<?php
 
/* HTML特殊文字をスケープ */
function h($input) {
    return htmlspecialchars($input, ENT_QUOTES, 'UTF-8');
}
 
/* 外部から受け取る変数の配列構造をフィルタリング */
function filter_structure($var, $default_structure) {
    $ret = array();
    foreach ($default_structure as $key => $value) {
        if (!isset($var[$key])) {
            $ret[$key] = $value;
        } elseif (is_array($value)) {
            $ret[$key] = filter_request($var[$key], $value);
        } elseif (is_array($var[$key])) {
            $ret[$key] = $value;
        } else {
            $ret[$key] = $var[$key];
        }
    }
    return $ret;
}
 
// デバッグ用データ
$_POST['hiragana'] = array(
    'a' => 'あいうえお',
    'k' => 'かきくけこ',
    's' => 'さしすせそ',
    't' => 'たちつてと',
    'n' => 'なにぬねの',
);
 
try {
 
    // PDOオブジェクト生成
    $pdo = new PDO('mysql:dbname=db;host=localhost;charset=utf8');
 
    // SQL実行失敗時に例外をスローする
    $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
 
    // 入力をフィルタリング
    $post = filter_structure($_POST, array(
        'hiragana' => array(
            'a' => '',
            'k' => '',
            's' => '',
            't' => '',
            'n' => '',
        ),
    ));
 
    // プリペアドステートメントを生成
    $stmt = $pdo->prepare('INSERT INTO hiragana(a, k, s, t, n) VALUES(?, ?, ?, ?, ?)');
 
    // 値をバインドして実行
    $stmt->execute($post['hiragana']);
 
    $message = '成功！';
 
} catch (Exception $e) {
 
    $message = $e->getMessage();
 
}
 
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Insert Test</title>
</head>
<body>
<p><?=h($message)?></p>
</body>
</html>

PD9waHAKCi8qIEhUTUznibnmrormloflrZfjgpLjgrnjgrHjg7zjg5cgKi8KZnVuY3Rpb24gaCgkaW5wdXQpIHsKICAgIHJldHVybiBodG1sc3BlY2lhbGNoYXJzKCRpbnB1dCwgRU5UX1FVT1RFUywgJ1VURi04Jyk7Cn0KCi8qIOWklumDqOOBi+OCieWPl+OBkeWPluOCi+WkieaVsOOBrumFjeWIl+ani+mAoOOCkuODleOCo+ODq+OCv+ODquODs+OCsCAqLwpmdW5jdGlvbiBmaWx0ZXJfc3RydWN0dXJlKCR2YXIsICRkZWZhdWx0X3N0cnVjdHVyZSkgewogICAgJHJldCA9IGFycmF5KCk7CiAgICBmb3JlYWNoICgkZGVmYXVsdF9zdHJ1Y3R1cmUgYXMgJGtleSA9PiAkdmFsdWUpIHsKICAgICAgICBpZiAoIWlzc2V0KCR2YXJbJGtleV0pKSB7CiAgICAgICAgICAgICRyZXRbJGtleV0gPSAkdmFsdWU7CiAgICAgICAgfSBlbHNlaWYgKGlzX2FycmF5KCR2YWx1ZSkpIHsKICAgICAgICAgICAgJHJldFska2V5XSA9IGZpbHRlcl9yZXF1ZXN0KCR2YXJbJGtleV0sICR2YWx1ZSk7CiAgICAgICAgfSBlbHNlaWYgKGlzX2FycmF5KCR2YXJbJGtleV0pKSB7CiAgICAgICAgICAgICRyZXRbJGtleV0gPSAkdmFsdWU7CiAgICAgICAgfSBlbHNlIHsKICAgICAgICAgICAgJHJldFska2V5XSA9ICR2YXJbJGtleV07CiAgICAgICAgfQogICAgfQogICAgcmV0dXJuICRyZXQ7Cn0KCi8vIOODh+ODkOODg+OCsOeUqOODh+ODvOOCvwokX1BPU1RbJ2hpcmFnYW5hJ10gPSBhcnJheSgKICAgICdhJyA9PiAn44GC44GE44GG44GI44GKJywKICAgICdrJyA9PiAn44GL44GN44GP44GR44GTJywKICAgICdzJyA9PiAn44GV44GX44GZ44Gb44GdJywKICAgICd0JyA9PiAn44Gf44Gh44Gk44Gm44GoJywKICAgICduJyA9PiAn44Gq44Gr44Gs44Gt44GuJywKKTsKCnRyeSB7CiAgICAKICAgIC8vIFBET+OCquODluOCuOOCp+OCr+ODiOeUn+aIkAogICAgJHBkbyA9IG5ldyBQRE8oJ215c3FsOmRibmFtZT1kYjtob3N0PWxvY2FsaG9zdDtjaGFyc2V0PXV0ZjgnKTsKICAgIAogICAgLy8gU1FM5a6f6KGM5aSx5pWX5pmC44Gr5L6L5aSW44KS44K544Ot44O844GZ44KLCiAgICAkcGRvLT5zZXRBdHRyaWJ1dGUoUERPOjpBVFRSX0VSUk1PREUsIFBETzo6RVJSTU9ERV9FWENFUFRJT04pOwogICAgCiAgICAvLyDlhaXlipvjgpLjg5XjgqPjg6vjgr/jg6rjg7PjgrAKICAgICRwb3N0ID0gZmlsdGVyX3N0cnVjdHVyZSgkX1BPU1QsIGFycmF5KAogICAgICAgICdoaXJhZ2FuYScgPT4gYXJyYXkoCiAgICAgICAgICAgICdhJyA9PiAnJywKICAgICAgICAgICAgJ2snID0+ICcnLAogICAgICAgICAgICAncycgPT4gJycsCiAgICAgICAgICAgICd0JyA9PiAnJywKICAgICAgICAgICAgJ24nID0+ICcnLAogICAgICAgICksCiAgICApKTsKICAgIAogICAgLy8g44OX44Oq44Oa44Ki44OJ44K544OG44O844OI44Oh44Oz44OI44KS55Sf5oiQCiAgICAkc3RtdCA9ICRwZG8tPnByZXBhcmUoJ0lOU0VSVCBJTlRPIGhpcmFnYW5hKGEsIGssIHMsIHQsIG4pIFZBTFVFUyg/LCA/LCA/LCA/LCA/KScpOwogICAgCiAgICAvLyDlgKTjgpLjg5DjgqTjg7Pjg4njgZfjgablrp/ooYwKICAgICRzdG10LT5leGVjdXRlKCRwb3N0WydoaXJhZ2FuYSddKTsKICAgIAogICAgJG1lc3NhZ2UgPSAn5oiQ5Yqf77yBJzsKICAgIAp9IGNhdGNoIChFeGNlcHRpb24gJGUpIHsKICAgIAogICAgJG1lc3NhZ2UgPSAkZS0+Z2V0TWVzc2FnZSgpOwogICAgCn0KCj8+CjwhRE9DVFlQRSBodG1sPgo8aHRtbD4KPGhlYWQ+CjxtZXRhIGNoYXJzZXQ9IlVURi04Ij4KPHRpdGxlPkluc2VydCBUZXN0PC90aXRsZT4KPC9oZWFkPgo8Ym9keT4KPHA+PD89aCgkbWVzc2FnZSk/PjwvcD4KPC9ib2R5Pgo8L2h0bWw+