    $name = $page['name'];
}

Or, if you're OK with losing the ability to work with the raw input then you could just use:

if (isset($_POST['page']['name'])) {
    $name = filter_var($_POST['page']['name'], FILTER_SANITIZE_STRING);
}

Both, however, are pretty ugly.

share|improve this answer
yeah, both are super ugly. i might as well switch the form to single var names, and avoid the problem. shame that is not supported. – user137621 May 4 '10 at 9:23
Absolutely. Single names are much more convenient (for the filter extension) to work with in your case; unfortunately. – salathe May 4 '10 at 9:47
Please check @Fletcher Moore's answer. Very elegant and effective! – patrick Dec 14 '12 at 16:23
up vote 1 down vote

How about

$_POST['page'] = filter_var_array($_POST['page'], FILTER_SANITIZE_STRING);
share|improve this answer

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.