Before PHP7, I would combine implode
and array_map
to go through each of the values with mysql_real_escape_string
to prepare them for a statement to avoid sql injection. e.g:
$values = implode("', '", array_map('mysql_real_escape_string', $sqlArray));
mysql_real_escape_string
has been replaced now by mysqli::real_escape_string. How would the above code be done with the new methods just as easily using the mysqli class in an array_map?