:::
Tad Repair 維修通報
更新後變更維修狀態無法輸入回覆
我在我的網站上測試沒這種問題(也沒人反應過)
所以,應該不是程式問題
如果需要協助
請留下相關資訊吧,否則我也幫不上忙。
找到原因了 我去比對舊版正常的檔案
`fixed_status` = '{$fixed_content}' ,
`fixed_content` = '{$fixed_content}'
改為
`fixed_status` = '{$_POST['fixed_status']}' ,
`fixed_content` = '{$_POST['fixed_content']}'
問題應該出在變數宣告....名稱相同
$fixed_content = $myts->addSlashes($_POST['fixed_content']);
$fixed_content = $myts->addSlashes($_POST['fixed_status']);
目前正常了
感謝老師
還真的是bug...
不過這樣改不好,會有漏洞...
改成這樣吧:
//更新處理狀態
function update_tad_fixed($repair_sn = "")
{
global $xoopsDB, $xoopsUser, $TadUpFiles;
//取得使用者編號
$uid = ($xoopsUser) ? $xoopsUser->getVar('uid') : "";
$myts = MyTextSanitizer::getInstance();
$fixed_content = $myts->addSlashes($_POST['fixed_content']);
$fixed_status = $myts->addSlashes($_POST['fixed_status']);
$today = date("Y-m-d H:i:s", xoops_getUserTimestamp(time()));
$sql = "update `" . $xoopsDB->prefix("tad_repair") . "` set
`fixed_uid` = '{$uid}' ,
`fixed_date` = '{$today}' ,
`fixed_status` = '{$fixed_status}' ,
`fixed_content` = '{$fixed_content}'
where `repair_sn` = '$repair_sn'";
$xoopsDB->queryF($sql) or web_error($sql);
$DBV = get_tad_repair($repair_sn);
$unit_sn = $DBV['unit_sn'];
$unit = get_tad_repair_unit($unit_sn);
$msg = "";
$fixed_name = XoopsUser::getUnameFromId($uid, 1);
if (empty($fixed_name)) {
$fixed_name = XoopsUser::getUnameFromId($uid, 0);
}
$TadUpFiles->set_col('fixed_sn', $repair_sn);
$TadUpFiles->upload_file('fixed_img', 1280, 550, null, $fixed_content, true);
$title = sprintf(_MD_TADREPAIR_MAIL_FIXED_TITLE, $today, $DBV['repair_title']);
$content = sprintf(_MD_TADREPAIR_MAIL_FIXED_CONTENT, $fixed_name, $today, $DBV['repair_title'], "<a href='" . XOOPS_URL . "/modules/tad_repair/index.php?repair_sn={$repair_sn}'>" . XOOPS_URL . "/modules/tad_repair/index.php?repair_sn={$repair_sn}</a>");
$msg = SendEmail($DBV['repair_uid'], $title, $content);
redirect_header("index.php?repair_sn=$repair_sn", 3, $msg);
return $repair_sn;
}
