下面这段代码怎么进行htmlentities()之类的html过滤
应该是过滤keyword,就是把用户输入的搜索内容过滤掉html代码
麻烦知道的大哥直接给代码,小弟不怎么懂php,谢谢了
public function search()<br /> {<br /> global $_FANWE;<br /><br /> $page_args = array(<br /> 'city_py' => CURRENT_CITY_PY,<br /> 'sort' => trim($_FANWE['request']['sort']),<br /> 'keyword' => trim($_FANWE['request']['keyword']),<br /> );<br /><br /> $keyword = '';<br /> if(!empty($page_args['keyword']))<br /> {<br /> $page_args['keyword'] = urldecode($page_args['keyword']);<br /> $keyword = &$page_args['keyword'];<br /><br /> $keyword_query = clearSymbol($page_args['keyword']);<br /> if(!empty($keyword_query))<br /> {<br /> $search_txt = clearRepeat($keyword_query);<br /> $keyword_query = segmentToUnicode($keyword_query,'+');<br /> $fields = ",MATCH (gm.content) AGAINST ('$keyword_query') AS similarity ";<br /> $where.=" WHERE MATCH (gm.content) AGAINST ('$keyword_query' IN BOOLEAN MODE)";<br /> }<br /> else<br /> $keyword = '';<br /> }<br /><br /> if(!empty($keyword))<br /> {<br /> $insert_sort = 'gk.cr_sort ASC';<br /><br /> $city_name = $_FANWE['current_city']['name'];<br /><br /> if(CURRENT_CITY_PY == CHINA_CITY_PY)<br /> {<br /> //全国不包含所有城市商品时<br /> if($_FANWE['setting']['all_city'] == 0)<br /> {<br /> $where.= " AND gk.city = '$city_name'";<br /> }<br /> else<br /> $insert_sort = 'gk.r_sort ASC';<br /> }<br /> elseif(CURRENT_CITY_PY != '')<br /> {<br /> //城市显示全国商品时<br /> if($_FANWE['setting']['index_all'] == 1)<br /> {<br /> $fields .= ",(gk.city = '$city_name') as is_now_city";<br /> $insert_sort = 'is_now_city DESC,'.$insert_sort;<br /> $quanguo_name = $_FANWE['cache']['city']['all'][CHINA_CITY_PY]['name'];<br /> $where.= " AND gk.city IN ('$city_name','$quanguo_name')";<br /> }<br /> else<br /> {<br /> $where.= " AND gk.city = '$city_name'";<br /> }<br /> }<br /><br /> $order = '';<br /> $sort = &$page_args['sort'];<br /> $sort_array = array('spa'=>'g.shop_price ASC','spd'=>'g.shop_price DESC','eta'=>'gk.end_time ASC','etd'=>'gk.end_time DESC','cca'=>'g.click_count ASC','ccd'=>'g.click_count DESC','sa'=>'g.score ASC','sd'=>'g.score DESC','ba'=>'g.bought ASC','bd'=>'g.bought DESC','da'=>'discount ASC','dd'=>'discount DESC');<br /><br /> if(array_key_exists($sort,$sort_array))<br /> $order = $sort_array[$sort];<br /> else<br /> {<br /> unset($page_args['sort']);<br /> $sort = '';<br /> }<br /><br /> if(empty($order))<br /> $order .= 'similarity DESC,'.$insert_sort.',gk.sort ASC,g.id ASC';<br /> else<br /> $order .= ',similarity DESC,'.$insert_sort.',gk.sort ASC,g.id DESC';<br /><br /> $goods_count = DB::resultFirst('SELECT COUNT(DISTINCT g.id)<br /> FROM '.DB::table('goods_now_match').' AS gm<br /> INNER JOIN '.DB::table('goods_now_key').' AS gk ON gk.id = gm.id<br /> INNER JOIN '.DB::table('goods_now').' AS g ON g.id = gk.id '.$where);<br /><br /> $pager = buildPage('now/search',$page_args,$goods_count,$_FANWE['page'],24);<br /><br /> $res = DB::query('SELECT g.id,g.small_img,g.end_time,g.market_price,g.begin_time,g.shop_price,<br /> gk.city,gk.site_id,g.is_best,g.bought,g.name,g.sort,g.site_name,g.collect_buy,g.click_count,<br /> g.url,g.collect_count,g.add_time,(g.shop_price / g.market_price) AS discount,g.post_count'.$fields.'<br /> FROM '.DB::table('goods_now_match').' AS gm<br /> INNER JOIN '.DB::table('goods_now_key').' AS gk ON gk.id = gm.id<br /> INNER JOIN '.DB::table('goods_now').' AS g ON g.id = gk.id '.$where.'<br /> ORDER BY '.$order.' LIMIT '.$pager['limit']);<br /><br /> $goods_list = array();<br /><br /><br /> while($goods = DB::fetch($res))<br /> {<br /> S('Goods')->goodsFormat($goods);<br /> $goods_list[] = $goods;<br /> }<br /> }<br /><br /> include template('page/search_index');<br /><br /> display();<br /> }