array_map() probably obvious mistake


Posted on 16th Feb 2014 07:03 pm by admin

The code below is part of a class to escape strings, but should also accept an array, using array_map() to do the job. Unfortunately, passing an array results in the original, unescaped array being returned - can't figure out why? If you uncomment the echo statement, it is outputting the correct escaped string for each element of the array, so the callback is definitely happening.

public function escape_str($str)
{
if (is_array($str))
{
array_map(array('MYSQL_DB','escape_str'),$str);
}
else
{
if (get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
if (!is_numeric($str)) {
$str = "'" . mysql_real_escape_string($str) . "'";
//echo $str.'<br />';
}
}
return $str;
}

Example:
$xt = array("' OR ''=''",'"abcdefg"');
print_r($db->escape_str($xt));

Outputs original array, not escaped!

Can anyone help with this? Thanks.

No comments posted yet

Your Answer:

Login to answer
204 Like 21 Dislike
Previous forums Next forums
Other forums

Passing JS to PHP
So I have the following
Code: <?php
getdetails(?><script type="text/

session_destroy();
new to php
I have a simple login and am trying to write a logout.
I set a $_SESSION var to 1 i

question about stripslashes and real_escape_string
im cleaning up an old app that I wrote fixing some of the vulernabilities from attacks.

I hav

Must be a string? Huh, what? HELP?
with the following script, I get
Fatal error: Property name must be a string in /home/content/e/

Creating XML with php
I need to creat an XML with php and have successfully produced a valid output.
The problem I hav

php redirecting
i wont open a new thread but i have a question about redirecting....
i wonder why my code doesnt

is this the proper use of mysql_real_escape_string() to prevent sql injections?
i was wondering is this the proper use of mysql_real_escape_string() to prevent sql injections? any

pop3 and fsockopen
So I am able to connect to the pop3 server, log in, and check how many messages there are. I am hav

Javascript or not?
How many people prefer javascript/ajax sites? How many prefer the good old fashion straight php sit

Pop-up Banner
Hello Friends,I need to use banner in our client site.Example: www.example.com if i enter this site

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash