問題描述

我有以下數組，我想將它們中的每一個都轉換為單獨的字符串.換句話說，將數組分解為單獨的部分.

I have the following arrays and I would like to convert each one of them into individual strings. In other words, break the array into individual pieces.

  $formatsArray = $_POST['formats'];
      $topicsArray = $_POST['topics'];

這是因為我想在以下查詢中包含單個字符串

This is because I would like to include the individual strings in the following query "

  $resources = "select * from resources where
                    stage LIKE '%".$stage."%'
                    AND format LIKE '%".$formats."%'";


      $run_query = mysqli_query($con, $resources);

這是因為 format 需要一個單獨的字符串進行比較，例如假設數組是 ["video", "blogs", "articles"]，如果 format 是與 video,blogs,articles 相比，而不是視頻，博客或文章.

This is because format expect an individual string for comparison, such as lets assume the array is ["video", "blogs", "articles"], it wouldn't work if format was to be compared with video,blogs,articles but rather video, blogs or articles.

我希望這很清楚，如有任何澄清，請提供建議.

I hope this is clear, and for any clarification, please advise.

一切順利，

更新:

$formats = explode(',', $formatsArray);
      $topics = explode(',', $topicsArray);


      $resources = "select * from resources where
                    stage LIKE '%".$stage."%'
                    AND format LIKE '%".$formats."%' AND topic LIKE '%".$topics."%' ";

更新:

$run_query = mysqli_query($con, $resources);


  while($row = mysqli_fetch_array($run_query)) {

    $data[] = array(
      'format' => $row['format'],
      'title' => $row['title'],
      'costs' => $row['cost'],
      'stage' => $row['stage'],
      'topic' => $row['topic'],
      'link' => $row['link']
    );
  }

更新

  include('db.php');


  $query = 'select * from resources where ';
  $query .= 'stage LIKE :stage and';
  $execute[':stage'] = '%' . $stage . '%';
  if(!empty($_POST['formats'])){
  foreach($_POST['formats'] as $key => $format) {
      $query .= 'format LIKE :format' . $key . ' and ';
      $execute[':format' . $key] = '%' . trim($format) . '%';
  }
  }
  if(!empty($_POST['topics'])){
  foreach($_POST['topics'] as $key => $topic) {
      $query .= 'topic LIKE :topic' . $key . ' and ';
      $execute[':topic' . $key] = '%' . trim($topic)  . '%';
  }
  }
  $query = rtrim($query, ' and ');
  if(!empty($execute)) {
      $stmt = $con->prepare($query);
      $stmt->execute($execute);
  } else {
      echo 'You must search for something';
  }


      while($row = mysqli_fetch_array($query)) {

        $data[] = array(
          'format' => $row['format'],
          'title' => $row['title'],
          'costs' => $row['cost'],
          'stage' => $row['stage'],
          'topic' => $row['topic'],
          'link' => $row['link']
        );
      }

推薦答案

我認為這樣做可以.這也將通過使用準備好的語句來解決注入漏洞.

I think this would do it. This also will resolve the injection hole by using prepared statements.

$query = 'select * from resources where ';
if(!empty($_POST['formats'])){ 
foreach($_POST['formats'] as $key => $format) {
    $query .= 'stage LIKE :stage' . $key . ' or ';
    $execute[':stage' . $key] = '%' . trim($format) . '%';
}
}
if(!empty($_POST['topics'])){
foreach($_POST['topics'] as $key => $topic) {
    $query .= 'topic LIKE :topic' . $key . ' or ';
    $execute[':topic' . $key] = '%' . trim($topic)  . '%';
}
}
$query = rtrim($query, ' or ');
if(!empty($execute)) {
    echo $query;
    print_r($execute);
    //$stmt = $mysqli->prepare($query);
    //$stmt->execute($execute);
} else {
    echo 'You must search for something';
}

給你一個查詢

select * from resources where stage LIKE :stage0 or stage LIKE :stage1 or topic LIKE :topic0 or topic LIKE :topic1 or topic LIKE :topic2 or topic LIKE :topic3

select * from resources where stage LIKE :stage0 or stage LIKE :stage1 or topic LIKE :topic0 or topic LIKE :topic1 or topic LIKE :topic2 or topic LIKE :topic3

和綁定值:

Array
(
    [:stage0] => %test%
    [:stage1] => %test1%
    [:topic0] => %value1%
    [:topic1] => %value2%
    [:topic2] => %value3%
    [:topic3] => %value4%
)

這是我認為數據已配對時的初始代碼..

Here's the initial code I had for when I thought the data was paired..

foreach($formats as $key => $format) {
    $topic = $topics[$key];
    $query .= '(stage LIKE :stage' . $key . ' and topic LIKE :topic' . $key . ') or ';
    $execute[':stage' . $key] = '%' . trim($format) . '%';
    $execute[':topic' . $key] = '%' . trim($topic)  . '%';
}

關于準備好的語句的一些鏈接:
http://php.net/manual/en/mysqli.quickstart.prepared-statements.php
http://php.net/manual/en/mysqli.prepare.php
http://php.net/manual/en/mysqli-stmt.execute.php

A few links on prepared statements:
http://php.net/manual/en/mysqli.quickstart.prepared-statements.php
http://php.net/manual/en/mysqli.prepare.php
http://php.net/manual/en/mysqli-stmt.execute.php

這篇關于將數組轉換為單獨的字符串的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網！