假设我有一组带有非数字键的键值对。如果我要在SQL INSERT语句中将这些键用作值,那么清除它们是否也很重要?
类似的东西:
$food = array('fruit'=>'apple', 'veggie'=>'tomato', 'bread'=>'wheat');
foreach($food as $foodType => $nameOfFood)
{
$nameOfFood = stripslashes($nameOfFood);
$foodType = stripslashes($foodType); //Is this necessary?
$query = "INSERT INTO Foods(FoodType, NameOfFood) VALUES ($foodType, $nameOfFood)";
// Execute query
}
如果$food数组是通过POST语句填充的,那么清理密钥会是一个问题吗?