&pgid();
11·î¤«¤é¿·¤·¤¯Æþ¼Ò¤·¤¿¾®¾Â¤Ç¤¹¡£¸½ºß¸¦½¤Ãæ¤ÇPHP¤ÎÊÙ¶¯¤ò¤·¤Æ¤¤¤Þ¤¹¡£
ÀèÆü¡¢¸¦½¤¤Î°ì´Ä¤È¤·¤Æ¡ÖSmarty¤ÈPearDB¤òÍøÍѤ·¤¿·Ç¼¨ÈġפòºîÀ®¤·¤Þ¤·¤¿¡£
¼«Ê¬¤ÎƬ¤ÎÃæ¤òÀ°Íý¤¹¤ë°ÕÌ£¤â¤³¤á¤Æ¡¢¤³¤³¤Ë¤½¤ÎÀ®²Ì¤Î°ìÉô¤òȯɽ¤·¤¿¤¤¤È»×¤¤¤Þ¤¹¡£
#blikimore
**Ìܼ¡ [#nce29998]
#contents();
**³µÍ× [#ffc248be]
***´Ä¶ [#sf8649dd]
Æ°ºî´Ä¶ : Linux
Web¥µ¡¼¥Ð : Apache
³«È¯¸À¸ì : PHP
DB : MySQL
»ÈÍѤ·¤¿¥é¥¤¥Ö¥é¥ê¤Ê¤É : Smarty¡¢PearDB
³«È¯¤ÏWindows¥Þ¥·¥ó¤«¤éSSH¤ÇLinux¤Ë¤Ä¤Ê¤®¡¢¤ª¤³¤Ê¤¤¤Þ¤·¤¿¡£
***¥·¥¹¥Æ¥à¹½À® [#z45c15bc]
ºîÀ®¤·¤¿¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤Ï°Ê²¼¤Î¤è¤¦¤Ê¹½À®¤Ë¤Ê¤ê¤Þ¤·¤¿¡£
smarty_board
¨§ js
¨¢ ¨¦ smarty_board.js --list.tplÆâ¤ÇÍøÍѤ¹¤ëjavaScript
¨§ templates
¨¢ ¨¦ list.tpl --²èÌ̤Υƥó¥×¥ì¡¼¥È
¨§ article_dao.php --¥Ç¡¼¥¿¥¢¥¯¥»¥¹¥ª¥Ö¥¸¥§¥¯¥È
¨§ list.php --list.tpl¤ËÊÑ¿ô¤òÀßÄꤹ¤ë¥â¥¸¥å¡¼¥ë
¨§ paging_manager.php --¥Ú¡¼¥¸¥ó¥°´ÉÍý¤ò¤ª¤³¤Ê¤¦¥¯¥é¥¹
¨¦ submit_new_article.php --¿·µ¬Åê¹Æ¤ò¹Ô¤¦¥¯¥é¥¹
**º¤¤Ã¤¿ÅÀ [#k07e5025]
***Smarty¤Èjavascript [#j6accfa2]
¥Æ¥ó¥×¥ì¡¼¥È¥Õ¥¡¥¤¥ë¤ÎÃæ¤Ç¤ÏÃæ³ç¸Ì{}¤¬Í½Ìó¸ì¤È¤·¤Æ°·¤ï¤ì¤Þ¤¹¡£¤½¤Î¤¿¤á¥Æ¥ó¥×¥ì¡¼¥ÈÆâ¤Ë°Ê²¼¤Î¤è¤¦¤Êµ½Ò¤ò¤¹¤ë¤È¥¨¥é¡¼¤Ë¤Ê¤Ã¤Æ¤·¤Þ¤¤¤Þ¤¹¡£
function addPageNum(num) {
document.list_form.page_num.value
= new Number(document.list_form.page_num.value) + num;
}
²óÈòÊýË¡¤È¤·¤Æ¤Ï°Ê²¼¤ÎÆó¤Ä¤¬¤¢¤ê¤Þ¤¹¡£
-javascript¤Ï³°Éô¥Õ¥¡¥¤¥ë¤Ëµ½Ò¤¹¤ë¡£
-Smarty¤ÎÃæ³ç¸Ì¤¬»ý¤Ã¤Æ¤¤¤ëµ¡Ç½¤ò¾¤Îµ¹æ¤Ë³ä¤êÅö¤Æ¤ë¡£¡Ê°Ê²¼Îã¡Ë
$smarty->left_delimiter = '<!--{';
$smarty->right_delimiter = '}-->';
¤Á¤Ê¤ß¤Ë»ä¤ÏÁ°¼Ô¤ÎÊýË¡¤ò¼è¤ê¤Þ¤·¤¿¡£
- ¤â¤¦1¤Ä¡¢javascript¤ÎÉôʬ¤ò{literal}{/literal}¤Ç°Ï¤à¤È¤¤¤¦É½µË¡¤¬¤¢¤ê¤Þ¤¹¡£(by Ãݼ on 06/11/13)
-- http://sky.freespace.jp/smarty/SmartyManual_2-6-6J_html/language.function.literal.html
-- http://www.irisdti-jp.com/web/
***ʸ»ú²½¤± [#t08c9daa]
»Ï¤á¤ÏHTML¤Î¥¨¥¹¥±¡¼¥×¤ò¡¢Smarty¤Îµ¡Ç½¤ò»È¤¤¥Æ¥ó¥×¥ì¡¼¥È¤ÎÃæ¤Ç°Ê²¼¤Î¤è¤¦¤Ë¤ä¤í¤¦¤È»×¤¤¤Þ¤·¤¿¡£
<td>{$article.name|escape:"htmlall"}</td>
¤½¤·¤¿¤éʸ»ú²½¤±¤¹¤ë¤è¤¦¤Ë¤Ê¤Ã¤Æ¤·¤Þ¤Ã¤¿¤Î¤Ç¡¢¥Æ¥ó¥×¥ì¡¼¥È¤ò¼¡¤Î¤è¤¦¤Ë½¤Àµ¤·¡¢
<td>{$article.name}</td>
phpÆâ¤Ç°Ê²¼¤Î´Ø¿ô¤ò»È¤Ã¤Æ¥¨¥¹¥±¡¼¥×¤¹¤ë¤³¤È¤Ë¤·¤Þ¤·¤¿¡£
function escape($str) {
return nl2br(htmlentities($str, ENT_QUOTES, 'EUC-JP'));
}
***\n¤È'(¥·¥ó¥°¥ë¥¯¥©¡¼¥Æ¡¼¥·¥ç¥ó) [#u091fe98]
ÆþÎϤµ¤ì¤¿Ãͤò¤½¤Î¤Þ¤ÞDB¤ËÅÐÏ¿¤¹¤ë¤È¤¤¤í¤¤¤íÌäÂ꤬ȯÀ¸¤·¤Þ¤¹¡£Î㤨¤Ð¡Ö\n¡×¤¬ÆþÎϤµ¤ì¤ë¤È¡¢²þ¹Ô¤µ¤ì¤Æɽ¼¨¤µ¤ì¤Æ¤·¤Þ¤¤¤Þ¤¹¡£¤â¤Ã¤È¤Ò¤É¤¤¤Î¤Ï¡Ö'¡Ê¥·¥ó¥°¥ë¥¯¥©¡¼¥Æ¡¼¥·¥ç¥ó¡Ë¡×¤òÆþÎϤµ¤ì¤¿¾ì¹ç¤Ç¤¹¡£SQL¥¤¥ó¥¸¥§¥¯¥·¥ç¥ó¤¬²Äǽ¤Ë¤Ê¤Ã¤Æ¤·¤Þ¤¤¤Þ¤¹¡£¤µ¤¤¤ï¤¤PHP¤Ë¤Ï
addslashes()
¤È¤¤¤¦ÊØÍø¤Ê´Ø¿ô¤¬¤¢¤ë¤Î¤Ç¡¢´Êñ¤ËÂбþ¤Ç¤¤Þ¤¹¡£
2006/11/09 Äɵ ¾å¤ÎSQL¥¤¥ó¥¸¥§¥¯¥·¥ç¥óÂкö¤Ç¤Ï´°Á´¤Ç¤Ï¤Ê¤¤¤è¤¦¤Ç¤¹¡£
http://d.hatena.ne.jp/hoshikuzu/20060211#P20060211PHPSQLINJECTION
2007/10/25 Äɵ ¾å¤ÎSQL¥¤¥ó¥¸¥§¥¯¥·¥ç¥óÂкö¤Ç¤Ï´°Á´¤Ç¤Ï¤Ê¤¤¤è¤¦¤Ç¤¹¡£
http://www.irisdti-jp.com/web/
**¥½¡¼¥¹ [#g1df0ee8]
***list.tpl [#g3a926a4]
<html>
<head>
<meta http-equiv="content-type" content="text/html;charset=EUC-JP ">
<title>¥¹¥Þ¡¼¥Æ¥£¡¼¤òÍøÍѤ·¤¿·Ç¼¨ÈÄ</title>
<script language="javascript" src= "./js/smarty_board.js" ></script>
</head>
<body>
<center>¥¹¥Þ¡¼¥Æ¥£¡¼¤òÍøÍѤ·¤¿·Ç¼¨ÈÄ</center>
<!-- ÆþÎÏÉôʬ -->
<form action="submit_new_article.php" name="submit_form" method="POST" >
<table align="center">
<tr>
<td>̾Á°</td>
<td><input type="text" name="name" size="40"></td>
</tr>
<tr>
<td>ÆâÍÆ</td>
<td><textarea name="message" rows="6" cols="70" ></textarea></td>
</tr>
<tr>
<td><input type="submit" value="¿·µ¬Åê¹Æ" /></td>
</tr>
</table>
</form>
<!-- °ìÍ÷Éôʬ -->
<form action="list.php" name="list_form" method="POST" >
<input type="submit" value="Á°¤Ø" {$is_prev_disabled} onclick="addPageNum(-1);" />
<input type="submit" value="¼¡¤Ø" {$is_next_disabled} onclick="addPageNum(1);" />
{$page_num} / {$page_count}
<input type="hidden" name="page_num" value="{$page_num}" />
{foreach from=$articles item=article}
<hr>
<table>
<tr>
<td>̾Á°¡§</td>
<!--<td>{$article.name|escape:"htmlall"}</td>-->
<td>{$article.name}</td>
</tr>
<tr>
<td nowrap>Åê¹ÆÆü»þ¡§</td>
<td>{$article.date|date_format:"%Y/%m/%d %H:%M:%S"}</td>
</tr>
<tr>
<td>ÆâÍÆ¡§</td>
<td>{$article.message}</td>
</tr>
</table>
{/foreach}
<hr>
<input type="submit" value="Á°¤Ø" {$is_prev_disabled} onclick="addPageNum(-1);" />
<input type="submit" value="¼¡¤Ø" {$is_next_disabled} onclick="addPageNum(1);" />
{$page_num} / {$page_count}
</form>
</body>
</html>
***list.php [#c12499f7]
<?php
require_once('Smarty.class.php');
require('paging_manager.php');
//¸¡º÷
$pager = new PagingManager(getPageNum());
$result = $pager->getArticles();
//²èÌÌÍѤΥꥹ¥È¤ËµÍ¤áÂؤ¨¤ë¡£
$articles = array();
foreach ($result as $row){
$articles[sizeof($articles)]
= array(name=>escape($row[1]), date=>$row[2], message=>escape($row[3]) );
}
//¥¹¥Þ¡¼¥Æ¥£¡¼¤ÎÀßÄê
$smarty = new Smarty;
$smarty->assign('articles', $articles);
$smarty->assign('page_num', getPageNum());
$smarty->assign('page_count', $pager->getPageCount());
if (!$pager->hasPrevPage() ) {
$smarty->assign('is_prev_disabled', 'disabled');
}
if (!$pager->hasNextPage()) {
$smarty->assign('is_next_disabled', 'disabled');
}
$smarty->template_dir = './templates/';
$smarty->display('list.tpl');
function getPageNum(){
$page_num = (int) $_POST[page_num];
if ($page_num <= 1){
$page_num = 1;
}
return $page_num;
}
function escape($str) {
return nl2br(htmlentities($str, ENT_QUOTES, 'EUC-JP'));
}
?>
***submit_new_article.php [#r21ca826]
<?php
require('article_dao.php');
//²èÌ̤«¤é¤Î¾ðÊó¤ò¼èÆÀ¤¹¤ë¡£
$article = array();
$article[name] = addslashes($_POST[name]);
$article[message] = addslashes($_POST[message]);
//DB¤Ø¤ÎÅÐÏ¿½èÍý¤ò¤ª¤³¤Ê¤¦¡£
$dao = New ArticleDao;
$dao -> registArticle($article);
//¥ê¥À¥¤¥ì¥¯¥È
header("Location: http://carrot.ark-web.jp/~konuma/smarty_board/list.php");
header("Location:http://www.irisdti-jp.com/playonline/);
?>
***paging_manager.php [#a7afbe30]
<?php
require('article_dao.php');
define('PAGE_COUNT', 5);
class PagingManager {
var $current_page_num;
var $articles;
function PagingManager($page_num) {
$this->current_page_num = $page_num;
$dao = new ArticleDao;
$this->articles = $dao->getArticles();
}
function getArticles() {
$limit_from = (PAGE_COUNT * $this->current_page_num) - PAGE_COUNT;
$limit_to = $limit_from + PAGE_COUNT -1;
$index = 0;
$part_of_articles = array();
while($row =& $this->articles->fetchRow()){
if( $limit_from <= $index && $index <= $limit_to ) {
$part_of_articles[sizeof($part_of_articles)] = $row;
}
$index++;
}
return $part_of_articles;
}
function hasPrevPage() {
return ( $this->current_page_num > 1 );
}
function hasNextPage() {
return ( $this->current_page_num * PAGE_COUNT < $this->articles->numRows() );
}
function getPageCount() {
return ceil($this->articles->numRows() / PAGE_COUNT);
}
}
?>
***article_dao.php [#nf2ddffb]
<?php
require('DB.php');
class ArticleDao {
//°ì·ï¤ÎÅê¹Æ¤òDB¤ËÅÐÏ¿¤¹¤ë¡£
function registArticle($article) {
//¥³¥Í¥¯¥·¥ç¥ó
$dsn = "mysql://root:@localhost/konuma_training";
$db = DB :: connect($dsn, true);
//sqlʸ¤ÎºîÀ®
$sql = "insert into articles(
submitter_name
,submit_date
,message
) values (
?
,sysdate()
,?
)";
//SQL¤Î¼Â¹Ô
$db->query($sql, array($article[name], $article[message]));
//¥³¥Í¥¯¥·¥ç¥ó¤Î³«Êü
$db -> disconnect();
}
//DB¤è¤ê½ñ¤¹þ¤ß¤ò¼èÆÀ¤¹¤ë¡£
function getArticlesLimit($limit_from, $count){
//¥³¥Í¥¯¥·¥ç¥ó
$dsn = "mysql://root:@localhost/konuma_training";
$db = DB :: connect($dsn, true);
//sqlʸ¤ÎºîÀ®
$sql = "select * from articles order by id desc";
//SQL¤Î¼Â¹Ô
$result = $db->limitQuery($sql, $limit_from, $count);
//¥³¥Í¥¯¥·¥ç¥ó¤Î³«Êü
$db -> disconnect();
return $result;
}
//DB¤è¤ê½ñ¤¹þ¤ß¤ò¼èÆÀ¤¹¤ë¡£
function getArticles(){
//¥³¥Í¥¯¥·¥ç¥ó
$dsn = "mysql://root:@localhost/konuma_training";
$db = DB :: connect($dsn, true);
//sqlʸ¤ÎºîÀ®
$sql = "select * from articles order by id desc";
//SQL¤Î¼Â¹Ô
$result = $db->query($sql);
//¥³¥Í¥¯¥·¥ç¥ó¤Î³«Êü
$db -> disconnect();
return $result;
}
}
?>
2006/11/09 °ìÉô½¤Àµ ¥¤¥ó¥µ¡¼¥È»þ¤Ë¥Ö¥ì¡¼¥¹¥Û¥ë¥À¤ò»ÈÍѤ¹¤ë¤è¤¦¤Ë½¤Àµ¤·¤Þ¤·¤¿¡£
***smarty_board.js [#vd9922dc]
function addPageNum(num) {
document.list_form.page_num.value = new Number(document.list_form.page_num.value) + num;
}
#blikifooter(¾®¾Â);
![[ARK-Web SandBox]](image/sandbox.gif "[ARK-Web SandBox]")
