From abb66a0e799e7ca613e8967a304e7c5ed00e034e Mon Sep 17 00:00:00 2001
From: chengkun <chengkun@ishangstudy.com>
Date: Fri, 30 May 2025 11:37:48 +0800
Subject: [PATCH] 提交
---
app/public/action.class.php | 149 +++++++++++++++++++++++++++----------------------
1 files changed, 81 insertions(+), 68 deletions(-)
diff --git a/app/public/action.class.php b/app/public/action.class.php
index 9d2533c..4876c36 100644
--- a/app/public/action.class.php
+++ b/app/public/action.class.php
@@ -1,14 +1,5 @@
<?php
-/*
-* $Author :PHPYUN开发团队
-*
-* 官网: http://www.phpyun.com
-*
-* 版权所有 2009-2021 宿迁鑫潮信息技术有限公司,并保留所有权利。
-*
-* 软件声明:未经授权前提下,不得用于商业运营、二次开发以及任何形式的再次发布。
- */
class model {
// 操作状态
@@ -160,33 +151,41 @@
protected function _initialize() {
}
+ function get_table_fields($tableName) {
+ include(CONFIG_PATH . 'db.config.php');
+ $mysqli = new mysqli($db_config['dbhost'], $db_config['dbuser'], $db_config['dbpass'], $db_config['dbname']);
+ $query = $mysqli->query("SHOW COLUMNS FROM $tableName");
+ $tableFields = array();
+ while ($row = $query->fetch_assoc()) {
+ $tableFields[] = $row['Field'];
+ }
+ return $tableFields;
+ }
+
function insert_into($table, $data = array()) {
-
-
$value = array();
-
$this->db->connect();
include(PLUS_PATH . 'dbstruct.cache.php');
$TableFullName = $this->def . $table;
- if (is_array($$TableFullName)) {
- $fields = array_keys($$TableFullName);
- } else {
+ $fields = $this->get_table_fields($TableFullName);
+ if (!$fields) {
return FALSE;
}
-
- if (is_array($fields)) {
-
- if (is_array($data)) {
- foreach ($data as $key => $v) {
- if (in_array($key, $fields)) {
- $v = $this->FilterStr($v);
- $value[] = "`" . $key . "`='" . $this->db->escape_string($v) . "'";
- }
- }
+ if (!is_array($data)) {
+ return FALSE;
+ }
+ foreach ($data as $key => $v) {
+ if (in_array($key, $fields)) {
+ $v = $this->FilterStr($v);
+ $value[] = "`" . $key . "`='" . $this->db->escape_string($v) . "'";
}
}
+
$value = @implode(",", $value);
+ if (!$value) {
+ return FALSE;
+ }
return $this->DB_insert_once($table, $value);
}
@@ -195,8 +194,16 @@
$this->db->connect();
$value = array();
include(PLUS_PATH . 'dbstruct.cache.php');
-// $TableFullName=$this->def.$table;
-// var_dump($$TableFullName);exit();
+ $TableFullName = $this->def . $table;
+ $fields = $this->get_table_fields($TableFullName);
+ if (!is_array($data) || !is_array($where)) {
+ return FALSE;
+ }
+ if (!$fields) {
+ return FALSE;
+ }
+
+ // var_dump($$TableFullName);exit();
// if (is_array($where)) {
// $fields = array_keys($where);
// } else {
@@ -205,57 +212,56 @@
// var_dump($fields);exit();
- if (is_array($data)) {
-
- foreach ($data as $key => $v) {
+ foreach ($data as $key => $v) {
+ if (!in_array($key, $fields)) {
+ continue;
+ }
+ if (is_array($v)) {
- if (is_array($v)) {
+ if ($v[0] == '+') {
- if ($v[0] == '+') {
+ $value[] = '`' . $key . '` = `' . $key . '` + ' . $this->db->escape_string($v[1]);
+ } elseif ($v[0] == '-') {
+
+ $value[] = '`' . $key . '` = `' . $key . '` - ' . $this->db->escape_string($v[1]);
+
+ } else if ($v[0] == '=') {
+
+ $value[] = '`' . $key . '` = ' . $this->db->escape_string($v[1]);
+
+
+ } elseif ($v[0] == 'CASE') {
+
+
+ $casesql = '`' . $key . '` = CASE `' . $this->db->escape_string($v[1]) . '`';
+
+ foreach ($v[2] as $ck => $cv) {
- $value[] = '`' . $key . '` = `' . $key . '` + ' . $this->db->escape_string($v[1]);
- } elseif ($v[0] == '-') {
-
- $value[] = '`' . $key . '` = `' . $key . '` - ' . $this->db->escape_string($v[1]);
-
- } else if ($v[0] == '=') {
-
- $value[] = '`' . $key . '` = ' . $this->db->escape_string($v[1]);
-
-
- } elseif ($v[0] == 'CASE') {
-
-
- $casesql = '`' . $key . '` = CASE `' . $this->db->escape_string($v[1]) . '`';
-
- foreach ($v[2] as $ck => $cv) {
-
- $casesql .= " WHEN '" . $ck . "' THEN '" . $this->db->escape_string($cv) . "' ";
- }
-
- $casesql .= 'END';
-
- $value[] = $casesql;
- } elseif ($v[0] == 'DATE_ADD') {
-
- $value[] = '`' . $key . '` = DATE_ADD(`' . $key . '` , INTERVAL ' . $this->db->escape_string($v[1]) . ' DAY )';
-
- } elseif ($v[0] == 'concat') {
-
- $value[] = '`' . $key . '` = concat(`' . $key . '` , ",' . $this->db->escape_string($v[1]) . ' ")';
- } else {
-
- $this->db->show_error();
+ $casesql .= " WHEN '" . $ck . "' THEN '" . $this->db->escape_string($cv) . "' ";
}
+ $casesql .= 'END';
+
+ $value[] = $casesql;
+ } elseif ($v[0] == 'DATE_ADD') {
+
+ $value[] = '`' . $key . '` = DATE_ADD(`' . $key . '` , INTERVAL ' . $this->db->escape_string($v[1]) . ' DAY )';
+
+ } elseif ($v[0] == 'concat') {
+
+ $value[] = '`' . $key . '` = concat(`' . $key . '` , ",' . $this->db->escape_string($v[1]) . ' ")';
} else {
- $v = $this->FilterStr($v);
-
- $value[] = "`" . $key . "`='" . $this->db->escape_string($v) . "'";
+ $this->db->show_error();
}
+ } else {
+
+ $v = $this->FilterStr($v);
+
+ $value[] = "`" . $key . "`='" . $this->db->escape_string($v) . "'";
}
+
}
@@ -551,6 +557,13 @@
}
include(PLUS_PATH . 'dbstruct.cache.php');
$TableFullName = $this->def . $tablename;
+ /////获取表的字段
+
+ if (!isset($$TableFullName)) {
+ $this->error = '表结构缓存文件不存在';
+ return FALSE;
+ }
+
if (is_array($$TableFullName)) {
$fieldsArr = array_keys($$TableFullName);
}
--
Gitblit v1.9.0