parse_str($recive_str, $recive_array); $return_array = array("state" => "", "message" => "", "result" => ""); if (!isset($recive_array["action_type"]) && $return_array["state"] == "") { $return_array = array("state" => "ERROR", "message" => "請勿亂嘗試", "result" => ""); } if ($return_array["state"] == "" && $recive_array["action_type"] == "query_data") { foreach ($recive_array as $key => $value) { ${$key} = $value; } $start_date = $s_year . $s_month . $s_day . $s_hour . "0000"; $start_end = $e_year . $e_month . $e_day . $e_hour . "5959"; $sql_syntax = "\n CREATE TEMPORARY TABLE temp_merchant_info AS(\n SELECT client,allpayMID,percen,corpname,webname,corpid FROM o_user WHERE allpayMID!=7 [+++allpay_mid_rule+++] [+++corpid+++] [+++allpay_gid_rule+++]\n );"; if ($corpid == "") { $sql_syntax = str_replace("[+++corpid+++]", "", $sql_syntax); } else { $sql_cropid = $pdo_sql->sql_injection($corpid); $sql_syntax = str_replace("[+++corpid+++]", "AND corpid={$sql_cropid}", $sql_syntax); } if ($allpay_gid == "") { $sql_syntax = str_replace("[+++allpay_gid_rule+++]", "", $sql_syntax); } else { $sql_allpay_gid = $pdo_sql->sql_injection($allpay_gid); $sql_syntax = str_replace("[+++allpay_gid_rule+++]", "AND client={$sql_allpay_gid}", $sql_syntax); } if ($allpay_mid == "") { $sql_syntax = str_replace("[+++allpay_mid_rule+++]", "", $sql_syntax); } else { $sql_allpay_mid = $pdo_sql->sql_injection($allpay_mid); $sql_syntax = str_replace("[+++allpay_mid_rule+++]", "AND allpayMID={$sql_allpay_mid}", $sql_syntax); } $result = $pdo_sql->exe($sql_syntax);