DFiNE
/
OdenseTrack
關注 1
收藏 1
複製 0
程式碼 問題 3 合併請求 0 版本發佈 2 Wiki 活動
瀏覽代碼

Update to alter class

tags/rls1
kenn408k 6 年之前
父節點
313c1e0409
當前提交
df789aa8d9
共有 1 個檔案被更改,包括 2 行新增0 行删除
統一視圖 顯示文件統計
  1. 2
    0
      classes/alter.class.php

+ 2
- 0
classes/alter.class.php 查看文件

13 
     public static function addNews($author, $title, $content, $image, $type) {
 13 
     public static function addNews($author, $title, $content, $image, $type) {
14 
         $db = new DBClass();
 14 
         $db = new DBClass();
15 
         $time = new DateTime();
 15 
         $time = new DateTime();
16 
+        // Sanitize number
16 
         $type = filter_var(trim($type), FILTER_SANITIZE_NUMBER_INT);
 17 
         $type = filter_var(trim($type), FILTER_SANITIZE_NUMBER_INT);
17 
         $sql = "INSERT INTO `news` (`id`, `author`, `time`, `title`, `type`, `content`, `img`) VALUES (NULL, '$author', '" . $time->getTimestamp() . "', '$title', '$type', '$content', '$image');";
 18 
         $sql = "INSERT INTO `news` (`id`, `author`, `time`, `title`, `type`, `content`, `img`) VALUES (NULL, '$author', '" . $time->getTimestamp() . "', '$title', '$type', '$content', '$image');";
18 
         $db->query($sql);
 19 
         $db->query($sql);
22
23
23 
     public static function editNews($id, $title, $content, $image, $type) {
 24 
     public static function editNews($id, $title, $content, $image, $type) {
24 
         $db = new DBClass();
 25 
         $db = new DBClass();
26 
+        // Sanitize number
25 
         $type = filter_var(trim($type), FILTER_SANITIZE_NUMBER_INT);
 27 
         $type = filter_var(trim($type), FILTER_SANITIZE_NUMBER_INT);
26 
         if ($image != false) {
 28 
         if ($image != false) {
27 
             $sql = "UPDATE `news` SET `title` = '$title', `img` = '$image', `content` = '$content', `type` = '$type' WHERE `news`.`id` = $id;";
 29 
             $sql = "UPDATE `news` SET `title` = '$title', `img` = '$image', `content` = '$content', `type` = '$type' WHERE `news`.`id` = $id;";

Write Preview
Loading…
取消
儲存