如何使用mysqli_real_escape_string处理由json ajax解析的数组?
[英]How to use mysqli_real_escape_string to san an array parsed by json ajax?
问题描述
I have an ajax parsing an array 
我有一个解析数组的ajax
jquery jQuery的
if (conceptName == "payall"){
var payall = confirm ("You are about paying for some items.");
if (payall == true ){
var checkedB = new Array();
$("input.NP:checkbox:checked").each(function(){
checkedB.push($(this).attr("class"));
});
// ajax for sending the selected products array for the payment
$.ajax({
type: 'POST',
url: "ord/payforit.php",
data: {checkedB:checkedB},
dataType: 'json',
cache: false,
success: function(resultpay) {
alert (resultpay);
}
});
} else {
alert ("Ok, Do you still wanna add items?");
}
php 的PHP
require "dbconnection.php";
$getarr = mysqli_real_escape_string($db,$_POST["checkedB"]);
echo json_encode ($getarr);
the array parses with no problem if I use $_POST["checkedB"] without sanitising, but with the above code I'll have 如果我使用$ _POST [“ checkedB”]而不进行清理,则数组解析没有问题,但是使用上面的代码,我将拥有
<br />
<b>Warning</b>: mysqli_real_escape_string() expects parameter 2 to be string, array given in <b>e/ru/ord/payforit.php</b> on line <b>21</b><br />
null
what is so wrong with my code, I am sure that my DB connection is fine, there is no error with my picture upload that uses the same directory. 我的代码有什么问题,我确定我的数据库连接正常,使用相同目录的图片上传没有错误。
Please help me out here. 请帮我在这里。
Appreciated. 感激。
2 个解决方案
解决方案1
8 2014-04-17 00:49:47
You need to iterate over the array: 您需要遍历数组:
$getarr = array();
foreach($_POST['checkedB'] AS $val) {
$getarr[] = mysqli_real_escape_string($db, $val);
}
echo json_encode($getarr);
解决方案2
2 已采纳 2014-04-17 00:46:52
You should iterate through an array and apply it to the values (and keys if you're handling post and get) 您应该遍历数组并将其应用于值(以及键(如果要处理post和get))
foreach ( $_POST["checkedB"] as $k=>$v ) {
${mysqli_real_escape_string( $db, $k )} = mysql_reali_escape_string( $db, $v );
}
echo $someKeyInArray;
Or to recompile an array 还是重新编译一个数组
$array = array();
foreach ( $_POST["checkedB"] as $k=>$v ) {
$array[mysqli_real_escape_string( $db, $k )] = mysqli_real_escape_string( $db, $v );
}
echo $array['someKeyInArray'];
If your array model contains Multiple Arrays then you would need to utilize a function to properly iterate through all arrays, something like this (not tested) 如果您的数组模型包含多个数组,那么您将需要利用一个函数正确地遍历所有数组,类似这样(未测试)
function mysqli_escape_array( $arr, $db = false ) {
if ( ! $db ) {
return false;
}
$array = array();
foreach ( $arr as $k=>$v ) {
if ( is_array( $v ) ) {
$array[mysqli_real_escape_string( $db, $k )] = mysqli_escape_array( $v, $db );
} else {
$array[mysqli_real_escape_string( $db, $k )] = mysqli_real_escape_string( $db, $v );
}
}
return $arr;
}
$array = mysqli_escape_array( $_POST['checkedB'], $db );
echo json_encode( $array );
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.