function zaddslashes($string, $force = 0, $strip = false, $breakArr = array())
{
if (!defined('MAGIC_QUOTES_GPC')) {
define('MAGIC_QUOTES_GPC', '');
}
if (!MAGIC_QUOTES_GPC || $force) {
if (is_array($string)) {
foreach ($string as $key => $val) {
if (!in_array($key, $breakArr)) {
$string[$key] = zaddslashes($val, $force, $strip, $breakArr);
}
}
} else {
$string = $strip ? stripslashes($string) : $string;
$string = htmlspecialchars($string);
//$sysKeyword = "value|group|alter|\$|substring|'|truncate|script|frame|group|having|like|modify|rename|join|outfile|database|embed|applet|cast|object|document|cookie|where|drop|insert|update|delete|confirm|alert| and |%20and%20| or |%20or%20|load_file|outfile|schema|passwd|cnf|shadow|shutdown";
//$keywordArr = explode('|', $sysKeyword);
//$badword = array_combine($keywordArr, array_fill(0, count($keywordArr), '?鶻'));
//$string = strtr($string, $badword);
}
}
return $string;
}
public function edit_role()
{
if (IS_POST) {
$_POST = zaddslashes($_POST);
$status = M('Role')->where('id=' . intval($_POST['id']))->save(array('name' => trim($_POST['name'])));
if ($status) {
$this->success('修改角色成功');
} else {
$this->error('修改角色失败');
}
die;
}
$roleInfo = M('Role')->where('id=' . intval($_GET['id']))->find();
$this->assign('roleInfo', $roleInfo);
$this->display();
}
