Mercurial > epgrec.yaz
comparison programTable.php @ 10:152b146bd276
fixed: mysql_connect before mysql_real_escape_string
author | Sushi-k <epgrec@park.mda.or.jp> |
---|---|
date | Mon, 13 Jul 2009 17:12:07 +0900 |
parents | f5a9f0eb4858 |
children | e5f9aa34d06f |
comparison
equal
deleted
inserted
replaced
9:500c7fbb46aa | 10:152b146bd276 |
---|---|
9 $use_regexp = 0; | 9 $use_regexp = 0; |
10 $type = "*"; | 10 $type = "*"; |
11 $category_id = 0; | 11 $category_id = 0; |
12 $station = 0; | 12 $station = 0; |
13 | 13 |
14 // mysql_real_escape_stringより先に接続しておく必要がある | |
15 $dbh = @mysql_connect(DB_HOST, DB_USER, DB_PASS ); | |
14 | 16 |
17 // パラメータの処理 | |
15 if(isset( $_POST['do_search'] )) { | 18 if(isset( $_POST['do_search'] )) { |
16 if( isset($_POST['search'])){ | 19 if( isset($_POST['search'])){ |
17 if( $_POST['search'] != "" ) { | 20 if( $_POST['search'] != "" ) { |
18 $search = $_POST['search']; | 21 $search = $_POST['search']; |
19 if( isset($_POST['use_regexp']) && ($_POST['use_regexp']) ) { | 22 if( isset($_POST['use_regexp']) && ($_POST['use_regexp']) ) { |
42 $station = $_POST['station']; | 45 $station = $_POST['station']; |
43 $options .= " AND channel_id = '".$_POST['station']."'"; | 46 $options .= " AND channel_id = '".$_POST['station']."'"; |
44 } | 47 } |
45 } | 48 } |
46 } | 49 } |
47 | |
48 $options .= " ORDER BY starttime ASC LIMIT 300"; | 50 $options .= " ORDER BY starttime ASC LIMIT 300"; |
49 | |
50 $do_keyword = 0; | 51 $do_keyword = 0; |
51 if( ($search != "") || ($type != "*") || ($category_id != 0) || ($station != 0) ) | 52 if( ($search != "") || ($type != "*") || ($category_id != 0) || ($station != 0) ) |
52 $do_keyword = 1; | 53 $do_keyword = 1; |
53 | 54 |
54 try{ | 55 try{ |
56 | |
55 $precs = DBRecord::createRecords(TBL_PREFIX.PROGRAM_TBL, $options ); | 57 $precs = DBRecord::createRecords(TBL_PREFIX.PROGRAM_TBL, $options ); |
56 | 58 |
57 $programs = array(); | 59 $programs = array(); |
58 foreach( $precs as $p ) { | 60 foreach( $precs as $p ) { |
59 $ch = new DBRecord(TBL_PREFIX.CHANNEL_TBL, "id", $p->channel_id ); | 61 $ch = new DBRecord(TBL_PREFIX.CHANNEL_TBL, "id", $p->channel_id ); |