$orderby = ''; } else { $orderby = preg_replace("#[^a-z]#i", '', $orderby); } if (!isset($searchtype)) { $searchtype = 'titlekeyword'; } else { $searchtype = preg_replace("#[^a-z]#i", '', $searchtype); } if (!isset($keyword)) { if (!isset($q)) { $q = ''; } $keyword = $q; } $oldkeyword = $keyword = FilterSearch(stripslashes($keyword)); //查找栏目信息 if (empty($typeid)) { $typenameCacheFile = DEDEDATA . '/cache/typename.inc'; if (!file_exists($typenameCacheFile) || filemtime($typenameCacheFile) < time() - 3600 * 24) { $fp = fopen(DEDEDATA . '/cache/typename.inc', 'w'); fwrite($fp, "<" . "?php\r\n"); $dsql->SetQuery("Select id,typename,channeltype From `#@__arctype`"); $dsql->Execute(); while ($row = $dsql->GetArray()) { fwrite($fp, "\$typeArr[{$row['id']}] = '{$row['typename']}';\r\n"); } fwrite($fp, '?' . '>'); fclose($fp); } //引入栏目缓存并看关键字是否有相关栏目内容
if (!isset($sex)) { $sex = ''; } if (!isset($mtype)) { $mtype = ''; } if (!isset($spacesta)) { $spacesta = -10; } if (!isset($matt)) { $matt = 10; } if (!isset($keyword)) { $keyword = ''; } else { $keyword = trim(FilterSearch($keyword)); } $mtypeform = empty($mtype) ? "<option value=''>类型</option>\r\n" : "<option value='{$mtype}'>{$mtype}</option>\r\n"; $sexform = empty($sex) ? "<option value=''>性别</option>\r\n" : "<option value='{$sex}'>{$sex}</option>\r\n"; $sortkey = empty($sortkey) ? 'mid' : preg_replace("#[^a-z]#i", '', $sortkey); $staArr = array(-2 => '限制用户(禁言)', -1 => '未通过审核', 0 => '审核通过,提示填写完整信息', 1 => '没填写详细资料', 2 => '正常使用状态'); $staArrmatt = array(1 => '被推荐', 0 => '非普通 '); $MemberTypes = array(); $dsql->SetQuery("Select rank,membername From `#@__arcrank` where rank>0 "); $dsql->Execute(); while ($row = $dsql->GetObject()) { $MemberTypes[$row->rank] = $row->membername; } if ($sortkey == 'mid') { $sortform = "<option value='mid'>mid/注册时间</option>\r\n"; } else {
/** * 上传 * * @version $Id: uploads.php 1 8:38 2010年7月9日Z tianya $ * @package DedeCMS.Member * @copyright Copyright (c) 2007 - 2010, DesDev, Inc. * @license http://help.dedecms.com/usersguide/license.html * @link http://www.dedecms.com */ require_once dirname(__FILE__) . "/config.php"; CheckRank(0, 0); require_once DEDEINC . "/datalistcp.class.php"; setcookie("ENV_GOBACK_URL", $dedeNowurl, time() + 3600, "/"); $menutype = 'content'; $keyword = empty($keyword) ? '' : FilterSearch($keyword); $addsql = " where mid='" . $cfg_ml->M_ID . "' AND title LIKE '%{$keyword}%' "; if (empty($mediatype)) { $mediatype = 0; } $mediatype = intval($mediatype); if ($mediatype > 0) { $addsql .= " AND mediatype='{$mediatype}' "; } $sql = "SELECT * FROM `#@__uploads` {$addsql} ORDER BY aid DESC"; $dlist = new DataListCP(); $dlist->pageSize = 5; $dlist->SetParameter("mediatype", $mediatype); $dlist->SetParameter("keyword", $keyword); $dlist->SetTemplate(DEDEMEMBER . "/templets/uploads.htm"); $dlist->SetSource($sql);
$modelform = $dsql->GetOne("SELECT * FROM #@__member_model WHERE id='{$modid}' "); if (!is_array($modelform)) { showmsg('模型表单不存在', '-1'); exit; } $inadd_f = ''; if (!empty($dede_fields)) { $fieldarr = explode(';', $dede_fields); if (is_array($fieldarr)) { foreach ($fieldarr as $field) { if ($field == '') { continue; } $fieldinfo = explode(',', $field); if ($fieldinfo[1] == 'textdata') { ${$fieldinfo[0]} = FilterSearch(stripslashes(${$fieldinfo[0]})); ${$fieldinfo[0]} = addslashes(${$fieldinfo[0]}); } else { if ($fieldinfo[1] == 'img') { ${$fieldinfo[0]} = addslashes(${$fieldinfo[0]}); } else { if (empty(${$fieldinfo[0]})) { ${$fieldinfo[0]} = ''; } ${$fieldinfo[0]} = GetFieldValue(${$fieldinfo[0]}, $fieldinfo[1], 0, 'add', '', 'diy', $fieldinfo[0]); } } if ($fieldinfo[0] == "birthday") { ${$fieldinfo[0]} = GetDateMk(${$fieldinfo[0]}); } $inadd_f .= ',' . $fieldinfo[0] . " ='" . ${$fieldinfo[0]} . "'";
* @package DedeCMS.Site * @copyright Copyright (c) 2007 - 2010, DesDev, Inc. * @license http://help.dedecms.com/usersguide/license.html * @link http://www.dedecms.com */ require_once dirname(__FILE__) . "/include/common.inc.php"; require_once DEDEINC . "/arc.taglist.class.php"; $PageNo = 1; if (isset($_SERVER['QUERY_STRING'])) { $tag = trim($_SERVER['QUERY_STRING']); $tags = explode('/', $tag); if (isset($tags[1])) { $tag = $tags[1]; } if (isset($tags[2])) { $PageNo = intval($tags[2]); } } else { $tag = ''; } $tag = FilterSearch(urldecode($tag)); if ($tag != addslashes($tag)) { $tag = ''; } if ($tag == '') { $dlist = new TagList($tag, 'tag.htm'); } else { $dlist = new TagList($tag, 'taglist.htm'); } $dlist->Display(); exit;
} //如果指定了内容模型ID但没有指定栏目ID,那么自动获得为这个内容模型的第一个顶级栏目作为频道默认栏目 if (!empty($channelid) && empty($tid)) { $tinfos = $dsql->GetOne("SELECT tp.id,ch.issystem FROM `#@__arctype` tp LEFT JOIN `#@__channeltype` ch ON ch.id=tp.channeltype WHERE tp.channeltype='{$channelid}' And tp.reid=0 order by sortrank asc"); if (!is_array($tinfos)) { die(" No catalogs in the channel! "); } $tid = $tinfos['id']; } else { $tinfos = $dsql->GetOne("SELECT ch.issystem FROM `#@__arctype` tp LEFT JOIN `#@__channeltype` ch ON ch.id=tp.channeltype WHERE tp.id='{$tid}' "); } if ($tinfos['issystem'] == -1) { $nativeplace = empty($nativeplace) || !is_numeric($nativeplace) ? 0 : $nativeplace; $infotype = empty($infotype) || !is_numeric($infotype) ? 0 : $infotype; if (!empty($keyword)) { $keyword = FilterSearch($keyword); } $cArr = array(); if (!empty($nativeplace)) { $cArr['nativeplace'] = $nativeplace; } if (!empty($infotype)) { $cArr['infotype'] = $infotype; } if (!empty($keyword)) { $cArr['keyword'] = $keyword; } include DEDEINC . "/arc.sglistview.class.php"; $lv = new SgListView($tid, $cArr); } else { include DEDEINC . "/arc.listview.class.php";
<?php require "../global.php"; require "../cache/s_cate_array.php"; require_once "global.func.php"; require_once "search.class.php"; $s = intval($_GET["s"]); $wd = $_GET["wd"]; $from_host = str_replace("http://", "", GetSiteUrl($_SERVER['HTTP_REFERER'])); if ($from_host != $_SERVER['HTTP_HOST']) { $wd = get_encoding($wd, "GB2312"); } $old_wd = $wd; $wd = FilterSearch($wd); if (strlen($wd) <= 0) { header("location:" . $config["url"]); } $wd_en = urlencode($wd); $is_site = false; ////////////////////// class runtime { var $StartTime = 0; var $StopTime = 0; function get_microtime() { list($usec, $sec) = explode(' ', microtime()); return (double) $usec + (double) $sec; } function start() {
if ($nativeplace != 0) { $min = $nativeplace - 1; $max = $nativeplace + 500; $wheresql .= " and (company.place = '{$nativeplace}' or (company.place >= '{$min}' and company.place < '{$max}'))"; } } if ($vocation > 0) { if ($vocation % 500 != 0) { $wheresql .= " and company.vocation = '{$vocation}' "; } else { $max = ceil(($vocation + 1) / 500) * 500; $min = $max - 500; $wheresql .= " and company.vocation >= '{$min}' and company.vocation < '{$max}'"; } } $cname = FilterSearch(stripslashes($cname)); $cname = addslashes(cn_substr($cname, 30)); if ($cname != '') { $wheresql .= " and (company.company like '%{$cname}%' or company.product like '%{$cname}%')"; } /* //如果要允许搜索具体地址,在模板增加搜索地址的文本框name='town',然后去除此注解即可。 $town = FilterSearch(stripslashes($town)); $town = addslashes(cn_substr($town, 20)); if($town != '') { $wheresql .= " and company.address like '%$town%'"; } */ $sql = "select company.*, member.userid from `#@__member_company` company\r\n left join `#@__member` member on member.mid=company.mid\r\n where {$wheresql} order by uptime desc, mid desc "; $dl = new DataListCP();
$leftarray = $goodsobj->getdata(10, "flag='c'", 'buynum desc,gid desc', 'gid,gtypeid,goodsname,goodsprice,goodsimg,rindex,views,buynum,listorder,flag,addtime'); addfield($goodsobj->table, 'views', "gid=" . $gid, 1); //增加浏览次数 include template('shop_view'); //包含输出指定模板 } else { InitGP(array("c", "k")); //初始化变量全局返回 if (!empty($c) || !empty($k)) { if (!empty($c)) { $tids = $tree->getChilds($c); $tids[] = $c; $wherestr[] = "gtypeid in(" . getdotstring($tids, 'int') . ")"; } if (!empty($k) && strlen($k) >= 2) { $keyword = FilterSearch(stripslashes($k)); //过滤搜索 $wherestr[] = "goodsname like '%" . $keyword . "%'"; } } else { $wherestr[] = "flag='c'"; } if (!empty($wherestr)) { $wheresql = implode(' AND ', $wherestr); } //条件汇总 //获取当前页码 $total = $goodsobj->getcount($wheresql); //总信息数 $pagesize = 9; //一页显示信息数
<?php include "common.inc.php"; InitGP(array("action", "type", "oid", "sid", "page", "minPrice", "maxPrice", "pages", "goodprices", "addtime", "k", "c")); include_once INC_PATH . "/order.class.php"; $o = OrderClass::init(); $Table = new OrderClass(); $typeobj = new TableClass('otype', 'typeid'); if (empty($action)) { $k = FilterSearch(stripslashes($k)); //过滤搜索 if ($k != '' || strlen($k) > 2) { $wherestr[] = "goodsname like '%" . $k . "%'"; } $c = GetNum($c); if ($c) { $wherestr[] = "typeid='" . $c . "'"; } $wherestr[] = "state=1"; $wherestr[] = "type=1"; if (!empty($minPrice) && !empty($maxPrice)) { $wherestr[] = "goodsprice between {$minPrice} and {$maxPrice}"; } if (!empty($pages)) { $pagesize = $pages; } else { $pagesize = 9; } if (!empty($goodprices)) { if ($goodprices == asc) { $orderby = "goodsprice asc";
protected function FilterSearch($query) { if (function_exists('FilterSearch')) { return FilterSearch($query); } else { return $query; } }