Morning All,
I've been figthing with this little problem for two days now, so far no luck
with google and am beginning to question my own sanity.
I have a application that has over one hundred forms some quite lengthy so
what I'm trying to achieve rather than writing a bunch of individual
sanitize statements then form validation statemenst that I could run $_POST
through a foreach loop and filter the values by form class i.e.is it an
emaill addreess or simply a text block with letters and numbers. The regex's
alone work fine as does the foreach loop the only issue I have is the IF
statement comparing $key to expected varieable names.
Heres the bit of code envolved.
if(isset($_POST['submit'])){
foreach($_POST as $keyTemp => $valueTemp){
$key = mysqlclean($keyTemp);
$value = mysqlclean($valueTemp);
$$key = $key;
$$key = $value;
if($key != ("$customerServiceEmail") || ("$billingEmail") ||
("$website")){
if(preg_match("/[^a-zA-Z0-9\s]/", $value)){
$style = "yellow";
$formMsg = "Invalid Characters";
$bad = $key;
}
}
if($key = ("$customerServiceEmail") || ("$billingEmail")){
if(preg_match("/^([a-za-z0-9._%...@[a-za-z0-9.-]+\.[a-za-z]{2,4})*$/",
$value)){
$style = "yellow";
$formMsg = "Invalid Characters";
$bad = $key;
}
}
}
}
Thanks for taking a peek.
Haig
