【发布时间】:2021-06-01 20:57:48
【问题描述】:
我刚刚开始以编程方式清理 $_POST 输入作为新 PHP 项目的一部分,我遇到了这个问题 - 发布的值包括多选值,这些值作为 POST 数组中的其他数组发布。
Array
(
[return_url] => dataset
[dataset_name] => Retail
[dataset_collection] => Array
(
[0] => 183
[1] => 184
)
[dataset_purpose] => Array
(
[0] => 186
[1] => 188
[2] => 190
[3] => 191
)
[dataset_security] => Array
(
[0] => 192
[1] => 194
)
[dataset_location] => internal
[dataset_processor_name] => XXX
[dataset_processor_role] => XXX
[dataset_processor_email] => XXX@YYY
[dataset_processor_tel] => XXX
)
我已经构建了一个过滤器数组来通过 filter_input_array 推送 POST 值,并且很快意识到这没有正确处理数据...
$filters = array (
"return_url" => FILTER_SANITIZE_STRING,
"dataset_name" => FILTER_SANITIZE_STRING,
"dataset_collection" => FILTER_REQUIRE_ARRAY,
"dataset_purpose" => FILTER_REQUIRE_ARRAY,
"dataset_security" => FILTER_REQUIRE_ARRAY,
"dataset_location" => FILTER_SANITIZE_STRING,
"dataset_processor_name" => FILTER_SANITIZE_STRING,
"dataset_processor_role" => FILTER_SANITIZE_STRING,
"dataset_processor_email" => FILTER_VALIDATE_EMAIL,
"dataset_processor_tel" => FILTER_SANITIZE_STRING
);
$posted_data = filter_input_array(INPUT_POST, $filters);
Array
(
[return_url] => dataset
[dataset_name] => Customers - Retail
[dataset_collection] =>
[dataset_purpose] =>
[dataset_security] =>
[dataset_location] => internal
[dataset_processor_name] => XXX
[dataset_processor_role] => XXX
[dataset_processor_email] => XXX@YYY
[dataset_processor_tel] => XXX
)
我发现 this 建议使用递归数组遍历遍历数组的每个阶段,但这没有考虑不同的过滤器类型。
我知道,理论上,通过 FILTER_SANITIZE_STRING 推送每个值都可以,但是有谁知道动态创建 $filter 数组的方法,例如,基于 POST 中的值的数量,或者是最好的方法只需最初在 POST 数组上运行 filter_input_array 然后手动数组手动遍历数据集数组..?
【问题讨论】:
标签: php arrays post multidimensional-array sanitization