Check for valid SQL column name

后端未结

关注

 4  1526

爱一瞬间的悲伤 2020-12-15 16:59

How would you check in php that a string is a valid compatible column name for a sql statement? just a string match.

4条回答

我在风中等你 (楼主)

2020-12-15 17:45

You can use the MySQL query as follows to get the fields from a particular table:

SHOW FIELDS FROM tbl_name

and then some simple PHP:

$string_to_check = 'sample';
$valid = false;
$q = mysql_query("SHOW FIELDS FROM tbl_name");
while($row = mysql_fetch_object($q)) {
  if($row->Field == $string_to_check) {
     $valid = true; break;
  }
}
if($valid) {
  echo "Field exists";
}

0 讨论(0)

查看其它4个回答