$po_data = array(
"shop_id"=>$shop_id,
"name"=>$this->_safe($params["name"]),
"supplier_id"=>$this->_safe($params["supplier_id"]),
"branch_id"=>$this->_safe($params["branch_id"]),
"po_bn"=>$this->_safe($this->generate_password("po")),
"purchase_time"=>time(),
"amount"=>$amount,
"operator"=>$this->_safe($params['operator']),
"po_type"=>$this->_safe($params["po_type"]),
"arrive_time"=>$this->_safe($params["arrive_time"]),
"deposit_balance"=>$this->_safe($params["deposit_balance"]),
"product_cost"=>$this->_safe($product_cost),
"delivery_cost"=>$this->_safe($params["delivery_cost"]),
"memo"=>$this->_safe($params["memo"])?$this->_safe($params["memo"])." ".date("Y-m-d H:i:s",time())." By ".$this->sellerName."<br/>":"",
"emergency"=>$params["emergency"]?$params["emergency"]:"false",
);
private function _safe($str){
$html_string = array("&", " ", "'", '"', "<", ">", " ", "
");
$html_clear = array("&", " ", "'", """, "<", ">", " ", "");
$js_string = array("/<script(.*)</script>/isU");
$js_clear = array("");
$frame_string = array("/<frame(.*)>/isU", "/</fram(.*)>/isU", "/<iframe(.*)>/isU", "/</ifram(.*)>/isU",);
$frame_clear = array("", "", "", "");
$style_string = array("/<style(.*)</style>/isU", "/<link(.*)>/isU", "/</link>/isU");
$style_clear = array("", "", "");
$str = trim($str);
//过滤字符串
$str = str_replace($html_string, "", $str);
//过滤JS
$str = preg_replace($js_string, "", $str);
//过滤ifram
$str = preg_replace($frame_string, "", $str);
//过滤style
$str = preg_replace($style_string, "", $str);
return $str;
}