Mercurial > hg > ywww

comparison xml/getAmazonInfo.php @ 25:828895488948

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
more db column protection
author Robert Boland <robert@markup.co.uk>
date Tue, 01 Jan 2019 07:30:05 -0500
parents d606320ec331
children 4124f103b46b
comparison
equal deleted inserted replaced
24:341d8c681357 25:828895488948
307 if($dewey == "") 307 if($dewey == "")
308 $dewey = "null"; 308 $dewey = "null";
309 $imageURL = $xml->Items->Item[0]->MediumImage->URL; 309 $imageURL = $xml->Items->Item[0]->MediumImage->URL;
310 $salesRank = $xml->Items->Item[0]->SalesRank; 310 $salesRank = $xml->Items->Item[0]->SalesRank;
311 $pubDate = $xml->Items->Item[0]->ItemAttributes->PublicationDate; 311 $pubDate = $xml->Items->Item[0]->ItemAttributes->PublicationDate;
312 if (strlen($pubDate)==4) { $pubDate=$pubDate."-01-01";}
313 if (strlen($pubDate)==7) { $pubDate=$pubDate."-01";}
314 if (strlen($pubDate)==0) {
315 $pubDate="null";
316 }
317 else {
318 $pubDate="\"$pubDate\"";
319 }
312 $publisher = $xml->Items->Item[0]->ItemAttributes->Publisher; 320 $publisher = $xml->Items->Item[0]->ItemAttributes->Publisher;
321 if ($publisher and strlen($publisher)>30) {
322 $publisher=substr($publisher,0,30);
323 }
324 if ($author and strlen($author)>30) {
325 $author=substr($author,0,30);
326 }
327 if ($title and strlen($title)>100) {
328 $title=substr($title,0,100);
329 }
330 $publisher=mysqli_real_escape_string($link,$publisher);
331 $author=mysqli_real_escape_string($link,$author);
332 $title=mysqli_real_escape_string($link,$title);
313 } 333 }
314 else { 334 else {
315 $title = $salesRank = ""; 335 $title = $salesRank = "";
316 $dewey = "null"; 336 $dewey = "null";
317 } 337 }
373 $salesRank = "null"; 393 $salesRank = "null";
374 394
375 $title = strtr($title, '"', "'"); 395 $title = strtr($title, '"', "'");
376 include "../../private/db.php"; 396 include "../../private/db.php";
377 $review1 = mysqli_real_escape_string($link,$review1); 397 $review1 = mysqli_real_escape_string($link,$review1);
398 if (strlen($review1)>500) { $review1=substr($review1,0,500);}
378 $review2 = mysqli_real_escape_string($link,$review2); 399 $review2 = mysqli_real_escape_string($link,$review2);
400 if (strlen($review2)>500) { $review2=substr($review2,0,500);}
379 $review3 = mysqli_real_escape_string($link,$review3); 401 $review3 = mysqli_real_escape_string($link,$review3);
402 if (strlen($review3)>500) { $review3=substr($review3,0,500);}
380 403
381 if($title != "") 404 if($title != "")
382 { 405 {
383 $queryInsert = "CALL b_addNewBook(\"$searchparameterdata\",\"$title\", \"$author\",\"$binding\",\"$imageURL\", $dewey, $salesRank,\"$pubDate\",\"$publisher\",$g1,$g2,$g3,$loc)"; 406 $queryInsert = "CALL b_addNewBook(\"$searchparameterdata\",\"$title\", \"$author\",\"$binding\",\"$imageURL\", $dewey, $salesRank,\"$pubDate\",\"$publisher\",$g1,$g2,$g3,$loc)";
384 //echo $queryInsert; 407 //echo $queryInsert;
408
409 $res = mysqli_query($link, $queryInsert);
410 if (!$res) {
411 $err=mysqli_error( $link );
412 mysqli_close($link);
413 file_put_contents('/var/ywww/debug/phpDebug',
414 "anb failed: $err, $pubDate, $g2, $publisher, $title\n",
415 FILE_APPEND);
416 exit($err);
417 }
385 $queryInsertReviews = "CALL b_insertReviews(\"$searchparameterdata\",\"$review1\",\"$review2\",\"$review3\")"; 418 $queryInsertReviews = "CALL b_insertReviews(\"$searchparameterdata\",\"$review1\",\"$review2\",\"$review3\")";
386 419 if($review1 != "" && $review2 != "" && $review3 != "") {
387 $resG = mysqli_query($link, $queryInsert) or exit( mysqli_error( $link )); 420 $res = mysqli_query($link, $queryInsertReviews);
388 if($review1 != "" && $review2 != "" && $review3 != "") 421 if (!$res) {
389 $resG = mysqli_query($link, $queryInsertReviews) or exit( mysqli_error( $link )); 422 $err=mysqli_error( $link );
390 423 mysqli_close($link);
424 file_put_contents('/var/ywww/debug/phpDebug',
425 "anr failed: $err, $pubDate, $g2, $publisher, $title\n",
426 FILE_APPEND);
427 exit($err);
428 }
429 }
391 mysqli_close($link); //do not remove. reset is needed otherwise mysqli_fetch_array doesn't work after first loop 430 mysqli_close($link); //do not remove. reset is needed otherwise mysqli_fetch_array doesn't work after first loop
392 } 431 }
393 432
394 echo $output; 433 echo $output;
395 } 434 }