array_map() probably obvious mistake


Posted on 16th Feb 2014 07:03 pm by admin

The code below is part of a class to escape strings, but should also accept an array, using array_map() to do the job. Unfortunately, passing an array results in the original, unescaped array being returned - can't figure out why? If you uncomment the echo statement, it is outputting the correct escaped string for each element of the array, so the callback is definitely happening.

public function escape_str($str)
{
if (is_array($str))
{
array_map(array('MYSQL_DB','escape_str'),$str);
}
else
{
if (get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
if (!is_numeric($str)) {
$str = "'" . mysql_real_escape_string($str) . "'";
//echo $str.'<br />';
}
}
return $str;
}

Example:
$xt = array("' OR ''=''",'"abcdefg"');
print_r($db->escape_str($xt));

Outputs original array, not escaped!

Can anyone help with this? Thanks.

No comments posted yet

Your Answer:

Login to answer
204 Like 21 Dislike
Previous forums Next forums
Other forums

Sending an SMS Message with ASP.NET
Often times it may be a requirement for your web application to send an SMS message. Such examples w

how to get values from $_Post with onchange="form.submit();"?
Hi, I have a form that submit to itself with a file upload field and two other hidden field values.<

empty() error
Why does

Code: empty($USER_ID = $_SESSION["USER_ID"])
create this error...

Auto-populating dropdowns and multiple forms.
Here's what I have so far:

First drop down = select a state (works)
This populates the sec

Really need helps regarding Pagination with Sort
I need someone helps regarding pagination problem...i actually want to make my page limited to let s

Sort Alternative/bi-monthly
Hi all,

Am going mad trying to get something to work.

I'm creating a CMS for a magazi

Function module "DPS_CHECK_TABLE_EXISTS" not found (after OSS 1422843 impl)
Dear All,

I implemented Note OSS 1422843.

When i execute the new report RSPO20

PHP Function Page Advice
Hi All, I am quite new to PHP and Javascript but have written an Online Shop (Mainly for Fun and edu

Include with Parameters
In a particular page I would like to include a file that requires $_GET parameters.

when I go

Delete all from a table
I can not get the following code to work. If I run the sql statement in the db it will delete all t

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash