Sigurnost drop down liste

šta vi mislite, jel ovo sigurno ? ako nije sto bi mjenjali ?
dal da pod $maincategories i subcategories stavim mysqli escape string i stripslashess?

<?php

$maincategories = @$_POST['maincategory'];
$subcategories = @$_POST['subcategory'];

<code>
Class Main {
	

	
	const maincategory = "animals";
	
	protected $maincategories = array("animals"=>"Animals", "cars"=>"Cars");
	
	protected $subcategories = array(
	                                    "animals"=>array("dog"=>"Dog", "cat"=>"Cat", "horse"=>"Horse", "pig"=>"Pig"),
										"cars"=>array("honda"=>"Honda", "ferrari"=>"Ferrari", "toyota"=>"Toyota", "ford"=>"Ford")
										
	);
	

	
	public function displayMaincategories(){
		if(isset($_POST['maincategory'])){
			foreach ($this->maincategories as $key=>$value) {
				if ($key == $_POST['maincategory']){
					echo "<option value='$key' selected='selected'>$value</option>";
					
				}else {
					echo "<option value='$key'>$value</option>";
				}
				
			}
			
			
		} else {
			foreach ($this->maincategories as $key=>$value) {
				if ($key == self::maincategory) {
					echo "<option value='$key' selected='selected'>$value</option>";
					
					
				}else {
					echo "<option value='$key'>$value</option>";
				}
			}
			
		}
		
	}
	
	public function displaySubcategories() {
		if(isset($_POST['maincategory'], $_POST['subcategory'])) {
			$selected = $this->subcategories[$_POST['maincategory']];
			foreach ($selected as $key=>$value){
				if ($key == $_POST['subcategory']){
					echo "<option value='$key' selected='selected'>$value</option>";
					
				}else {
				  	echo "<option value='$key'>$value</option>";
				}
				
			}
			
		}else {
			$selected = $this->subcategories[self::maincategory];
			foreach ($selected as $key=>$value) {
				echo "<option value='$key'>$value</option>";
			}
		}
		
	}
	
}

$obj = new Main();



?>
</code>

<script type"text/javascript">
  $(document).ready(function(){
	  $("#maincategory").change(function(){
		  $("#postform").submit();
	  });
	  
	  
	  $("#subcategory").change(function(){
		  $("#postform").submit();
		  
	  });
	  
	  
  });

</script>

Copyright © 2020 WM Forum - AboutContact - Sponsored by: Mydataknox & Profit Monkey