# $_POST[$value] not working



## scrubbicus (Jan 23, 2009)

It won't let me grab the value I'm trying to grab $_POST['email'] in this instance but I'm using a dynamic form that passes the key that was edited through $_POST['key'] which I do $key = $_POST['key'] (so now if email was edited $key = 'email' and then the value comes through $_POST['whatever value it was'] which I try to catch like this $value = $_POST[$key] but it says that index 'email' does not exist. but I can do this $value = $_POST['email'] and I can echo $key. so both of those are valid but the whole $_POST[$key] doesn't work.

any help is apprecieated thanks.


----------



## Big-K (Nov 22, 2003)

use var_dump($key) to make sure the datatype of $key is a string, firstly, if it isn't then cast it to string when you use it as the index (eg, $_POST["$key"]).


----------



## scrubbicus (Jan 23, 2009)

i dumped it and it is a string. to make sure i now have $key = (string) $_POST['key'] then I tried $_POST[$key] and $_POST["$key"] and tried putting it into an array $key = array($_POST['key']) then inserting it as $_POST[$key[0]] also tried $_POST[$_POST['key']] ALL OF those returns email but it's not understand there is an index called $_POST['email']. because i can echo $_POST['email'].


----------



## Big-K (Nov 22, 2003)

What happens if you echo $_POST[$key]?

If that works right, try using in_array() to make sure that php sees the variable as a key correctly.


----------



## MMJ (Oct 15, 2006)

Wait, what exactly are you trying to accomplish? You don't seem to be going the right way about it...

Other then that do this:

var_dump($_POST)

and see what output you get.


----------



## Big-K (Nov 22, 2003)

Also, it might be more secure, and fix your issue, to limit the values $key can be. An example would be:

switch($_POST['key']){
case 'email': $value = $_POST['email']; break;
case 'name': $value = $_POST['name']; break;
}

If you make a seperate case for each possible key, it's harder for someone with malicious intent to potentially hack your system, as they can't send a bogus key that you didnt account for.


----------

