Supose是$this->input->post('location')
擁有一個這樣的數組:笨3 SQL注入查詢
Array
(
[0] => 0
[1] => 1
[2] => 2
[3] => 3
[4] => 4
[5] => 5
[6] => 6
[7] => 7
)
這是查詢 「SQL注入」 安全嗎?
$in = str_repeat('?,', count($this->input->post('location')) - 1) . '?';
$sql = "SELECT id
FROM location
WHERE id IN ($in)";
$locations = $this->db->query($sql, $this->input->post('location'));
謝謝!
是的,這是非常安全 – Alex