3

Been experiencing this error for a little while and can't find any conclusive answers on fixing it. I have tried removing quotes from $key in line 59 but to no avail.

if (!get_magic_quotes_gpc()) {
 if (isset($_POST)) {
 foreach ($_POST as $key => $value) {
 $_POST['$key'] = trim(addslashes($value));
 }
 }
 if (isset($_GET)) {
 foreach ($_GET as $key => $value) {
 $_GET[$key] = trim(addslashes($value));
 }
 } 
}

LINE 59

$_POST['$key'] = trim(addslashes($value));

Error On Screen

Notice: Array to string conversion in C:\Inetpub\vhosts\domain.com\httpdocs\library\config.php on line 59

asked Sep 12, 2013 at 8:22
4
  • not $_POST['key']?? , anyways your post value is an array. That's why you're getting error Commented Sep 12, 2013 at 8:25
  • @Sudhir so just rename $value to something else? Commented Sep 12, 2013 at 8:25
  • It looks like a very bad practice. If you need to escape user inputs (Assuming you're using MySQL), please read about prepared statements Commented Sep 12, 2013 at 8:26
  • 1
    This is all my fault (see this change in the PHP core: svn.php.net/viewvc?view=revision&revision=318288), but for a good reason: in october 2011 I stumbled upon a very hard-to-debug issue that was caused by a silent conversion of an array as a string. Prior to PHP 5.4, an array being used as a string was silently converted as "Array". Since there was no way of being alerted by such silent conversion and the fact that this is a destructive operation that just doesn't make sense, I decided to fix this by emitting a notice since this should never happen in correctly written program. Commented May 14, 2014 at 12:34

4 Answers 4

2

Check if it is array before you assign it

$_POST[$key] = !is_array($value) ? trim(addslashes($value)) : '';
 // ^ Remove the quotes here // ^ Do something 
 // Instead of 
 // Using empty
answered Sep 12, 2013 at 8:25
Sign up to request clarification or add additional context in comments.

4 Comments

Just using that seems to get rid of the error. What would you suggest should be done instead of leaving it empty?
@Beardy, Create an handler both cases one being array and one being string.
I have used this $_POST[$key] = !is_array($value) ? trim(addslashes($value)) : $value;
@Beardy, That will return array in case in it array. If that fits your need then should be ok.
0

According to PHP.net the function addslashes() takes a String type as parameter. Check what type $value is. If it is an array itself then addslashes() may be throwing the error.

PS: You should use $_POST[$key] rather than $_POST['$key'] if you want to use the value of $key as the index of the $_POST array.

answered Sep 12, 2013 at 8:32

Comments

0

I think you should use this code $_POST[$key] = $value; instead of using this $_POST['$key'] = trim(addslashes($value));

or make a check if the value is in array or not

answered Sep 12, 2013 at 8:29

2 Comments

And how about the quotes around $key, eh?
It should be $_POST[$key] = $value; I have edited my answer. Thanks for pointing it !
0

Do this:

foreach ($_POST as &$value) {
 $value = is_array($value) ?
 array_map(function($x) { return trim(addslashes($x)); } :
 trim(addslashes($value));
}

However, this could still fail if any of your parameters are multi-dimensional arrays. As mentioned in the comments, the right solution is to use prepared queries with parameters, rather than interpolating strings into SQL.

answered Sep 12, 2013 at 8:49

Comments

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.