forked from Wikiplus/Wikiplus
/
statistic.php
56 lines (48 loc) · 1.33 KB
/
statistic.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
<?php
/**
* Wikiplus 数据收集和统计系统
*/
header('Access-Control-Allow-Origin : *');//允许跨域
//数据库信息定义
/*
$DB_Host = 'localhost';
$DB_Name = 'wikiplus';
$DB_UserName = 'root';
$DB_UserPass = '';
*/
$DB_Host = 'localhost';
$DB_Name = MYSQL_DATABASE;
$DB_UserName = MYSQL_USERNAME;
$DB_UserPass = MYSQL_PASSWORD;
//验证提交数据有效性
function isValid($array){
foreach ($array as $value) {
if (!isset($_GET[$value]) || empty($_GET[$value])){
return false;
}
}
return true;
}
//转义提交数据
function escapeParameters($params,$mysqli){
$paramsArray = array();
foreach ($params as $value) {
$paramsArray[$value] = mysqli_real_escape_string($mysqli,$_GET[$value]);
}
return $paramsArray;
}
if (isValid(array('wikiname','username','usetime','pagename'))){
//连接数据库
$mysqli = new mysqli($DB_Host,$DB_UserName,$DB_UserPass,$DB_Name);
$params = escapeParameters(array('wikiname','username','usetime','pagename'),$mysqli);
$wikiname = $params['wikiname'];
$username = $params['username'];
$usetime = (int)$params['usetime'];
$pagename = $params['pagename'];
$query = "INSERT INTO wikiplus_statistics (wikiname,username,usetime,pagename) VALUES ('$wikiname','$username',$usetime,'$pagename')";
$res = $mysqli->query($query);
if ($res){
echo '{"result":"success"}';
}
}
?>