dongxing4643 2010-06-23 11:07
浏览 87
已采纳

很多'if语句',还是冗余的mysql查询?

$url = mysql_real_escape_string($_POST['url']); $shoutcast_url = mysql_real_escape_string($_POST['shoutcast_url']); $site_name = mysql_real_escape_string($_POST['site_name']); $site_subtitle = mysql_real_escape_string($_POST['site_subtitle']); $email_suffix = mysql_real_escape_string($_POST['email_suffix']); $logo_name = mysql_real_escape_string($_POST['logo_name']); $twitter_username = mysql_real_escape_string($_POST['twitter_username']);

with all those options in a form, they are pre-filled in (by the database), however users can choose to change them, which updates the original database. Would it be better for me to update all the columns despite the chance that some of the rows have not been updated, or just do an if ($original_db_entry = $possible_new_entry) on each (which would be a query in itself)?

Thanks

  • 写回答

4条回答 默认 最新

  • dongshuan8722 2010-06-23 11:10
    关注

    I'd say it doesn't really matter either way - the size of the query you send to the server is hardly relevant here, and there is no "last updated" information for columns that would be updated unjustly, so...

    By the way, what I like to do when working with such loads of data is create a temporary array.

    $fields = array("url", "shoutcast_url", "site_name", "site_subtitle" , ....); 

foreach ($fields as $field)
 $$field = mysql_real_escape_string($_POST[$field]);

    the only thing to be aware of here is that you have to be careful not to put variable names into $fields that would overwrite existing variables.

    Update: Col. Shrapnel makes the correct and valid point that using variable variables is not a good practice. While I think it is perfectly acceptable to use variable variables within the scope of a function, it is indeed better not use them at all. The better way to sanitize all incoming fields and have them in a usable form would be:

    $sanitized_data = array();
$fields = array("url", "shoutcast_url", "site_name", "site_subtitle" , ....); 

foreach ($fields as $field)
 $sanizited_data[$field] = mysql_real_escape_string($_POST[$field]);

    this will leave you with an array you can work with:

    $sanitized_data["url"] = ....
$sanitized_data["shoutcast_url"] = ....
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(3条)

报告相同问题?

悬赏问题

  • ¥15 解决一个加好友限制问题 或者有好的方案
  • ¥15 关于#java#的问题,请各位专家解答!
  • ¥15 急matlab编程仿真二阶震荡系统
  • ¥20 TEC-9的数据通路实验
  • ¥15 ue5 .3之前好好的现在只要是激活关卡就会崩溃
  • ¥50 MATLAB实现圆柱体容器内球形颗粒堆积
  • ¥15 python如何将动态的多个子列表,拼接后进行集合的交集
  • ¥20 vitis-ai量化基于pytorch框架下的yolov5模型
  • ¥15 如何实现H5在QQ平台上的二次分享卡片效果?
  • ¥30 求解达问题(有红包)