foreach($_POST as $varname => $value)
$_SESSION["propertyFormVars"]["{$varname}"] = $DB->clean($value);
Some of my $_POST parameters are arrays and the clean method expects a string. I guess what I need to know is where to check for the array and loop so that I dont lose the structure when 'cleaning' the parameters
function clean($variable) {
$variable = strip_tags(trim($variable));
return mysqli_real_escape_string($this->connection, $variable);
}
