-3

HTMLコード

<tr>
   <td><input type="text" name="batch_code[]" required="required" value="<?php      if(isset($batch_code[0]))echo htmlentities($batch_code[0]); ?>"/></td>
   <td><input type="text" name="description[]" value="<?php if(isset($description[0]))echo htmlentities($description[0]); ?>"/></td>
   <td><input type="text" name="current_value[]" value="<?php if(isset($current_value[0]))echo htmlentities($current_value[0]); ?>"/></td>
   <td><input type="text" size="12" name="qty[]"  required="required"  value="<?php if(isset($qty[0]))echo htmlentities($qty[0]); ?>"/></td>
   <td><select id="asset_id" class="asset_id" name="asset_id[0][]" multiple="multiple" required>
    <?php foreach($asset_ids as $asset_id): ?>
            <option class="dropdownlist"><?php echo $asset_id->asset_id; ?></option> 
     <?php endforeach; ?>
    </select></td>
</tr>
<tr>
   <td><input type="text" name="batch_code[]" required="required" value="<?php      if(isset($batch_code[1]))echo htmlentities($batch_code[1]); ?>"/></td>
   <td><input type="text" name="description[]" value="<?php if(isset($description[1]))echo htmlentities($description[1]); ?>"/></td>
   <td><input type="text" name="current_value[]" value="<?php if(isset($current_value[1]))echo htmlentities($current_value[1]); ?>"/></td>
   <td><input type="text" size="12" name="qty[]"  required="required"  value="<?php if(isset($qty[1]))echo htmlentities($qty[1]); ?>"/></td>
   <td><select id="asset_id" class="asset_id" name="asset_id[1][]" multiple="multiple" required>
    <?php foreach($asset_ids as $asset_id): ?>
            <option class="dropdownlist"><?php echo $asset_id->asset_id; ?></option> 
     <?php endforeach; ?>
    </select></td>
</tr>

そして私のphpコードは

$count = count(array_filter($this->asset_id))-1;
for($value = 0; $value <= $count; $value++){
    $count_asset = count(array_filter($this->asset_id))-1;
    for($asset_value = 0; $asset_value <= $count_asset; $asset_value++){
        $sql  = "INSERT INTO dispatch_items (";
        $sql .= "dis_id, batch_code, asset_id, description, current_value, qty";
        $sql .= ") VALUES ('";
        $sql .= $database->escape_value($this->dis_id) ."', '";
        $sql .= $database->escape_value($this->batch_code[$value])."', '";
        $sql .= $database->escape_value($this->asset_id[$value][$asset_value]) ."', '";
        $sql .= $database->escape_value($this->description[$value]) ."', '";
        $sql .= $database->escape_value($this->current_value[$value]) ."', '";
        $sql .= $database->escape_value($this->qty[$value]) ."')";
        $query = $datanase->query($sql);
        $sql  = "UPDATE asset_manager SET ";
        $sql .= "location='".$database->escape_value($this->rstore_code)."', ";
        $sql .= "dis_id='".$database->escape_value($this->dis_id)."' ";
        $sql .= "WHERE asset_id='".$database->escape_value($this->asset_id[$value][$asset_value])."' ";
        $sql .= "AND batch_code='".$database->escape_value($this->batch_code[$value])."' ";
        $query = $database->query($sql);
    }
}

asset_id[][]複数のフォームデータをデータベースに挿入し、ユーザーがすべてに対して複数を選択するオプションを提供しようとしてbatch_code[]いますが、データベースに挿入すると、このエラーが発生し続けます。.:(

警告:mysql_real_escape_string()は、パラメーター1が文字列であることを想定しています。配列は52行目のD:\ Assetmanagement \ contains\database.phpにあります。

public function escape_value( $value ) {
      if( $this->real_escape_string ) { // PHP v4.3.0 or higher
     // undo any magic quote effects so mysql_real_escape_string can do the work
     if( $this->magic_quotes_active ) { $value = stripslashes( $value ); }
         $value = mysql_real_escape_string( $value );\\ line 53
     } else { // before PHP v4.3.0
         // if magic quotes aren't already on then add slashes manually
         if( !$this->magic_quotes_active ) { $value = addslashes( $value ); }
         // if magic quotes are active, then the slashes already exist
     }
    return $value;
}

どうすればこのエラーを修正できますか..?

4

1 に答える 1

1

使用する代わりに

if( $this->real_escape_string ) { // PHP v4.3.0 or higher

PHPのバージョンを確認してください

phpversion()

また

function_exists('real_escape_string')
于 2012-09-07T18:40:57.647 に答える