WooYun.org

function Add($primary_id, $form_attributes, $form_id=1, $type_id = 1)
    {
        $datas = array();
        $inserts = null;
        $reurn_attribute_ids = null;
        $form_attributes = array_filter($form_attributes);
        if (!empty($form_attributes) && is_array($form_attributes)) {
            foreach ($form_attributes as $key=>$val) { //foreach遍历form_attributes数组
                if($attribute_id = $this->dbstuff->GetOne("SELECT id FROM {$this->table_prefix}formattributes f WHERE primary_id={$primary_id} AND formitem_id={$key} AND type_id={$type_id} AND form_id={$form_id}")){ //$key为数组键名，没有过滤就直接进入了sql语句
                    $this->dbstuff->Execute("UPDATE {$this->table_prefix}formattributes SET attribute='{$val}' WHERE primary_id={$primary_id} AND formitem_id={$key} AND type_id={$type_id} AND form_id={$form_id}");
                }else{
                    $datas[] = "(".$type_id.",".$form_id.",".$key.",".$primary_id.",'".$val."')";
                }
            }

\virtual-office\offer.php (2 hits)
  Line 291:     $item_ids = $form->Add($id,$_POST['data']['formitem']);
  Line 321:     $item_ids = $form->Add($last_trade_id, $_POST['data']['formitem']);
\virtual-office\product.php (2 hits)
  Line 62:       $item_ids = $form->Add($id,$_POST['data']['formitem'], $form_id, $form_type_id);
  Line 77:       $item_ids = $form->Add($product_id, $_POST['data']['formitem'], $form_id, $form_type_id);