Mercurial > epgrec.yaz
comparison mediatomb.php @ 16:cf19005e65d1
added: mysql_real_escape_string
author | Sushi-k <epgrec@park.mda.or.jp> |
---|---|
date | Wed, 15 Jul 2009 13:02:20 +0900 |
parents | b0fc647167f5 |
children | 9238c1d9e060 |
comparison
equal
deleted
inserted
replaced
15:cbbddf99d1cd | 16:cf19005e65d1 |
---|---|
16 mysql_query( $sqlstr ); | 16 mysql_query( $sqlstr ); |
17 $sqlstr = "set NAME utf8"; | 17 $sqlstr = "set NAME utf8"; |
18 mysql_query( $sqlstr ); | 18 mysql_query( $sqlstr ); |
19 | 19 |
20 foreach( $recs as $rec ) { | 20 foreach( $recs as $rec ) { |
21 $title = $rec->title."(".date("Y/m/d", toTimestamp($rec->starttime)).")"; | 21 $title = mysql_real_escape_string($rec->title)."(".date("Y/m/d", toTimestamp($rec->starttime)).")"; |
22 $sqlstr = "update mt_cds_object set metadata='dc:description=".$rec->description."' where dc_title='".$rec->path."'"; | 22 $sqlstr = "update mt_cds_object set metadata='dc:description=".mysql_real_escape_string($rec->description)."' where dc_title='".$rec->path."'"; |
23 mysql_query( $sqlstr ); | 23 mysql_query( $sqlstr ); |
24 $sqlstr = "update mt_cds_object set dc_title='".$title."' where dc_title='".$rec->path."'"; | 24 $sqlstr = "update mt_cds_object set dc_title='".$title."' where dc_title='".$rec->path."'"; |
25 mysql_query( $sqlstr ); | 25 mysql_query( $sqlstr ); |
26 } | 26 } |
27 } | 27 } |