Here's a method I use to process incoming POSTed form fields. It has been pieced together into a technique from other ideas I've found.
Although I'm beginning to use PHP's filter more, this technique sticks around and I've used it on many big projects.
First in your form, define the fields you are expecting to receive from your FORM when someone submits it.
You can see that each element of the first array is the name of the expected field as it is named in the HTML file. In my HTML file I've created an array so all of the form fields look like FORM[type_id] or FORM[first_name].
$PAGE1_FORM_FIELDS = array(
'first_name' => array('type' => 'string'),
'last_name' => array('type' => 'string'),
'country_id' => array('type' => 'int'),
'type_id' => array('type' => 'int'),
'is_name_visible' => array('type' => 'bool')
Each element in the PHP above also has an array with only one element in this example which is the type of data you expect each to be. The reason the 'type' is part of an array is in the future it can be extended to add further elements without rewriting the code.
Now that the program knows what fields you are expecting and their data types we can go about processing them. I do this so often I've created a function.
When calling this function you would pass in the entire $_POST['FORM'] and it will return an array with only the fields you wanted thereby stripping out any malicious data that someone may have added like additional fields.
function clean_up_posted_form_array(&$POST_ARR, $FORM_FIELDS)
foreach ($FORM_FIELDS as $name => $sig)
$FORM["$name"] = trim(strip_tags(stripslashes($POST_ARR["$name"])));
Also, the settype will set the type of the variable you are working with. If your form had a dropdown box for country_id that could only pass a number between 1 and 250, and for some reason you got back a string like 'ducks' the settype would rewrite it to 0, an invalid number.
Using this technique you can get yourself an array from a POSTed form that only contains the fields you want, and only contains the datatypes that you expect.