This is just a basic example of my interpretation of your problem. YMMV and it has not been tested and may need tweaking depending on your codebase.
I'm also sure there would be a more professional approach that I'm not competent enough to explain.
if(isset($\_POST\['colors\_liked'\])){
// validate \_POST
$cl = $\_POST\['colors\_liked'\];
$safeColors = array('red','yellow','pink','green','orange','purple','blue');
foreach($cl as $color){
if (!ctype_alpha($color)){
// $cl included characters types that weren't alphabetical - suspicious
echo 'There was a problem. Please try again.';
// log what happened b4 exit?
exit();
}
}
// check if \_POST data is in an array of expected safe colors
if(!in\_array($cl, $safeColors)){
// $cl was not in permitted safe colors - suspicious
echo 'There was a problem. Please try again.';
// log what happened b4 exit?
exit();
}
// Iterate over the array
foreach($cl as $color){
echo 'You liked: '.$color.'<br>';
}
}