php:有没有理由在回显数据之前先填充结果数组
I'm reading sitepoint's book PHP & MySQL Novice to Ninja and I'm wondering why he takes an extra step.
My SQL query is
try
{
$sql = 'SELECT * FROM trazooevents WHERE county = :county';
$s = $pdo->prepare($sql);
$s->bindValue(':county', $_POST['search_term']);
$s->execute();
include 'events.inc.php';
}
and in my include
<?php foreach ($s as $row): ?>
<li class="db-headline"><?php echo htmlspecialchars($row['eventname'], ENT_QUOTES, 'UTF-8'); ?></li>
// etc.
<?php endforeach; ?>
and it works perfectly fine. In the book Kevin Yank adds an extra step similar to:
foreach ($result as $row)
{
$events[] = array(
'eventname' => $row['eventname'],
'eventdetails' => $row['eventdetails'],
'weburl' => $row['weburl'],
'imagename' => $row['imagename'],
'expireson' => $row['expireson']
);
}
Does he do this to just get an index label or is there some security issue I don't know?
我正在阅读sitepoint的书 PHP&amp; MySQL对Ninja的新手 strong>,我想知道为什么他需要额外的一步。 p>
我的SQL查询是 p>
在我的include p>
它完美无缺。
在书中 Kevin Yank strong>添加了类似于以下内容的额外步骤: p>
他这样做是为了获取索引标签还是存在一些安全问题我 不知道? p>
div>
尝试
{
$ sql ='SELECT * FROM trazooevents WHERE county =:county';
$ s = $ pdo-&gt; prepare($ sql);
$ s-&gt; bindValue(':county', $ _POST ['search_term']);
$ s-&gt; execute();
包含'events.inc.php';
}
code> pre>
&lt;?php foreach($ s as $ row):?&gt;
&lt; li class =“db-headline”&gt ;&lt;?php echo htmlspecialchars($ row ['eventname'],ENT_QUOTES,'UTF-8'); ?&gt;&lt; / li&gt;
//等等
&lt;?php endforeach; ?&gt;
code> pre>
foreach($ result as $ row)
{
$ events [] = array(
'eventname'=&gt; $ row ['eventname'],
'eventdetails '=&gt; $ row ['eventdetails'],
'weburl'=&gt; $ row ['weburl'],
'imagename'=&gt; $ row ['imagename'],
'expireson'= &gt; $ row ['expireson']
);
}
code> pre>
It's a matter of readability of the code. You won't use row but an array with more semantic significance: events.
It is just to get the index label.. not necessary though.. :)