Last active
August 29, 2015 13:58
-
-
Save iamkirkbater/10008699 to your computer and use it in GitHub Desktop.
This function takes an array of strings and then uses those strings to populate both the value and display fields of an <option> tag. Two optional parameters are included: $first and $selected. $first is used to customize what the first option tag will consist of. For example, if you are using this to sort a list of countries, you would change i…
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* Sanitizes a variable | |
* | |
* Sanitizes by reference for use with Array_Walk_Recursive. Remove the ampersand if you aren't using that function. | |
* | |
* @param $var - String to sanitize. | |
* @return string - Sanitized String | |
*/ | |
function sanitizeInput(&$var) { | |
$var = str_replace( | |
array("\xe2\x80\x98", "\xe2\x80\x99", "\xe2\x80\x9c", "\xe2\x80\x9d", "\xe2\x80\x93", "\xe2\x80\x94", "\xe2\x80\xa6"), | |
array("'", "'", '"', '"', '-', '--', '...'), | |
$var); | |
$var = str_replace( | |
array(chr(145), chr(146), chr(147), chr(148), chr(150), chr(151), chr(133)), | |
array("'", "'", '"', '"', '-', '--', '...'), | |
$var); | |
$var = trim($var); | |
$var = stripslashes($var); | |
$var = htmlentities($var, ENT_QUOTES); | |
$var = strip_tags($var); | |
return $var; | |
} | |
/** | |
* takes an array of strings and then returns a string of options. | |
* | |
* This function takes an array of strings and then uses those strings to populate both the | |
* value and display fields of an `<option>` tag. Two optional parameters are included: *first* and | |
* *selected*. *first* is used to customize what the first option tag will consist of. For example, if you | |
* are using this to sort a list of countries, you would change it from "Select One" to "Select a Country" or some | |
* other wording of your choice. *selected* is a flag that defaults to false but you would set it to an option in your | |
* array. This is useful for using this in a function that displays the same form for creating a data entry, or editing | |
* the same data entry after it's created and you want an easy way to add the already checked value back into the form. | |
* | |
* @param array $data | |
* @param string $first | |
* @param bool $selected | |
* @return string | |
*/ | |
function buildOptions($data, $first = "Select One", $selected = false) { | |
//Sanitize the data array for XSS Vulnerabilities (thanks Reddit/r/webdev and /r/php) | |
array_walk_recursive($data,sanitizeInput); | |
$first = sanitizeInput($first); | |
$html = ''; | |
if($selected==false) { | |
$html.='<option value="'.$first.'" selected="selected">'.$first.'</option>'; | |
} else { | |
$html.='<option value="'.$first.'">'.$first.'</option>'; | |
} | |
foreach($data as $option) { | |
$html.='<option value="'.$option.'"'; | |
if($option == $selected) { | |
$html.=' selected="selected"'; | |
} | |
$html.='>'.$option.'</option>'; | |
} | |
return $html; | |
} | |
/* | |
Example Usages: | |
Assume: $countries = array("Afghanistan", "Albania", ..., "Zimbobwe"); | |
For a blank form: | |
echo '<select name="mySelectName" id="mySelectID">'; | |
echo buildOptions($countries, "Select a Country"); | |
echo '</select>'; | |
For a populated form where "Panama" is in the $countries array and is to be the selected value: | |
echo '<select name="mySelectName" id="mySelectID">'; | |
echo buildOptions($countries, "Select a Country", "Panama"); | |
echo '</select>'; | |
*/ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Added XSS protection by sanitizing the input using my function sanitizeInput because of feedback received on Reddit.