0
我有一個bizare問題,我有一個腳本,在網站上的其他地方工作,但現在拒絕爲我工作。這個問題是唯一的IE瀏覽器,它在Mozilla中正常工作。 下面的形式:
<form class="element_form" action="general_image.php" method="post">
<?php generate_input('hidden', '', 'id', $id);?>
<input type="image" src="../images/delete.gif" name="action" value="delete" class="button" />
<input type="image" src="../images/tick.gif" name="action" value="active_switch" class="button" />
</form>
下面是應該工作的代碼:
<?php
include('header.php');
$db->connect();
$table = 'general_image';
$page = 'general';
$region = $_SESSION['region'];
$action = $secure->secure_string($_REQUEST['action']);
$id = $secure->secure_string($_POST['id']);
$max_active = 1;
if($action == 'active_switch' || $action == 'delete'){
$response = array();
$response['action'] = $action;
$response['id'] = $id;
if($action == 'active_switch'){
$query = 'SELECT * FROM general WHERE region = "' . $region . '"';
$result = mysql_query($query);
if(!$result) {
$utility->fail($action, 'query error: ' . $query);
}else{
$row = mysql_fetch_assoc($result);
$already_active = false;
$active = '';
if($id == $row['fifi']){
$already_active = true;
}
$active .= $row['fifi'];
$response['results'] = $active;
if(!$already_active){
$update = '';
$active = '';
$update .= 'fifi="' . $id . '"';
$active .= $id;
$query = 'UPDATE general SET ' . $update . ' WHERE region = "' . $region . '"';
$response['results'] = $active;
}else{
$utility->redirect($page . '.php');
}
}
}elseif($action == 'delete') {
$query = "DELETE FROM $table WHERE id=" . $id;
}
echo $query . "hello";
if(!mysql_query($query)) {
$utility->fail($action, 'query error: ' . $query);
}
如果有人能告訴我,我做錯了什麼,將是巨大的。由於
編輯
$action = $secure->secure_string does the following:
function secure_string($string)
{
return (strip_tags(addslashes(mysql_real_escape_string(stripslashes($string)))));
}
這個函數做什麼$ secure-> secure_string? – 2009-06-23 08:54:57
我發起了這個可能很有趣的論壇帖子:http://www.webmasterworld.com/html/3342151.htm – balpha 2009-06-23 08:57:05