Mercurial > defr > DualBlog
comparison tb.php @ 65:434751e80c88
Utilisation de la classe Requete dans tb.php
Cela permet de gérer automatiquement l'ajout des quotes si on a pas de
magic_quotes notamment, empechant les injections SQL :-)
| author | Franck Deroche <webmaster@defr.org> |
|---|---|
| date | Tue, 11 Mar 2008 16:33:07 +0100 |
| parents | 629389204276 |
| children | e43b756548b4 |
comparison
equal
deleted
inserted
replaced
| 64:d4f26e9767bf | 65:434751e80c88 |
|---|---|
| 1 <?php | 1 <?php |
| 2 header("Content-Type: text/xml"); | 2 header("Content-Type: text/xml"); |
| 3 echo("<?xml version='1.0' encoding='utf-8'?>"); | 3 echo("<?xml version='1.0' encoding='utf-8'?>"); |
| 4 include("classes.php"); | 4 require_once("classes.php"); |
| 5 $Req = new Requete(); | |
| 5 $id = $_GET['id']; | 6 $id = $_GET['id']; |
| 6 $Data->Query("SELECT * FROM Messages WHERE num_mess=$id"); | 7 $Data->Query("SELECT * FROM Messages WHERE num_mess=$id"); |
| 7 $post_infos = $Data->GetRow(); | 8 $post_infos = $Data->GetRow(); |
| 8 $titre = array_key_exists("title", $_POST)?$_POST['title']:"Undefined"; | 9 $titre = $Req->Get('title', 'POST', 'Undefined'); |
| 9 $url = array_key_exists("url", $_POST)?$_POST['url']:"#"; | 10 $url = $Req->Get('url', 'POST', '#'); |
| 10 $info = array_key_exists("__info", $_POST)?$_POST['__info']:-1; | 11 $info = $Req->Get('__info', 'POST', -1); |
| 11 if($info == 1) { | 12 if($info == 1) { |
| 12 $error = 0; | 13 $error = 0; |
| 13 $message = "Some informations"; | 14 $message = "Some informations"; |
| 14 } else if($url == "#") { | 15 } else if($url == "#") { |
| 15 $error = 1; | 16 $error = 1; |