public function create_draft() { if (!$this->settings['autoSaveDraft']) { $this->errorOutput(AUTOSAVEOFF); } $content = array('title' => $this->input['title'], 'page_title' => $this->input['pagetitles'], 'tcolor' => $this->input['tcolor'], 'isbold' => intval($this->input['isbold']), 'isitalic' => intval($this->input['isitalic']), 'subtitle' => $this->input['subtitle'], 'keywords' => str_replace(' ', ',', trim($this->input['keywords'])), 'brief' => $this->input['brief'], 'author' => $this->input['author'], 'source' => $this->input['source'], 'indexpic' => intval($this->input['indexpic']), 'outlink' => $this->input['outlink'], 'sort_id' => intval($this->input['sort_id']), 'column_id' => $this->input['column_id'], 'weight' => intval($this->input['weight']), 'water_id' => $this->input['water_config_id'], 'water_name' => $this->input['water_config_name'], 'state' => $this->get_status_setting('create'), 'pub_time' => strtotime($this->input['pub_time']), 'para' => $this->input['para'], 'other_settings' => $this->input['other_settings'] ? serialize($this->input['other_settings']) : '', 'ori_url' => $this->input['ori_url'], 'content' => $this->input['content'], 'material_id' => $this->input['material_id']); $spe_idarr = explode(',', $this->input['special_id']); $col_namearr = explode(',', $this->input['column_name']); $col_idarr = explode(',', $this->input['col_id']); $sname_idarr = explode(',', $this->input['show_name']); $spe_arr = array(); if ($col_idarr) { foreach ($col_idarr as $k => $v) { $spe_arr[$v]['id'] = $v; $spe_arr[$v]['name'] = $col_namearr[$k]; $spe_arr[$v]['special_id'] = $spe_idarr[$k]; $spe_arr[$v]['show_name'] = $sname_idarr[$k]; } } $content['special'] = serialize($spe_arr); $draft = array('title' => hg_daddslashes($content['title']), 'content' => hg_daddslashes(serialize($content)), 'user_id' => $this->user['user_id'], 'user_name' => $this->user['user_name'], 'isauto' => $this->input['auto_draft'], 'create_time' => TIMENOW); if ($draft['isauto']) { $auto_draft = $this->obj->get_auto_draft($this->user['user_id']); if ($auto_draft['id']) { $this->obj->update($draft, 'draft', ' id = ' . $auto_draft['id']); } else { $this->obj->insert_data($draft, 'draft'); } } else { $this->obj->insert_data($draft, 'draft'); } $this->addItem(true); $this->output(); }
function hg_daddslashes($string, $force = 0) { if (!$GLOBALS['magic_quotes_gpc'] || $force) { if (is_array($string)) { foreach ($string as $key => $val) { $string[$key] = hg_daddslashes($val, $force); } } else { //如果魔术引用开启或$force为0 //下面是一个三元操作符,如果$strip为true则执行stripslashes去掉反斜线字符,再执行addslashes //$strip为true的,也就是先去掉反斜线字符再进行转义的为$_GET,$_POST,$_COOKIE和$_REQUEST $_REQUEST数组包含了前三个数组的值 //这里为什么要将$string先去掉反斜线再进行转义呢,因为有的时候$string有可能有两个反斜线,stripslashes是将多余的反斜线过滤掉 $string = addslashes($strip ? dstripslashes($string) : $string); } } return $string; }