How to secure multiple select box options?

Question

Do you need to secure multiple select boxes being that the options are already set rather then user input?

I use this function to secure regular inputs:

function keepmesafe($input) 
 {
  if(get_magic_quotes_gpc() == true)
    {
     $input = stripslashes($input);
   }
   return htmlspecialchars($input);
}

but when I use it on multiple select i get this warning:

Warning: htmlspecialchars() expects parameter 1 to be string, array given in ...

I understand the warning it expects a string but gets an array, so if you do need to secure what do I need to change in the current function or has anyone a function for this?

score 0 · Answer 1 · edited May 23 '17 at 10:09

Like the warning says, you are sending an array to a function that only accepts strings. You should send a single string to the function htmlspecialchars, or modify the function to something like this:

    function keepmesafe($input) 
    {
        if(is_array($input))
        {
            foreach($input as $key => $value) 
            {
                $input[$key] = keepmesafe($value); 
            }   
            return $input;
        }


        if(get_magic_quotes_gpc() == true)
        {
            $input = stripslashes($input);
        }

        return htmlspecialchars($input);
    }

You can find more on user input and security here.

How to secure multiple select box options?

1 Answers1