diff --git a/application/default/controllers/AuthorController.php b/application/default/controllers/AuthorController.php index 129555aa..096044f9 100644 --- a/application/default/controllers/AuthorController.php +++ b/application/default/controllers/AuthorController.php @@ -800,8 +800,10 @@ class AuthorController extends Zend_Controller_Action //数据处理代码 EOH<<<<<<<<<<<<<<<< try{ - $keyword = trim($this->_request->getParam('q')); - if (!preg_match_all("/^[\x{4e00}-\x{9fa5}A-Za-z0-9_]+$/u",$keyword,$matchs)) + $keyword = trim($this->_request->getParam('q')); + if (strlen(trim($keyword))<3) + $data = array('error'=>'搜索关键字过短'); + else if (!preg_match_all("/^[\x{4e00}-\x{9fa5}A-Za-z0-9\s_]+$/u",$keyword,$matchs)) { $data = array('error'=>'搜索关键字中只能包含汉字、英文、数字'); } @@ -810,9 +812,12 @@ class AuthorController extends Zend_Controller_Action //搜索标题和描述两个字段 $sql = "SELECT m.uuid,m.title,m.description,a.status,a.userid FROM normalmetadata m LEFT JOIN mdauthor a ON m.uuid=a.uuid - WHERE m.title like ? OR m.description like ?"; + WHERE "; + $search=new Search($keyword); + $where=$search->sql_expr(array("m.title","m.description")); + $sql.=$where; $sth = $this->db->prepare($sql); - $sth->execute(array("%$keyword%","%$keyword%")); + $sth->execute(); $rows = $sth->fetchAll(); if(is_array($rows) && count($rows)>0)