您应该始终检查服务器端提交的数据。 如果你正在使用MySQL,你可以试试这个:
$sql = "SELECT a.* FROM (";
$first = true;
foreach($submitted_tag_array as $v) {
$v = mysql_real_escape_string($v);
$sql .= $first
? "\n\tSELECT '$v' AS tag"
: "\n\tUNION ALL SELECT '$v'";
$first = false;
}
$sql .= "\n) AS a"
."\nLEFT JOIN [tag] t ON t.tag_id = a.tag"
."\nWHERE t.tag_id IS NULL";
$result = mysql_query($sql);
if($row = mysql_fetch_assoc($result)) {
// We found atleast one tag that doesn't exist in the database! Do something about it!
}
上面的代码假设你得到TAG_ID的在提交阵列。如果您改为获取标签名称,则只需更改
."\nLEFT JOIN [tag] t ON t.tag_name = a.tag"