/** * 获取sql判断语句的值,例如a=b,b的值可能需要根据字段a的类型来选择是否加单引号 * @param $field 字段名 * @param $value 字段值,可以是数组 * @return 根据$field的类型返回相关的字段值,例如'addslashes($value)' */ protected function prepareForSql($field, $value) { $fields_def = $this->getFields(); $field_info = $fields_def[$field]; $str_value = strval($value); if (!isset($str_value[0])) { $value = $field_info['default']; } if (empty($field_info)) { if (is_array($value)) { if (is_string($value[0])) { return "'" . implode("','", array_map("elex_addslashes", $value)) . "'"; } else { return implode(",", $value); } } else { if (is_string($value)) { return "'" . elex_addslashes($value) . "'"; } else { return $value; } } } switch ($field_info['type']) { case FieldType::TYPE_STRING: case FieldType::TYPE_PACKED: if (is_array($value)) { return "'" . implode("','", array_map("elex_addslashes", $value)) . "'"; } return "'" . elex_addslashes($value) . "'"; default: if (is_array($value)) { return implode(",", $value); } return $value; } }
/** * API的主函数 * */ public function service() { // 验证必要的参数 $this->validate(); $format = getGPC('format', 'string'); $this->setFormat($format); require_once FRAMEWORK . '/action/ActionInvoker.class.php'; try { $invoker = new ActionInvoker($this->actionPath); $params = elex_addslashes($_REQUEST); $method = getGPC('method', 'string'); $pos = strpos($method, '.'); if ($pos === false) { $module = ''; $action = $method; } else { $module = substr($method, 0, $pos); $action = substr($method, $pos + 1); } $result = $invoker->invoke($module, $action, $params); echo $this->getReturnResult($result, $this->format); } catch (Exception $e) { $this->errorMessage($e->getCode(), $e->getMessage()); } }
public static function joinPairs($pair_arr, $delemeter = ',') { if (empty($pair_arr)) { return ''; } $str = ''; $comma = ''; foreach ($pair_arr as $key => $value) { $str .= $comma . $key . '='; if (is_int($value)) { $str .= $value; } else { $str .= '\'' . elex_addslashes($value) . '\''; } $comma = $delemeter; } return $str; }