此函数是用数组创建SQL查询
function YorumEkle($kitapid,$array)
{
$sql = "INSERT INTO yorumlar ('" . implode(",",array_keys($array)) . "') VALUES ( '" . implode("','",$array) . "' )";
}
但是我想用mysql_real_escape_string()但是怎么用?
最佳答案
可以使用数组映射函数
function YorumEkle($kitapid,$array)
{
$array2 = array_map("mysql_real_escape_string",$array);
$sql = "INSERT INTO yorumlar ('" . implode("','",array_keys($array2)) . "') VALUES ( '" . implode("','",$array2) . "' )";
}