Mercurial > epgrec.yaz
annotate recordedTable.php @ 10:152b146bd276
fixed: mysql_connect before mysql_real_escape_string
author | Sushi-k <epgrec@park.mda.or.jp> |
---|---|
date | Mon, 13 Jul 2009 17:12:07 +0900 |
parents | f5a9f0eb4858 |
children | bbbc4f1ecf1d |
rev | line source |
---|---|
1 | 1 <?php |
2 include_once('config.php'); | |
3 include_once( INSTALL_PATH . '/DBRecord.class.php' ); | |
4 include_once( INSTALL_PATH . '/Smarty/Smarty.class.php' ); | |
5 | |
6 $order = ""; | |
7 $search = ""; | |
8 $category_id = 0; | |
9 $station = 0; | |
10 | |
10
152b146bd276
fixed: mysql_connect before mysql_real_escape_string
Sushi-k <epgrec@park.mda.or.jp>
parents:
1
diff
changeset
|
11 // mysql_real_escape_stringより先に接続しておく必要がある |
152b146bd276
fixed: mysql_connect before mysql_real_escape_string
Sushi-k <epgrec@park.mda.or.jp>
parents:
1
diff
changeset
|
12 $dbh = @mysql_connect( DB_HOST, DB_USER, DB_PASS ); |
152b146bd276
fixed: mysql_connect before mysql_real_escape_string
Sushi-k <epgrec@park.mda.or.jp>
parents:
1
diff
changeset
|
13 |
1 | 14 #$options = "WHERE complete='1'"; |
15 $options = "WHERE starttime < '". date("Y-m-d H:i:s")."'"; // ながら再生は無理っぽい? | |
16 | |
17 if(isset( $_POST['do_search'] )) { | |
18 if( isset($_POST['search'])){ | |
19 if( $_POST['search'] != "" ) { | |
20 $search = $_POST['search']; | |
21 $options .= " AND CONCAT(title,description) like '%".mysql_real_escape_string($_POST['search'])."%'"; | |
22 } | |
23 } | |
24 if( isset($_POST['category_id'])) { | |
25 if( $_POST['category_id'] != 0 ) { | |
26 $category_id = $_POST['category_id']; | |
27 $options .= " AND category_id = '".$_POST['category_id']."'"; | |
28 } | |
29 } | |
30 if( isset($_POST['station'])) { | |
31 if( $_POST['station'] != 0 ) { | |
32 $station = $_POST['station']; | |
33 $options .= " AND channel_id = '".$_POST['station']."'"; | |
34 } | |
35 } | |
36 } | |
37 | |
38 | |
39 $options .= " ORDER BY starttime DESC"; | |
40 | |
41 try{ | |
42 $rvs = DBRecord::createRecords(TBL_PREFIX.RESERVE_TBL, $options ); | |
43 $records = array(); | |
44 foreach( $rvs as $r ) { | |
45 $cat = new DBRecord(TBL_PREFIX.CATEGORY_TBL, "id", $r->category_id ); | |
46 $ch = new DBRecord(TBL_PREFIX.CHANNEL_TBL, "id", $r->channel_id ); | |
47 $arr = array(); | |
48 $arr['id'] = $r->id; | |
49 $arr['station_name'] = $ch->name; | |
50 $arr['starttime'] = $r->starttime; | |
51 $arr['endtime'] = $r->endtime; | |
52 $arr['title'] = "<a href=\"".INSTALL_URL."/viewer.php?reserve_id=".$r->id."\">".htmlspecialchars($r->title,ENT_QUOTES)."</a>"; | |
53 $arr['description'] = "<a href=\"".INSTALL_URL."/viewer.php?reserve_id=".$r->id."\">".htmlspecialchars($r->description,ENT_QUOTES)."</a>"; | |
54 $arr['thumb'] = "<a href=\"".INSTALL_URL."/viewer.php?reserve_id=".$r->id."\"><img src=\"".INSTALL_URL.THUMBS."/".$r->path.".jpg\" /></a>"; | |
55 $arr['cat'] = $cat->name_en; | |
56 $arr['mode'] = $RECORD_MODE[$r->mode]['name']; | |
57 | |
58 array_push( $records, $arr ); | |
59 } | |
60 | |
61 $crecs = DBRecord::createRecords(TBL_PREFIX.CATEGORY_TBL ); | |
62 $cats = array(); | |
63 $cats[0]['id'] = 0; | |
64 $cats[0]['name'] = "すべて"; | |
65 $cats[0]['selected'] = $category_id == 0 ? "selected" : ""; | |
66 foreach( $crecs as $c ) { | |
67 $arr = array(); | |
68 $arr['id'] = $c->id; | |
69 $arr['name'] = $c->name_jp; | |
70 $arr['selected'] = $c->id == $category_id ? "selected" : ""; | |
71 array_push( $cats, $arr ); | |
72 } | |
73 | |
74 $crecs = DBRecord::createRecords(TBL_PREFIX.CHANNEL_TBL ); | |
75 $stations = array(); | |
76 $stations[0]['id'] = 0; | |
77 $stations[0]['name'] = "すべて"; | |
78 $stations[0]['selected'] = (! $station) ? "selected" : ""; | |
79 foreach( $crecs as $c ) { | |
80 $arr = array(); | |
81 $arr['id'] = $c->id; | |
82 $arr['name'] = $c->name; | |
83 $arr['selected'] = $station == $c->id ? "selected" : ""; | |
84 array_push( $stations, $arr ); | |
85 } | |
86 | |
87 | |
88 $smarty = new Smarty(); | |
89 $smarty->assign("sitetitle","録画済一覧"); | |
90 $smarty->assign( "records", $records ); | |
91 $smarty->assign( "search", $search ); | |
92 $smarty->assign( "stations", $stations ); | |
93 $smarty->assign( "cats", $cats ); | |
94 $smarty->assign( "use_thumbs", USE_THUMBS ); | |
95 | |
96 $smarty->display("recordedTable.html"); | |
97 | |
98 | |
99 } | |
100 catch( exception $e ) { | |
101 exit( $e->getMessage() ); | |
102 } | |
103 ?> |