未过滤
先看写入代码: /var/www/html/thinksaas/app/my/action/setting.php
``` case "citydo":
$province = trim($_POST['province']);
$city = trim($_POST['city']);//只过滤两处空白
//这里就直接写入数据库了 $new['my']->update('user_info',array( 'userid'=>$userid, ),array(
'province'=>$province,
'city'=>$city,
));
tsNotice("常居地更新成功!");
break;
```
Update:
``
public function update($table, $conditions, $row) {
$where = "";
if (empty ( $row ))
return FALSE;
if (is_array ( $conditions )) {
$join = array ();
foreach ( $conditions as $key => $condition ) {
$condition = $this->escape ( $condition );
$join [] = "
{$key}= {$condition}";
}
$where = "WHERE " . join ( " AND ", $join );
} else {
if (null != $conditions)
$where = "WHERE " . $conditions;
}
foreach ( $row as $key => $value ) {
$value = $this->escape ( $value ); //只做了转义
//$vals [] = "
$key` = $value";
$vals [] = "{$key} = {$value}";
}
$values = join ( ", ", $vals );
$sql = "UPDATE " . dbprefix . "{$table} SET {$values} {$where}";
return $this->db->query ( $sql );
}
```
再来看取出: /var/www/html/thinksaas/app/user/class.user.php
``` //获取一个用户的信息 function getOneUser($userid){
$strUser = $this->find('user_info',array(
'userid'=>$userid,
));
if($strUser){
$strUser['username'] = tsTitle($strUser['username']);
if($strUser['face'] && $strUser['path']){
$strUser['face'] = tsXimg($strUser['face'],'user',120,120,$strUser['path'],1);
}elseif($strUser['face'] && $strUser['path']==''){
$strUser['face'] = SITE_URL.'public/images/'.$strUser['face'];
}else{
//没有头像
$strUser['face'] = SITE_URL.'public/images/user_large.jpg';
}
}else{
$strUser = '';
}
return $strUser; //没任何过滤
}
```