add db quote function
This commit is contained in:
parent
7cd95d2c9b
commit
39fcfbcf8a
|
@ -169,10 +169,10 @@ class Admin_NewsController extends Zend_Controller_Action
|
||||||
|
|
||||||
$msg=array();
|
$msg=array();
|
||||||
if(empty($title)) $msg[]="标题不能为空";
|
if(empty($title)) $msg[]="标题不能为空";
|
||||||
if(strlen($title)>40) $msg[]="标题长度不能超过40个字符";
|
if(strlen($title)>200) $msg[]="标题长度不能超过200个字符";
|
||||||
if(strlen($writer)>50) $msg[]="作者长度不能超过50个字符";
|
if(strlen($writer)>50) $msg[]="作者长度不能超过50个字符";
|
||||||
if(strlen($keyword)>200) $msg[] = "关键词长度不能超过200个字符,现在输入了".strlen($keyword)."个字符";
|
if(strlen($keyword)>200) $msg[] = "关键词长度不能超过200个字符,现在输入了".strlen($keyword)."个字符";
|
||||||
if(strlen($description)>200) $msg[] = "内容描述不能超过200个字符,现在输入了".strlen($description)."个字符";
|
if(strlen($description)>500) $msg[] = "内容描述不能超过200个字符,现在输入了".strlen($description)."个字符";
|
||||||
if(empty($body)) $msg[]="请填写内容";
|
if(empty($body)) $msg[]="请填写内容";
|
||||||
if($typeid==0) $msg[]="请选择栏目";
|
if($typeid==0) $msg[]="请选择栏目";
|
||||||
|
|
||||||
|
@ -201,27 +201,23 @@ class Admin_NewsController extends Zend_Controller_Action
|
||||||
}
|
}
|
||||||
|
|
||||||
$date=array(
|
$date=array(
|
||||||
'title' => $title,
|
'title' => $this->db->quote($title),
|
||||||
'writer' => $writer,
|
'writer' => $this->db->quote($writer),
|
||||||
'keyword' => $keyword,
|
'keyword' => $this->db->quote($keyword),
|
||||||
'description'=> $description,
|
'description'=> $this->db->quote($description),
|
||||||
'image' => $image,
|
'image' => $image,
|
||||||
'writetime' => time(),
|
'writetime' => time(),
|
||||||
'pubtime' => $pubtime,
|
'pubtime' => $pubtime,
|
||||||
'source' => $source,
|
'source' => $source,
|
||||||
'typeid' => $typeid,
|
'typeid' => $typeid,
|
||||||
'pub' => $pub,
|
'pub' => $pub,
|
||||||
'body' => $body
|
'body' => $this->db->quote($body)
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
$sql = "INSERT INTO news_archives (title,writer,keyword,description,image,writetime,pubtime,source,typeid,pub)
|
$sql = "INSERT INTO news_archives (title,writer,keyword,description,image,writetime,pubtime,source,typeid,pub)
|
||||||
VALUES ('{$date['title']}',
|
VALUES (".$date['title'].",".$date['writer'].",".$date['keyword'].",".$date['description'].",'".$date['image']."',
|
||||||
'{$date['writer']}',
|
|
||||||
'{$date['keyword']}',
|
|
||||||
'{$date['description']}',
|
|
||||||
'{$date['image']}',
|
|
||||||
'{$date['writetime']}',
|
'{$date['writetime']}',
|
||||||
'{$date['pubtime']}',
|
'{$date['pubtime']}',
|
||||||
'{$date['source']}',
|
'{$date['source']}',
|
||||||
|
@ -235,7 +231,7 @@ class Admin_NewsController extends Zend_Controller_Action
|
||||||
if($sth->execute())
|
if($sth->execute())
|
||||||
{
|
{
|
||||||
$temp = $sth->fetch(PDO::FETCH_ASSOC);
|
$temp = $sth->fetch(PDO::FETCH_ASSOC);
|
||||||
$sql = "INSERT INTO news_archivesaddon (id,body) values ('{$temp['id']}','{$date['body']}')";
|
$sql = "INSERT INTO news_archivesaddon (id,body) values ('{$temp['id']}',{$date['body']})";
|
||||||
if($this->db->exec($sql)>0)
|
if($this->db->exec($sql)>0)
|
||||||
{
|
{
|
||||||
echo '<div class="box box-success">发布成功!</div><script>
|
echo '<div class="box box-success">发布成功!</div><script>
|
||||||
|
@ -315,10 +311,10 @@ class Admin_NewsController extends Zend_Controller_Action
|
||||||
|
|
||||||
$msg=array();
|
$msg=array();
|
||||||
if(empty($title)) $msg[]="标题不能为空";
|
if(empty($title)) $msg[]="标题不能为空";
|
||||||
if(strlen($title)>40) $msg[]="标题长度不能超过40个字符";
|
if(strlen($title)>200) $msg[]="标题长度不能超过200个字符";
|
||||||
if(strlen($writer)>50) $msg[]="作者长度不能超过50个字符";
|
if(strlen($writer)>50) $msg[]="作者长度不能超过50个字符";
|
||||||
if(strlen($keyword)>200) $msg[] = "关键词长度不能超过200个字符,现在输入了".strlen($keyword)."个字符";
|
if(strlen($keyword)>200) $msg[] = "关键词长度不能超过200个字符,现在输入了".strlen($keyword)."个字符";
|
||||||
if(strlen($description)>200) $msg[] = "内容描述不能超过200个字符,现在输入了".strlen($description)."个字符";
|
if(strlen($description)>500) $msg[] = "内容描述不能超过500个字符,现在输入了".strlen($description)."个字符";
|
||||||
if(empty($body)) $msg[]="请填写内容";
|
if(empty($body)) $msg[]="请填写内容";
|
||||||
if($typeid==0) $msg[]="请选择栏目";
|
if($typeid==0) $msg[]="请选择栏目";
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue