The callback function passed to array_walkis expected to accept two parameters, one for the value and one for the key:

传递给的回调函数array_walk应该接受两个参数，一个是值，一个是键：

Typically, funcnametakes on two parameters. The arrayparameter's value being the first, and the key/index second.

通常，funcname接受两个参数。的阵列参数的值作为所述第一和密钥/第二索引。

But mysql_real_escape_stringexpects the second parameter to be a resource. That's why you're getting that error.

但mysql_real_escape_string期望第二个参数是一个资源。这就是您收到该错误的原因。

Use array_mapinstead, it only takes the value of each item and passes it to the given callback function:

array_map改为使用，它只获取每个项目的值并将其传递给给定的回调函数：

array_map('mysql_real_escape_string', $_POST);

The second parameter will be omitted and so the last opened connection is used.

第二个参数将被省略，因此使用最后打开的连接。

If you need to pass the second parameter, you need to wrap the function call in another function, e.g. an anonymous function:

如果需要传递第二个参数，则需要将函数调用包装在另一个函数中，例如匿名函数：

array_map(function($string) use ($link) { return mysql_real_escape_string($string, $link); }, $_POST);

It's because the mysql_real_escape_string is being given two parameters, both string.

这是因为 mysql_real_escape_string 被赋予了两个参数，都是字符串。

http://php.net/manual/en/function.mysql-real-escape-string.php

http://php.net/manual/en/function.mysql-real-escape-string.php

http://www.phpbuilder.com/manual/en/function.array-map.php:

http://www.phpbuilder.com/manual/en/function.array-map.php：

array_map() returns an array containing all the elements of arr1 after applying the callback function to each one. The number of parameters that the callback function accepts should match the number of arrays passed to the array_map()

array_map() 将回调函数应用于每个元素后，返回一个包含 arr1 的所有元素的数组。回调函数接受的参数数量应与传递给 array_map() 的数组数量相匹配

you could do

你可以

function myescape($val)
{
    return mysql_real_escape_string($val);
}

... then

... 然后

array_walk($_POST, 'myescape');

I know the OP asked to call a function, however in the cases where you do not really need to call a function you can define an anonymous one:

我知道 OP 要求调用一个函数，但是在您实际上不需要调用函数的情况下，您可以定义一个匿名函数：

$ids = [1,2,3];
array_walk($ids,function(&$id){$id += 1000;});

http://php.net/manual/en/function.array-walk.phpsays that array_walk will call the function with 2 arguments, the value and the key. You should write a new function to wrap mysql_real_escape_string. Something like:

http://php.net/manual/en/function.array-walk.php说 array_walk 将使用 2 个参数调用函数，值和键。您应该编写一个新函数来包装 mysql_real_escape_string。就像是：

function wrapper($val, $key){
    return mysql_real_escape_string($val);
}

And then:

进而：

array_walk($_POST, 'wrapper');

Sorry if my PHP is not correct, but I think you'll catch the general idea.

对不起，如果我的 PHP 不正确，但我认为您会理解总体思路。

mysql_real_escape_string()won't work unless you've made a mysql connection first. The reason it is so cool is that it will escape characters in a way to fit the table type. The second [optional] argument is a reference to the mysql connection.

mysql_real_escape_string()除非您先建立了 mysql 连接，否则将无法工作。它如此酷的原因是它会以适合表格类型的方式转义字符。第二个 [可选] 参数是对 mysql 连接的引用。

$_POSTis always set up as key->value. So, you array_walkcalls mysql_real_escape_string(value, key). Notice the second argument is not a reference.

$_POST始终设置为key->value。所以，你array_walk调用mysql_real_escape_string(value, key). 注意第二个参数不是引用。

That is why it does not work. There are several solution already mentioned above.

这就是为什么它不起作用。上面已经提到了几种解决方案。

PHP 7.4 style:

PHP 7.4 风格：

$link = mysqli_connect("localhost", "my_user", "my_password", "world");

array_map(fn($string) => mysqli_real_escape_string($string, $link), $_POST);

I had trouble using the accepted answer as it caused me errors for reasons I couldn't work out. So for anyone having trouble with array_walk or array_map I found this to work.

我在使用接受的答案时遇到了麻烦，因为它导致我由于无法解决的原因而出错。因此，对于任何在 array_walk 或 array_map 上遇到问题的人，我发现它可以工作。

foreach($_POST as $pk => $pv) $_POST[$pk] = mysql_real_escape_string($pv);