Jelajahi Sumber

fleat:update table name

igb 4 minggu lalu
induk
melakukan
46376f68f3
1 mengubah file dengan 18 tambahan dan 17 penghapusan
  1. 18 17
      system/products.php

+ 18 - 17
system/products.php

@@ -7,18 +7,18 @@ checkLogin("信息管理");
 
 // Initialize all variables to avoid undefined warnings
 $act = isset($_GET['act']) ? $_GET['act'] : '';
-$product_name = isset($_POST['ProductName']) ? htmlspecialchars($_POST['ProductName']) : '';
-$product_img = isset($_POST['ProductImg']) ? htmlspecialchars($_POST['ProductImg']) : '';
-$unit = isset($_POST['unit']) ? htmlspecialchars($_POST['unit']) : '';
-$moq = isset($_POST['moq']) ? htmlspecialchars($_POST['moq']) : '';
+$product_name = isset($_POST['ProductName']) ? htmlspecialcharsFix($_POST['ProductName']) : '';
+$product_img = isset($_POST['ProductImg']) ? htmlspecialcharsFix($_POST['ProductImg']) : '';
+$unit = isset($_POST['unit']) ? htmlspecialcharsFix($_POST['unit']) : '';
+$moq = isset($_POST['moq']) ? htmlspecialcharsFix($_POST['moq']) : '';
 $nosale = isset($_POST['nosale']) ? $_POST['nosale'] : array();
 $num = isset($_POST['num']) ? $_POST['num'] : array();
 $price = isset($_POST['price']) ? $_POST['price'] : array();
-$note = isset($_POST['note']) ? htmlspecialchars($_POST['note']) : '';
-$tips = isset($_POST['tips']) ? htmlspecialchars($_POST['tips']) : '';
+$note = isset($_POST['note']) ? htmlspecialcharsFix($_POST['note']) : '';
+$tips = isset($_POST['tips']) ? htmlspecialcharsFix($_POST['tips']) : '';
 $page = isset($_GET['Page']) ? $_GET['Page'] : 1;
 $keys = isset($_GET['Keys']) ? urlencode($_GET['Keys']) : '';
-$keyscode = isset($_GET['Keys']) ? htmlspecialchars($_GET['Keys']) : '';
+$keyscode = isset($_GET['Keys']) ? htmlspecialcharsFix($_GET['Keys']) : '';
 
 // Handle form submissions and redirects before any output
 if ($act == 'save') {
@@ -149,13 +149,14 @@ if ($act == 'add' || $act == 'edit') {
                 FROM products WHERE id = " . $id;
         $result = mysqli_query($conn, $sql);
         if ($row = mysqli_fetch_assoc($result)) {
-            $product_name = htmlspecialchars($row['ProductName']);
-            $product_img = htmlspecialchars($row['ProductImg']);
-            $unit = htmlspecialchars($row['unit']);
-            $moq = htmlspecialchars($row['moq']);
+
+            $product_name = htmlspecialcharsFix($row['ProductName']);
+            $product_img = htmlspecialcharsFix($row['ProductImg']);
+            $unit = htmlspecialcharsFix($row['unit']);
+            $moq = htmlspecialcharsFix($row['moq']);
             $nosale = $row['nosale'];
-            $note = htmlspecialchars($row['note']);
-            $tips = htmlspecialchars($row['tips']);
+            $note = htmlspecialcharsFix($row['note']);
+            $tips = htmlspecialcharsFix($row['tips']);
         }
     }
     
@@ -239,7 +240,7 @@ if ($act == 'add' || $act == 'edit') {
                                 ?>
                                 <li>
                                     <input type="hidden" name="nosale[]" value="<?php echo $area_row['id']; ?>">
-                                    <span class="cname"><?php echo htmlspecialchars($area_row['countryName']); ?></span>
+                                    <span class="cname"><?php echo htmlspecialcharsFix($area_row['countryName']); ?></span>
                                     <span class="close"></span>
                                 </li>
                                 <?php
@@ -309,8 +310,8 @@ if ($act == 'add' || $act == 'edit') {
                     <tr onMouseOver="this.style.background='#F7FCFF'" onMouseOut="this.style.background='#FFFFFF'">
                         <td align="center"><input type="checkbox" name="chkbox[]" value="<?php echo $row['id']; ?>" /></td>
                         <td align="center"><?php echo $temp_num; ?></td>
-                        <td align="center"><?php echo htmlspecialchars($row['ProductName']); ?></td>
-                        <td align="center"><img src="<?php echo htmlspecialchars($row['ProductImg']); ?>" width="80px"></td>
+                        <td align="center"><?php echo htmlspecialcharsFix($row['ProductName']); ?></td>
+                        <td align="center"><img src="<?php echo htmlspecialcharsFix($row['ProductImg']); ?>" width="80px"></td>
                         <td align="center">
                             <a href="?Keys=<?php echo $keys; ?>&Page=<?php echo $page; ?>&act=edit&id=<?php echo $row['id']; ?>" class="ico_edit ico">修改</a>
                         </td>
@@ -321,7 +322,7 @@ if ($act == 'add' || $act == 'edit') {
                 ?>
                 <tr>
                     <td colspan="9" align="center">
-                        <?php echo empty($keys) ? 'Sorry,当前暂无信息' : '<a href="?">Sorry,没有找到"' . htmlspecialchars($keyscode) . '"相关的信息,点击返回</a>'; ?>
+                        <?php echo empty($keys) ? 'Sorry,当前暂无信息' : '<a href="?">Sorry,没有找到"' . htmlspecialcharsFix($keyscode) . '"相关的信息,点击返回</a>'; ?>
                     </td>
                 </tr>
                 <?php