Supose是$this->input->post('location')
拥有一个这样的数组:笨3 SQL注入查询
Array
(
[0] => 0
[1] => 1
[2] => 2
[3] => 3
[4] => 4
[5] => 5
[6] => 6
[7] => 7
)
这是查询 “SQL注入” 安全吗?
$in = str_repeat('?,', count($this->input->post('location')) - 1) . '?';
$sql = "SELECT id
FROM location
WHERE id IN ($in)";
$locations = $this->db->query($sql, $this->input->post('location'));
谢谢!
是的,这是非常安全 – Alex