The first foreach checks the $_GET array to see if any entries contain any http:// https:// or ftp:// references in the data
The second repeats the test but includes the $POST and $cookie arrays along with $GET
The third repeats the test again for the $_COOKIE array.
So the second foreach already included the checks that the first and third perform and so the first and third foreach are unnecessary.
Testing the array contents for references to those three strings will prevent some forms of hacking but will have no effect on others.