Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- header('Content-type: application/xml');
- include('../index/sql.php'); // connect stb
- require_once('../index/eleje.php'); //munkamenet indítás
- $firstarray = explode(',',$_GET['products']);
- $secondarray = array();
- foreach ($firstarray as $one){
- $secondarray[] = '"'.mysql_real_escape_string($one).'"'; // sql injection kivedes
- }
- $part = implode(',',$secondarray);
- $q = mysql_query('SELECT * FROM termek WHERE kod IN ('.$part.')');
- print "<?xml version=\"1.0\"?>\n";
- print "<products>\n";
- while($r = mysql_fetch_array($q)){
- print "\t<product>\n";
- print "\t\t<productid>".$r['kod']."</productid>\n";
- print "\t\t<productname>".($r['rnev']?$r['rnev']:$r['nev'])."</productname>\n";
- print "\t\t<productprice>".($r['euro']?$r['ar']*305:$r['ar'])."</productprice>\n";
- print "\t</product>\n";
- }
- print "</products>\n";
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
