求各位帮忙看下
门户diy调用品牌空间 其中商品、商家、如何排除掉未审核的数据
或只排未审核的商品也可
以下代码怎么修改即可
如能解决感激不尽
<?php
define('CHARSET', 'GBK');
require '../source/class/class_xml.php';
require '../common.php';
$charset = $_GET['charset'] ? $_GET['charset'] : $_POST['charset'];
$model = $_GET['model'] ? $_GET['model'] : $_POST['model'];
if(strtoupper($charset) != CHARSET) {
foreach($POST as $key => $value) {
$POST[$key] = iconv($charset, CHARSET, $value);
}
foreach($GET as $key => $value) {
$GET[$key] = iconv($charset, CHARSET, $value);
}
}
$data = array('html'=>'', 'data'=>''); //初始化要返回数据
$sign = $_GET['sign'] ? $_GET['sign'] : $_POST['sign']; //获取客户端请求数据的签名
$clientid = $_GET['clientid'] ? $_GET['clientid'] : $_POST['clientid']; //客户端ID
$client = get_client_by_clientid($clientid); //得到客户端的相关信息
if(empty($client) || $client['key'] != $sign) { //客户端不存在
exit('CLIENT_NOT_EXISTS'); //直接返回失败
}
/*
*不使用签名机制
$datasign = ''; //数据签名
if(!empty($_POST)) {
unset($_POST['sign']); //删除签名参数,此参数不参加签名计算
$datasign = get_sign($_POST, $client['key']); //计算数据的签名
} else {
unset($_GET['sign']); //删除签名参数,此参数不参加签名计算
$datasign = get_sign($_GET, $client['key']); //计算数据的签名
}
if($datasign != $sign) { //签名不正确
exit('SIGN_ERROR'); //输入签名错误
}
*/
if($_POST['op'] == 'getdata') { //判断是否为请求数据列表
$datalist = $data = array();//数据列表
$wherearr = array(); //SQL 条件数组
$jointable = '';
//获取客户端POST参数
$start = intval($_POST['start']); //起始数据行数
$limit = intval($_POST['items']); //要显示多少条数
$bannedids = addslashes($_POST['bannedids']); //客户端屏蔽的IDS
$ids = addslashes(trim($_POST[$model.'ids']));
$catid = addslashes(trim($_POST['catid']));//处理参数1
$shopregionid = addslashes(trim($_POST['shopregionid']));
if($model != 'shop') {
$shopid = addslashes(trim($_POST['shopid']));
$shopcatid = addslashes(trim($_POST['shopcatid']));
}
$order = 'g.'.addslashes(trim($_POST['order']));
$sc = addslashes(trim($_POST['sc']));
!empty($ids) && $wherearr[] = "g.itemid IN ($ids)";
!empty($catid) && $wherearr[] = "g.catid IN ($catid)";
!empty($shopregionid) && $wherearr[] = $model == 'shop' ? "g.region IN ($shopregionid)" : "s.region IN ($shopregionid)";
if($model != 'shop') {
!empty($shopid) && $wherearr[] = "g.shopid IN ($shopid)";
!empty($shopcatid) && $wherearr[] = "s.catid IN ($shopcatid)";
$jointable = !empty($shopregionid) ? "LEFT JOIN ".DB::table('shopitems')." s ON g.shopid = s.itemid " : '';
}
//处理客户端屏蔽的IDS
if(!empty($bannedids)) {
$banids = explode(',', $bannedids);
$wherearr[] = "g.itemid NOT IN (".implode("','", $banids)."')";
}
$gooddec = $model=='good' ? ', g.priceo as price' : '';
$groupbuydec = $model=='groupbuy' ? ', g.groupbuypriceo as price' : '';
$shopdec = $model != 'shop' ? ', g.shopid as shopid' : '';
$shopdec .= ($model != 'shop' && !empty($shopregion)) ? ', s.* ' : $shopdec;
$userdec = $model == 'shop' ? ', g.username as username' : '';
$url = $_G['siteurl'];
$where = !empty($wherearr) ? 'WHERE '.implode(' AND ', $wherearr) : ''; //构造条件
$query = DB::query("SELECT g.itemid as id, g.subject as name, g.subjectimage as pic $userdec $gooddec $groupbuydec $shopdec FROM ".DB::table($model.'items')." g $jointable $where ORDER BY $order $sc LIMIT $start,$limit"); //SQL查询
while($value = DB::fetch($query)) {
if($value['pic'] == '') {
$value['pic'] = 'static/image/nophotosmall.gif';
} else {
$value['pic'] = 'attachments/'.$value['pic'];
}
if($model != 'good' && $model != 'groupbuy') {
$pricekey = '';
$value['price'] = '';
} else {
$pricekey = 'price';
}
$userkey = $model == 'shop' ? 'username' : '';
$t_url = $model != 'shop' ? ($url.'store.php?id='.$value['shopid'].'&action='.$model.'&xid='.$value['id']) : ($url.'store.php?id='.$value['id']);
$datalist[] = array(
'id' => $value['id'],
'title' => 'xml_block_title'.$value['id'],
'url' => $t_url,
'pic' => $url.$value['pic'],
'picflag' => '0',
'summary' => '',
'fields' => array(
'subject' => $value['name'],
'siteurl' => $url,
$pricekey => $value['price'],
$userkey => $value['username']
)
);
}
$data['data'] = $datalist;
$xml = array2xml($data); //转换为XML文档
} else if($_GET['op'] == 'getconfig') {
$xml = file_get_contents('xmlpost_setting_'.$model.'.xml');//block_xml_sample.xml文件中的内容为 配置规范XML文档示例 的内容
} else {
$xml = 'NO_OPERATION';
}
ob_end_clean();
@header("Expires: -1");
@header("Cache-Control: no-store, private, post-check=0, pre-check=0, max-age=0", FALSE);
@header("Pragma: no-cache");
header("Content-type: text/xml");
echo $xml;
exit();
/**
* 获得客户端信息
* @param $clientid
* @return array 客户端信息数组
*/
function get_client_by_clientid($clientid){
$client = array();
$clientid = intval($clientid);
if($clientid) {
$client = DB::fetch_first('SELECT * FROM '.DB::table('xml_client')." WHERE clientid='$clientid'"); //SQL查询
}
return $client;
}
/**
* 生成签名
* @param array $para 参数数组
* @param string $key 加密密钥
* @return string 签名
*/
function get_sign($para, $key = ''){
ksort($para);
$signarr = array();
foreach($para as $k => $v) {
$signarr[] = $k.'='.$v;
}
$sign = implode('&', $signarr);
$sign = md5($sign.$key);
return $sign;
}
?>
|
置顶卡
喧嚣卡
变色卡
千斤顶
显身卡