From 11f64f834d30701b4045465010982508e4118b45 Mon Sep 17 00:00:00 2001 From: Sushi-k Date: Mon, 13 Jul 2009 17:12:07 +0900 Subject: [PATCH] fixed: mysql_connect before mysql_real_escape_string --- programTable.php | 8 +++++--- recordedTable.php | 3 +++ 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/programTable.php b/programTable.php index d5633c4..fe0555b 100755 --- a/programTable.php +++ b/programTable.php @@ -11,7 +11,10 @@ $type = "*"; $category_id = 0; $station = 0; +// mysql_real_escape_stringより先に接続しておく必要がある +$dbh = @mysql_connect(DB_HOST, DB_USER, DB_PASS ); + // パラメータの処理 if(isset( $_POST['do_search'] )) { if( isset($_POST['search'])){ if( $_POST['search'] != "" ) { @@ -44,14 +47,13 @@ if(isset( $_POST['do_search'] )) { } } } - $options .= " ORDER BY starttime ASC LIMIT 300"; - $do_keyword = 0; if( ($search != "") || ($type != "*") || ($category_id != 0) || ($station != 0) ) $do_keyword = 1; - + try{ + $precs = DBRecord::createRecords(TBL_PREFIX.PROGRAM_TBL, $options ); $programs = array(); diff --git a/recordedTable.php b/recordedTable.php index fc48d62..3f8c7bb 100755 --- a/recordedTable.php +++ b/recordedTable.php @@ -8,6 +8,9 @@ $search = ""; $category_id = 0; $station = 0; +// mysql_real_escape_stringより先に接続しておく必要がある +$dbh = @mysql_connect( DB_HOST, DB_USER, DB_PASS ); + #$options = "WHERE complete='1'"; $options = "WHERE starttime < '". date("Y-m-d H:i:s")."'"; // ながら再生は無理っぽい? -- 2.11.0