mysql_query( $sqlstr );
foreach( $recs as $rec ) {
- $title = $rec->title."(".date("Y/m/d", toTimestamp($rec->starttime)).")";
- $sqlstr = "update mt_cds_object set metadata='dc:description=".$rec->description."' where dc_title='".$rec->path."'";
+ $title = mysql_real_escape_string($rec->title)."(".date("Y/m/d", toTimestamp($rec->starttime)).")";
+ $sqlstr = "update mt_cds_object set metadata='dc:description=".mysql_real_escape_string($rec->description)."' where dc_title='".$rec->path."'";
mysql_query( $sqlstr );
$sqlstr = "update mt_cds_object set dc_title='".$title."' where dc_title='".$rec->path."'";
mysql_query( $sqlstr );
if( file_exists( INSTALL_PATH . SPOOL . "/". $rrec->path ) ) {
// 予約完了
$rrec->complete = '1';
- if( MEDIATOMB_UPDATE) {
- $dbh = mysql_connect( DB_HOST, DB_USER, DB_PASS );
- if( $dbh !== false ) {
- $sqlstr = "use ".DB_NAME;
- mysql_query( $sqlstr );
- // 別にやらなくてもいいが
- $sqlstr = "set NAME utf8";
- mysql_query( $sqlstr );
- $sqlstr = "update mt_cds_object set metadata='dc:description=".$rrec->description."' where dc_title='".$rrec->path."'";
- mysql_query( $sqlstr );
- $sqlstr = "update mt_cds_object set dc_title='".$rrec->title."(".date("Y/m/d").")' where dc_title='".$rrec->path."'";
- mysql_query( $sqlstr );
+ if( defined(MEDIATOMB_UPDATE) ) {
+ if( MEDIATOMB_UPDATE ) {
+ $dbh = mysql_connect( DB_HOST, DB_USER, DB_PASS );
+ if( $dbh !== false ) {
+ $sqlstr = "use ".DB_NAME;
+ mysql_query( $sqlstr );
+ // 別にやらなくてもいいが
+ $sqlstr = "set NAME utf8";
+ mysql_query( $sqlstr );
+ $sqlstr = "update mt_cds_object set metadata='dc:description=".mysql_real_escape_string($rrec->description)."' where dc_title='".$rrec->path."'";
+ mysql_query( $sqlstr );
+ $sqlstr = "update mt_cds_object set dc_title='".mysql_real_escape_string($rrec->title)."(".date("Y/m/d").")' where dc_title='".$rrec->path."'";
+ mysql_query( $sqlstr );
+ }
}
- }
+ }
}
else {
// 予約失敗