I have some checkboxes that can be checked. They look like
<input type="checkbox" name="order[123]" value="1">
Now I am checking the formdata and I filter the ids in the order-array this way, before i look them up in the database.
$orderids = preg_grep('/^\d+$/', array_keys($_POST['order']));
is there a more efficient way for doing this?
Using regex, you are ensuring no malicious strings are used, but not checking for viability in the database. (eg order[999999999999999999999999]
would pass regex, but not be useful in the db.)
The truest validation would be to run them against your database-borne ids using array_intersect
.
$valid_ids=array_intersect(array_keys($_POST['order']),$db_orderids_array)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.