消息
创作中心
duanlu1950 2015-09-15 23:55
浏览 48
已采纳

PHP从循环中转义某些$ _post值

I got a form which passes dynamic stock qty send to update in database, as below:

if($_POST) {

    $cid = $_POST['prod_id'];

    foreach($_POST as $key => $value){
        $q  = "UPDATE `stock` SET";
        $q .= " in_stock=in_stock + '".$value."'";
        $q .= " WHERE cid='".$cid."' AND sid='".$key."'";

        echo $q.'<br />';
    }

}

However, the echo queries is output like:

UPDATE `stock` SET in_stock=in_stock + '2' WHERE cid='2' AND sid='prod_id'
UPDATE `stock` SET in_stock=in_stock + '1' WHERE cid='2' AND sid='qty-2'
UPDATE `stock` SET in_stock=in_stock + '2' WHERE cid='2' AND sid='qty-3'
UPDATE `stock` SET in_stock=in_stock + '3' WHERE cid='2' AND sid='qty-4'
UPDATE `stock` SET in_stock=in_stock + '8' WHERE cid='2' AND sid='qty-5'

The first query should not be include in a loop, but that is part of $_post input for cid, is there any workaround to escape the first query out of the update loop?

  • 写回答

1条回答 默认 最新

  • duanniubeng2265 2015-09-16 00:29
    关注

    As repox mentioned, inserting a simple array_shift() to remove the first element of the array would be easy:

    if($_POST) {

    $cid = $_POST['prod_id'];
    array_shift($_POST);
    foreach($_POST as $key => $value){
    ...

    But since you cannot rely on that you recieve the form elements always in the same order (or will not add other elements in the future), i would instead recommend filtering them:

        ...
    foreach($_POST as $key => $value){
        if (!preg_match('/^qty-/', $key)) continue;
        $q  = "UPDATE `stock` SET";
        ...
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
编辑
预览

报告相同问题?

手机看
程序员都在用的中文IT技术交流社区

程序员都在用的中文IT技术交流社区

专业的中文 IT 技术社区,与千万技术人共成长

专业的中文 IT 技术社区,与千万技术人共成长

关注【CSDN】视频号,行业资讯、技术分享精彩不断,直播好礼送不停!

关注【CSDN】视频号,行业资讯、技术分享精彩不断,直播好礼送不停!

 客服 返回
顶部