我正在使用数组,我想在我的POST中插入mysql_real_escape_string
我该怎么做?
$add = array();
foreach($add as $key=>$_POST)
{
$add['description'] = $_POST['description'];
$add['logo'] = $_POST['logo'];
$add['status'] = $_POST['status'];
$add['localization'] = $_POST['localization'];
$add['contract_type'] = $_POST['contract_type'];
}
答案 0 :(得分:0)
制作这样的功能
function safe($value) {
return mysqli_real_escape_string($value);
}
然后
$add = array();
foreach($add as $key=>$_POST) {
$add['description'] = safe($_POST['description']);
$add['logo'] = safe($_POST['logo']);
$add['status'] = safe($_POST['status']);
$add['localization'] = safe($_POST['localization']);
$add['contract_type'] = safe($_POST['contract_type']);
}
答案 1 :(得分:0)
试
foreach($add as $key=>$_POST) {
$add['description'] = mysql_real_escape_string($_POST['description']);
$add['logo'] = mysql_real_escape_string($_POST['logo']);
$add['status'] = mysql_real_escape_string($_POST['status']);
$add['localization'] = mysql_real_escape_string($_POST['localization']);
$add['contract_type'] = mysql_real_escape_string($_POST['contract_type']);
}
注意: - mysql_*已被弃用,使用mysqli_*或PDO