Menu
I want to INSERT a set of data submitted by $_POST (in form of array) as
foreach($_POST['data'] as $single) {
$set[]="('static', '$single')";
}
$sets=implode(", ", $set);
mysql_query("INSERT INTO table (Static, Data) VALUES $sets");
Where is the best place to use use mysql_real_escape_string to avoid SQL injection, as the data are submitted by users.
383
Before going to your first foreach.
$_POST['data'] = array_map("mysql_real_escape_string", $_POST['data']);
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
