public function fieldsFormDisplay($rid = 0) { global $_W; if (!empty($rid)) { $list = pdo_fetchall("SELECT * FROM ".tablename($this->tablename)." WHERE rid = :rid ORDER BY `id` ASC", array(':rid' => $rid)); $list = istripslashes($list); } include $this->template('music/form'); }
public function fieldsFormDisplay($rid = 0) { global $_W; load()->func('tpl'); if (!empty($rid)) { $replies = pdo_fetchall("SELECT * FROM " . tablename($this->tablename) . " WHERE rid = :rid ORDER BY `id` ASC", array(':rid' => $rid)); $replies = istripslashes($replies); } include $this->template('form'); }
/** * 转义引号字符串 * 支持单个字符与数组 * * @param string or array $var * @return string or array * 返回转义后的字符串或是数组 */ function istripslashes($var) { if (is_array($var)) { foreach ($var as $key => $value) { $var[stripslashes($key)] = istripslashes($value); } } else { $var = stripslashes($var); } return $var; }
public function doMobileDetail() { global $_W, $_GPC; $id = intval($_GPC['id']); $sql = "SELECT * FROM " . tablename('news_reply') . " WHERE `id`=:id"; $row = pdo_fetch($sql, array(':id' => $id)); if (!empty($row['url'])) { header("Location: " . $row['url']); } $row = istripslashes($row); $row['thumb'] = $_W['attachurl'] . trim($row['thumb'], '/'); $title = $row['title']; include $this->template('detail'); }
public function doMobileDetail() { global $_W, $_GPC; $id = intval($_GPC['id']); $sql = "SELECT * FROM " . tablename('news_reply') . " WHERE `id`=:id"; $row = pdo_fetch($sql, array(':id' => $id)); if (!empty($row['url'])) { header("Location: " . $row['url']); } $row = istripslashes($row); $title = $row['title']; $sql = 'SELECT `subscribeurl` FROM ' . tablename('account_wechats') . " WHERE `acid` = :acid"; $subscribeurl = pdo_fetchcolumn($sql, array(':acid' => intval($_W['acid']))); include $this->template('detail'); }
public function fieldsFormDisplay($rid = 0) { global $_W; $result = pdo_fetchall("SELECT * FROM " . tablename($this->tablename) . " WHERE rid = :rid ORDER BY `parentid` ASC, `id` ASC", array(':rid' => $rid)); $result = istripslashes($result); $reply = array(); if (!empty($result)) { foreach ($result as $index => $row) { if (empty($row['parentid'])) { $reply[$row['id']] = $row; } else { $reply[$row['parentid']]['children'][] = $row; } } } include $this->template('display'); }
public function doMobileDetail() { global $_W, $_GPC; $id = intval($_GPC['id']); $sql = "SELECT * FROM " . tablename('news_reply') . " WHERE `id`=:id"; $row = pdo_fetch($sql, array(':id' => $id)); if (!empty($row['url'])) { header("Location: " . $row['url']); } $row = istripslashes($row); if ($_W['os'] == 'android' && $_W['container'] == 'wechat' && $_W['account']['account']) { $subscribeurl = "weixin://profile/{$_W['account']['account']}"; } else { $sql = 'SELECT `subscribeurl` FROM ' . tablename('account_wechats') . " WHERE `acid` = :acid"; $subscribeurl = pdo_fetchcolumn($sql, array(':acid' => intval($_W['acid']))); } include $this->template('detail'); }
public function selectDictionary($q) { $output = array(); $result = $this->DB->query($q); while ($row = $result->fetch_row()) { $output[istripslashes($row[0])] = istripslashes($row[1]); } $result->free(); return $output; }
public function doMobileNews() { global $_GPC, $_W; $op = !empty($_GPC['op']) ? trim($_GPC['op']) : 'news_list'; if ($op == 'news_list') { $category_id = intval($_GPC['category_id']); $category = pdo_fetch('SELECT * FROM ' . tablename('we7car_news_category') . " WHERE weid = '{$_W['uniacid']}' AND id = :id LIMIT 1", array(':id' => $category_id)); $pindex = max(1, intval($_GPC['page'])); $psize = 1; $news = pdo_fetchall("SELECT * FROM " . tablename('we7car_news') . " WHERE weid = '{$_W['uniacid']}' AND category_id = :category_id ORDER BY ishot DESC,createtime DESC LIMIT " . ($pindex - 1) * $psize . ',' . $psize, array(':category_id' => $category_id)); $total = pdo_fetchcolumn('SELECT COUNT(*) FROM ' . tablename('we7car_news') . " WHERE weid = '{$_W['uniacid']}' AND category_id = :category_id ", array(':category_id' => $category_id)); $pager = pagination($total, $pindex, $psize); } if ($op == 'news_detail') { $id = intval($_GPC['id']); $new = pdo_fetch("SELECT * FROM " . tablename('we7car_news') . " WHERE weid = :weid AND id = :id LIMIT 1", array(':weid' => $_W['uniacid'], ':id' => $id)); $new = istripslashes($new); $new['thumb'] = $_W['attachurl'] . trim($new['thumb'], '/'); //独立选择内容模板 if (!empty($new['template'])) { $_W['account']['template'] = $new['template']; } //var_dump($new); } include $this->template('news'); }
$sitepath = substr($_SERVER['PHP_SELF'], 0, strrpos($_SERVER['PHP_SELF'], '/')); $_W['siteroot'] = htmlspecialchars('http://' . $_SERVER['HTTP_HOST'] . $sitepath); if (substr($_W['siteroot'], -1) != '/') { $_W['siteroot'] .= '/'; } $urls = parse_url($_W['siteroot']); $urls['path'] = str_replace(array('/web', '/app', '/payment/wechat', '/payment/alipay', '/api'), '', $urls['path']); $_W['siteroot'] = $urls['scheme'] . '://' . $urls['host'] . (!empty($urls['port']) && $urls['port'] != '80' ? ':' . $urls['port'] : '') . $urls['path']; $_W['siteurl'] = $urls['scheme'] . '://' . $urls['host'] . (!empty($urls['port']) && $urls['port'] != '80' ? ':' . $urls['port'] : '') . $_W['script_name'] . (empty($_SERVER['QUERY_STRING']) ? '' : '?') . $_SERVER['QUERY_STRING']; unset($sitepath); $_W['isajax'] = isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest'; $_W['ispost'] = $_SERVER['REQUEST_METHOD'] == 'POST'; if (MAGIC_QUOTES_GPC) { $_GET = istripslashes($_GET); $_POST = istripslashes($_POST); $_COOKIE = istripslashes($_COOKIE); } $cplen = strlen($_W['config']['cookie']['pre']); foreach ($_COOKIE as $key => $value) { if (substr($key, 0, $cplen) == $_W['config']['cookie']['pre']) { $_GPC[substr($key, $cplen)] = $value; } } unset($cplen, $key, $value); $_GPC = array_merge($_GET, $_POST, $_GPC); $_GPC = ihtmlspecialchars($_GPC); if (!$_W['isajax']) { $input = file_get_contents("php://input"); if (!empty($input)) { $__input = @json_decode($input, true); if (!empty($__input)) {
} template('home/home'); exit; } } elseif ($do == 'detail') { $id = intval($_GPC['id']); $sql = "SELECT * FROM " . tablename('site_article') . " WHERE `id`=:id AND uniacid = :uniacid"; $detail = pdo_fetch($sql, array(':id' => $id, ':uniacid' => $_W['uniacid'])); if (!empty($detail['linkurl'])) { if (strtolower(substr($detail['linkurl'], 0, 4)) != 'tel:' && !strexists($detail['linkurl'], 'http://') && !strexists($detail['linkurl'], 'https://')) { $detail['linkurl'] = $_W['siteroot'] . 'app/' . $detail['linkurl']; } header('Location: ' . $detail['linkurl']); exit; } $detail = istripslashes($detail); $detail['content'] = preg_replace("/<img(.*?)(http[s]?\\:\\/\\/mmbiz.qpic.cn[^\\?]*?)(\\?[^\"]*?)?\"/i", '<img $1$2"', $detail['content']); if (!empty($detail['incontent'])) { $detail['content'] = '<p><img src="' . tomedia($detail['thumb']) . '" title="' . $detail['title'] . '" /></p>' . $detail['content']; } if (!empty($detail['thumb'])) { $detail['thumb'] = tomedia($detail['thumb']); } else { $detail['thumb'] = ''; } $title = $detail['title']; if (!empty($detail['template'])) { $_W['template'] = $detail['template']; } if ($_W['os'] == 'android' && $_W['container'] == 'wechat' && $_W['account']['account']) { $subscribeurl = "weixin://profile/{$_W['account']['account']}";
public function doMobileDetail() { //手机显示图片详细信息 global $_GPC, $_W; $id = intval($_GPC['id']); $sql = "SELECT * FROM " . tablename('mm') . " WHERE `id`=:id"; $detail = pdo_fetch($sql, array(':id' => $id)); $detail = istripslashes($detail); $detail['thumb'] = $_W['attachurl'] . trim($detail['thumb'], '/'); $title = $detail['title']; include $this->template('detail'); }
public function doMobileDetail() { global $_GPC, $_W; $id = intval($_GPC['id']); $sql = "SELECT * FROM " . tablename('article') . " WHERE `id`=:id"; $detail = pdo_fetch($sql, array(':id' => $id)); $detail = istripslashes($detail); $detail['thumb'] = $_W['attachurl'] . trim($detail['thumb'], '/'); $title = $detail['title']; //独立选择内容模板 if (!empty($detail['template'])) { $_W['account']['template'] = $detail['template']; } include $this->template('detail'); }
public function doMobileDetail() { global $_GPC, $_W; $this->tryLink(); $id = intval($_GPC['id']); $sql = "SELECT * FROM " . tablename('xc_article_article') . " WHERE `id`=:id"; $detail = pdo_fetch($sql, array(':id' => $id)); $detail = istripslashes($detail); if (!empty($detail)) { $this->trackRead($detail); } if (!empty($detail['redirect_url'])) { header('Location: ' . $detail['redirect_url']); exit(0); } if (!empty($_GPC['shareby']) and $_GPC['shareby'] != $_W['fans']['from_user']) { $this->trackAccess($detail); if (!empty($_GPC['linkurl']) && strlen($_GPC['linkurl']) > 0) { header('Location:' . base64_decode($_GPC['linkurl'])); exit; } } else { } $recommendation = unserialize($detail['recommendation']); $recommendation = xc_article_addTplTail($recommendation); $detail['thumb'] = trim(strpos($detail['thumb'], 'http://') === FALSE ? $_W['attachurl'] . $detail['thumb'] : $detail['thumb']); $detail['title'] = $this->parseTemplate($detail, $detail['title']); $detail['source'] = $this->parseTemplate($detail, $detail['source']); $detail['author'] = $this->parseTemplate($detail, $detail['author']); if ($detail['adv_on_off'] == 'off') { $detail['adv_top'] = $detail['adv_status'] = $detail['adv_bottom'] = ''; } else { $detail['adv_top'] = $this->parseTemplate($detail, $detail['adv_top']); $detail['adv_status'] = $this->parseTemplate($detail, $detail['adv_status']); $detail['adv_bottom'] = $this->parseTemplate($detail, $detail['adv_bottom']); } $title = $detail['title']; $_share = array(); $_share['title'] = $title; $_share['imgUrl'] = $_W['attachurl'] . $detail['sharethumb']; $_share['desc'] = $detail['description']; $_share['link'] = $_W['siteroot'] . '/app/' . $this->createMobileUrl('detail', array('id' => $detail['id'])) . '&shareby=' . $_W['fans']['from_user'] . "&track_type=click&tpl={$_GPC['tpl']}&file={$_GPC['file']}" . (!empty($detail['linkurl']) ? '&linkurl=' . base64_encode($detail['linkurl']) : ''); if (!empty($_GPC['tpl']) && !empty($_GPC['file'])) { $_W['account']['template'] = $_GPC['tpl']; include $this->template($_GPC['file']); exit; } if (!empty($detail['template'])) { $_W['account']['template'] = $detail['template']; } if (!empty($detail['templatefile'])) { include $this->template($detail['templatefile']); exit; } include $this->template('detail'); }