???????perpare()??????????η?sql???.
$pdo=new PDO('mysql:host=localhost;dbname=scms'?? 'root' );
$_POST=array('title'=>23??'content'=>'kmm');
$keys= array_keys($_POST);
/**
* $filetarr????????漲?????д??????
*/
$filetarr=array('title'??'content');
$filtre=true;
foreach ($keys as $value){
if(in_array($value?? $filetarr??true)){
}else{
//var_dump($value);
$filtre=false;
break;
}
}
if($filtre){
$fields=implode('??'?? $keys);
$fieldszwh=':'.implode('??:'?? $keys);
$sql="insert into article({$fields}) values({$fieldszwh})";
$pdostatement= $pdo->prepare($sql);
$pdostatement->execute($_POST);
var_dump($pdostatement->errorInfo());
}else{
echo '??????';
}