我有以下选择值:
<select name="vibe_quiz_tags[]" id="vibe_quiz_tags" multiple="" class="chzn-select chosen select2-hidden-accessible" tabindex="-1" aria-hidden="true">
<option value="">Select Taxonomy</option>
<option value="4">Test1</option>
<option value="5">Test2</option>
</select>
如果同时选择了这两个值,则值将存储在我的数据库中,如下所示:
a:2:{i:0;s:1:"4";i:1;s:1:"5";}
当我发布此表单时,如何分配这些以在我的数据库中获取相同的输入?
答案 0 :(得分:0)
要将其安全地保存到数据库,您首先要清理输入,然后使用预准备语句将其插入数据库。类似的东西:
//Always sanitize first:
foreach($_POST['vibe_quiz_tags'] as $val)
{
if(!($val == 4 || $val == 5 || $val === ''))
{
die('User attempted to game the system, or submitted invalid input.');
}
}
// Serialize the data. This will get the format you have in the question.
$todb = serialize($_POST['vibe_quiz_tags']);
$db = new mysqli(/* Your database parameters here*/);
// Replace table and field with the correct table and field
// Prepare the statement
$stmnt = $db->prepare('insert into table (field) values (?)')
or die('Database error: ' . $db->error);
// Bind the parameter to be a string. Passing the serialized value.
$stmnt->bind_param('s',$todb) or die('Database error: ' . $db->error);
//Execute the statement.
$stmnt->execute() or die('Database error: ' . $stmnt->error);
// Close the statement.
$stmnt->close();
// Close the database connection.
$db->close();