duansha8115 2016-03-07 18:37
浏览 133
已采纳

如何将PHP7的$ mysqli-> real_escape_string与数组一起使用

Before PHP7, I would combine implode and array_map to go through each of the values with mysql_real_escape_string to prepare them for a statement to avoid sql injection. e.g:

$values = implode("', '", array_map('mysql_real_escape_string', $sqlArray));

mysql_real_escape_string has been replaced now by mysqli::real_escape_string. How would the above code be done with the new methods just as easily using the mysqli class in an array_map?

  • 写回答

1条回答 默认 最新

  • dongyuan2388 2016-03-07 18:41
    关注

    You might be better off using prepared statements, but to the question, pass an array of object and method. This should work for anything that takes a callback:

    $result = array_map(array($mysqli, 'real_escape_string'), $sqlArray);

    Assuming you have a $mysqli object that you're working with from the mysqli class.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥35 平滑拟合曲线该如何生成
  • ¥100 c语言,请帮蒟蒻写一个题的范例作参考
  • ¥15 名为“Product”的列已属于此 DataTable
  • ¥15 安卓adb backup备份应用数据失败
  • ¥15 eclipse运行项目时遇到的问题
  • ¥15 关于#c##的问题:最近需要用CAT工具Trados进行一些开发
  • ¥15 南大pa1 小游戏没有界面,并且报了如下错误,尝试过换显卡驱动,但是好像不行
  • ¥15 没有证书,nginx怎么反向代理到只能接受https的公网网站
  • ¥50 成都蓉城足球俱乐部小程序抢票
  • ¥15 yolov7训练自己的数据集