duansha8115 2016-03-07 18:37
浏览 133
已采纳

如何将PHP7的$ mysqli-> real_escape_string与数组一起使用

Before PHP7, I would combine implode and array_map to go through each of the values with mysql_real_escape_string to prepare them for a statement to avoid sql injection. e.g:

$values = implode("', '", array_map('mysql_real_escape_string', $sqlArray));

mysql_real_escape_string has been replaced now by mysqli::real_escape_string. How would the above code be done with the new methods just as easily using the mysqli class in an array_map?

  • 写回答

1条回答 默认 最新

  • dongyuan2388 2016-03-07 18:41
    关注

    You might be better off using prepared statements, but to the question, pass an array of object and method. This should work for anything that takes a callback:

    $result = array_map(array($mysqli, 'real_escape_string'), $sqlArray);

    Assuming you have a $mysqli object that you're working with from the mysqli class.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 关于大棚监测的pcb板设计
  • ¥20 sim800c模块 at指令及平台
  • ¥15 stm32开发clion时遇到的编译问题
  • ¥15 lna设计 源简并电感型共源放大器
  • ¥15 如何用Labview在myRIO上做LCD显示?(语言-开发语言)
  • ¥15 Vue3地图和异步函数使用
  • ¥15 C++ yoloV5改写遇到的问题
  • ¥20 win11修改中文用户名路径
  • ¥15 win2012磁盘空间不足,c盘正常,d盘无法写入
  • ¥15 用土力学知识进行土坡稳定性分析与挡土墙设计