本文整理汇总了PHP中FilterInput函数的典型用法代码示例。如果您正苦于以下问题:PHP FilterInput函数的具体用法?PHP FilterInput怎么用?PHP FilterInput使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了FilterInput函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: RunQuery
RunQuery($sSQL);
}
}
}
if (isset($_POST["SaveChanges"])) {
$bErrorFlag = false;
$bDuplicateFound = false;
// Get the original list of options..
$sSQL = "SELECT mid, name FROM menuconfig_mcf WHERE parent='{$menu}' ORDER BY sortorder";
$rsList = RunQuery($sSQL);
$numRows = mysql_num_rows($rsList);
for ($row = 1; $row <= $numRows; $row++) {
$aRow = mysql_fetch_array($rsList, MYSQL_BOTH);
$aOldNameFields[$row] = $aRow["name"];
$aNameFields[$row] = FilterInput($_POST[$row . "name"]);
$amid[$row] = FilterInput($_POST[$row . "mid"]);
}
for ($row = 1; $row <= $numRows; $row++) {
if (strlen($aNameFields[$row]) == 0) {
$aNameError[$row] = 1;
$bErrorFlag = true;
} elseif ($row < $numRows) {
$aNameErrors[$row] = 0;
for ($rowcmp = $row + 1; $rowcmp <= $numRows; $rowcmp++) {
if ($aNameFields[$row] == $aNameFields[$rowcmp]) {
$bDuplicateNameError[$row] = gettext("Name cannot be duplicated");
$aNameError[$row] = 2;
$bErrorFlag = true;
break;
}
}示例2: ValidateInput
function ValidateInput()
{
global $rsParameters;
global $_POST;
global $vPOST;
global $aErrorText;
//Initialize the validated post array, error text array, and the error flag
$vPOST = array();
$aErrorText = array();
$bError = false;
//Are there any parameters to loop through?
if (mysql_num_rows($rsParameters)) {
mysql_data_seek($rsParameters, 0);
}
while ($aRow = mysql_fetch_array($rsParameters)) {
extract($aRow);
//Is the value required?
if ($qrp_Required && strlen(trim($_POST[$qrp_Alias])) < 1) {
$bError = true;
$aErrorText[$qrp_Alias] = gettext("This value is required.");
} else {
//Validate differently depending on the contents of the qrp_Validation field
switch ($qrp_Validation) {
//Numeric validation
case "n":
//Is it a number?
if (!is_numeric($_POST[$qrp_Alias])) {
$bError = true;
$aErrorText[$qrp_Alias] = gettext("This value must be numeric.");
} else {
//Is it more than the minimum?
if ($_POST[$qrp_Alias] < $qrp_NumericMin) {
$bError = true;
$aErrorText[$qrp_Alias] = gettext("This value must be at least ") . $qrp_NumericMin;
} elseif ($_POST[$qrp_Alias] > $qrp_NumericMax) {
$bError = true;
$aErrorText[$qrp_Alias] = gettext("This value cannot be more than ") . $qrp_NumericMax;
}
}
$vPOST[$qrp_Alias] = FilterInput($_POST[$qrp_Alias], 'int');
break;
//Alpha validation
//Alpha validation
case "a":
//Is the length less than the maximum?
if (strlen($_POST[$qrp_Alias]) > $qrp_AlphaMaxLength) {
$bError = true;
$aErrorText[$qrp_Alias] = gettext("This value cannot be more than ") . $qrp_AlphaMaxLength . gettext(" characters long");
} elseif (strlen($_POST[$qrp_Alias]) < $qrp_AlphaMinLength) {
$bError = true;
$aErrorText[$qrp_Alias] = gettext("This value cannot be less than ") . $qrp_AlphaMinLength . gettext(" characters long");
}
$vPOST[$qrp_Alias] = FilterInput($_POST[$qrp_Alias]);
break;
default:
$vPOST[$qrp_Alias] = FilterInput($_POST[$qrp_Alias]);
break;
}
}
}
}示例3: RunQuery
}
}
// If no errors, then update.
if (!$bErrorFlag) {
for ($iFieldID = 1; $iFieldID <= $numRows; $iFieldID++) {
if (array_key_exists($iFieldID, $aNameFields)) {
$sSQL = "UPDATE `volunteeropportunity_vol`\n\t SET `vol_Name` = '" . $aNameFields[$iFieldID] . "',\n\t `vol_Description` = '" . $aDescFields[$iFieldID] . "' WHERE `vol_ID` = '" . $aIDFields[$iFieldID] . "';";
RunQuery($sSQL);
}
}
}
} else {
if (isset($_POST["AddField"])) {
// Check if we're adding a VolOp
$newFieldName = FilterInput($_POST["newFieldName"]);
$newFieldDesc = FilterInput($_POST["newFieldDesc"]);
if (strlen($newFieldName) == 0) {
$bNewNameError = true;
} else {
// Insert into table
// there must be an easier way to get the number of rows in order to generate the last order number.
$sSQL = "SELECT * FROM `volunteeropportunity_vol`";
$rsOpps = RunQuery($sSQL);
$numRows = mysql_num_rows($rsOpps);
$newOrder = $numRows + 1;
$sSQL = "INSERT INTO `volunteeropportunity_vol` \n (`vol_ID` , `vol_Order` , `vol_Name` , `vol_Description`)\n VALUES ('', '" . $newOrder . "', '" . $newFieldName . "', '" . $newFieldDesc . "');";
RunQuery($sSQL);
$bNewNameError = false;
}
}
// Get data for the form as it now exists..示例4: ksort
// Save Settings
if ($_POST['save']) {
$new_value = $_POST['new_value'];
$new_permission = $_POST['new_permission'];
$type = $_POST['type'];
ksort($type);
reset($type);
while ($current_type = current($type)) {
$id = key($type);
// Filter Input
if ($current_type == 'text' || $current_type == "textarea") {
$value = FilterInput($new_value[$id]);
} elseif ($current_type == 'number') {
$value = FilterInput($new_value[$id], "float");
} elseif ($current_type == 'date') {
$value = FilterInput($new_value[$id], "date");
} elseif ($current_type == 'boolean') {
if ($new_value[$id] != "1") {
$value = "";
} else {
$value = "1";
}
}
if ($new_permission[$id] != "TRUE") {
$permission = "FALSE";
} else {
$permission = "TRUE";
}
// Save new setting
$sSQL = "UPDATE userconfig_ucfg " . "SET ucfg_value='{$value}', ucfg_permission='{$permission}' " . "WHERE ucfg_id='{$id}' AND ucfg_per_id='0' ";
$rsUpdate = RunQuery($sSQL);示例5: FilterInput
require "Include/Functions.php";
//Get the GroupID out of the querystring
$iGroupID = FilterInput($_GET["GroupID"], 'int');
$linkBack = FilterInput($_GET["linkBack"]);
$tName = FilterInput($_GET["Name"]);
//Set the page title
$sPageTitle = gettext("Schedule Group Meeting");
//Is this the second pass?
if (isset($_POST["Submit"])) {
$dDate = FilterInput($_POST["Date"]);
$iHour = FilterInput($_POST["Hour"]);
$iMinutes = FilterInput($_POST["Minutes"]);
$nNotifyAhead = FilterInput($_POST["NotifyAhead"]);
$tName = FilterInput($_POST["Name"]);
$tDescription = FilterInput($_POST["Description"]);
$nDuration = FilterInput($_POST["Duration"]);
// Validate Date
if (strlen($dDate) > 0) {
list($iYear, $iMonth, $iDay) = sscanf($dDate, "%04d-%02d-%02d");
if (!checkdate($iMonth, $iDay, $iYear)) {
$sDateError = "<span style=\"color: red; \">" . gettext("Not a valid Date") . "</span>";
$bErrorFlag = true;
}
}
//If no errors, then let's update...
if (!$bErrorFlag) {
//Get all the members of this group
$sSQL = "SELECT * FROM person_per, person2group2role_p2g2r WHERE per_ID = p2g2r_per_ID AND p2g2r_grp_ID = " . $iGroupID;
$rsGroupMembers = RunQuery($sSQL);
$calDbId = mysql_select_db($sWEBCALENDARDB);
$q = "SELECT MAX(cal_id) AS calID FROM webcal_entry";示例6: gettext
echo gettext("Checked Out Time");
?>
</strong></td>
<td width="20%"><strong><?php
echo gettext("Checked Out By");
?>
</strong></td>
<td width="10%" nowrap><strong><?php
echo gettext("Action");
?>
</strong></td>
</tr>
<?php
if (isset($_POST["EventID"])) {
$EventID = FilterInput($_POST["EventID"], 'int');
$sSQL = "SELECT * FROM event_attend WHERE event_id = '{$EventID}' ";
// ORDER BY person_id";
$rsOpps = RunQuery($sSQL);
$numAttRows = mysql_num_rows($rsOpps);
if ($numAttRows != 0) {
$sRowClass = "RowColorA";
for ($na = 0; $na < $numAttRows; $na++) {
$attRow = mysql_fetch_array($rsOpps, MYSQL_BOTH);
extract($attRow);
//Get Person who is checked in
$sSQL = "SELECT * FROM person_per WHERE per_ID = {$person_id} ";
$perOpps = RunQuery($sSQL);
$perRow = mysql_fetch_array($perOpps, MYSQL_BOTH);
extract($perRow);
$sPerson = FormatFullName($per_Title, $per_FirstName, $per_MiddleName, $per_LastName, $per_Suffix, 3);示例7: Redirect
require "../Include/ReportFunctions.php";
require "../Include/ReportConfig.php";
// Security
if (!$_SESSION['bFinance'] && !$_SESSION['bAdmin']) {
Redirect("Menu.php");
exit;
}
$iBankSlip = FilterInput($_GET["BankSlip"]);
if (!$iBankSlip) {
$iBankSlip = FilterInput($_POST["report_type"]);
}
$output = FilterInput($_POST["output"]);
if (!$output) {
$output = "pdf";
}
$iDepositSlipID = FilterInput($_POST["deposit"], "int");
if (!$iDepositSlipID) {
$iDepositSlipID = $_SESSION['iCurrentDeposit'];
}
// If CSVAdminOnly option is enabled and user is not admin, redirect to the menu.
// If no DepositSlipId, redirect to the menu
if (!$_SESSION['bAdmin'] && $bCSVAdminOnly && $output != "pdf" || !$iDepositSlipID) {
Redirect("Menu.php");
exit;
}
// SQL Statement
//Get the payments for this deposit slip
$sSQL = "SELECT plg_plgID, plg_date, SUM(plg_amount) as plg_sum, plg_CheckNo, plg_method, plg_comment, fun_Name, a.fam_Name AS FamilyName, a.fam_Address1, a.fam_Address2, a.fam_City, a.fam_State, a.fam_Zip FROM pledge_plg \n\t\tLEFT JOIN family_fam a ON plg_FamID = a.fam_ID\n\t\tLEFT JOIN donationfund_fun b ON plg_fundID = b.fun_ID\n\t\tWHERE plg_PledgeOrPayment = 'Payment' AND plg_depID = " . $iDepositSlipID . " GROUP BY CONCAT('Fam',plg_FamID,'Ck',plg_CheckNo) ORDER BY pledge_plg.plg_method DESC, pledge_plg.plg_date";
$rsPledges = RunQuery($sSQL);
// Exit if no rows returned
$iCountRows = mysql_num_rows($rsPledges);示例8: FilterInput
$sTypeName = $_POST['EventTypeName'];
$iTypeID = $_POST['EventTypeID'];
$EventExists = $_POST['EventExists'];
$sEventTitle = FilterInput($_POST['EventTitle']);
$sEventDesc = FilterInput($_POST['EventDesc']);
$sEventStartDate = $_POST['EventStartDate'];
$sEventStartTime = $_POST['EventStartTime'];
if (empty($_POST['EventTitle'])) {
$bTitleError = true;
$iErrors++;
}
if (empty($_POST['EventDesc'])) {
$bDescError = true;
$iErrors++;
}
$sEventText = FilterInput($_POST['EventText']);
if (empty($_POST['EventStartDate'])) {
$bESDError = true;
$iErrors++;
}
if (empty($_POST['EventStartTime'])) {
$bESTError = true;
$iErrors++;
} else {
$aESTokens = explode(":", $_POST['EventStartTime']);
$iEventStartHour = $aESTokens[0];
$iEventStartMins = $aESTokens[1];
}
$sEventStart = $sEventStartDate . " " . $sEventStartTime;
$sEventEndDate = $_POST['EventEndDate'];
$sEventEndTime = $_POST['EventEndTime'];示例9: FilterInput
$iFamily = FilterInput($_POST["Family"], 'int');
$sSQL = "UPDATE family_fam SET fam_scanCheck=\"" . $tScanString . "\" WHERE fam_ID = " . $iFamily;
RunQuery($sSQL);
}
//Get all the variables from the request object and assign them locally
$iFYID = FilterInput($_POST["FYID"], 'int');
$dDate = FilterInput($_POST["Date"]);
$nAmount = FilterInput($_POST["Amount"]);
$iSchedule = FilterInput($_POST["Schedule"]);
$iMethod = FilterInput($_POST["Method"]);
$sComment = FilterInput($_POST["Comment"]);
$iFundID = FilterInput($_POST["FundID"], 'int');
$tScanString = FilterInput($_POST["ScanInput"]);
$iAutID = FilterInput($_POST["AutoPay"]);
$nNonDeductible = FilterInput($_POST["NonDeductible"]);
$iEnvelope = FilterInput($_POST["Envelope"], 'int');
if ($iAutID == "") {
$iAutID = 0;
}
if ($iSchedule == '') {
$iSchedule = 'Once';
}
if ($nNonDeductible == '') {
$nNonDeductible = 0;
}
if (!$iCheckNo) {
$iCheckNo = "NULL";
}
$_SESSION['idefaultFY'] = $iFYID;
// Remember default fiscal year
$_SESSION['idefaultFundID'] = $iFundID;示例10: FilterInput
case 'female':
case 'f':
case 'girl':
case 'woman':
case "2":
$sSQLpersonData .= "2, ";
break;
default:
$sSQLpersonData .= "0, ";
break;
}
break;
// Donation envelope.. make sure it's available!
// Donation envelope.. make sure it's available!
case 7:
$iEnv = FilterInput($aData[$col], 'int');
$sSQL = "SELECT '' FROM person_per WHERE per_Envelope = " . $iEnv;
$rsTemp = RunQuery($sSQL);
if (mysql_num_rows($rsTemp) == 0) {
$sSQLpersonData .= $iEnv . ", ";
} else {
$sSQLpersonData .= "NULL, ";
}
break;
// Birth date.. parse multiple date standards.. then split into day,month,year
// Birth date.. parse multiple date standards.. then split into day,month,year
case 19:
$sDate = $aData[$col];
$aDate = ParseDate($sDate, $iDateMode);
$sSQLpersonData .= $aDate[0] . "," . $aDate[1] . "," . $aDate[2] . ",";
break;示例11: Redirect
******************************************************************************/
require "../Include/Config.php";
require "../Include/Functions.php";
require "../Include/ReportFunctions.php";
require "../Include/ReportConfig.php";
// Security
if (!$_SESSION['bFinance'] && !$_SESSION['bAdmin']) {
Redirect("Menu.php");
exit;
}
// Filter values
$output = FilterInput($_POST["output"]);
$sDateStart = FilterInput($_POST["DateStart"], "date");
$sDateEnd = FilterInput($_POST["DateEnd"], "date");
$letterhead = FilterInput($_POST["letterhead"]);
$remittance = FilterInput($_POST["remittance"]);
// If CSVAdminOnly option is enabled and user is not admin, redirect to the menu.
if (!$_SESSION['bAdmin'] && $bCSVAdminOnly && $output != "pdf") {
Redirect("Menu.php");
exit;
}
$today = date("Y-m-d");
if (!$sDateEnd && $sDateStart) {
$sDateEnd = $sDateStart;
}
if (!$sDateStart && $sDateEnd) {
$sDateStart = $sDateEnd;
}
if (!$sDateStart && !$sDateEnd) {
$sDateStart = $today;
$sDateEnd = $today;示例12: gettext
$dWeddingDate = "NULL";
}
// Validate Email
if (strlen($sEmail) > 0) {
if (checkEmail($sEmail) == false) {
$sEmailError = "<span style=\"color: red; \">" . gettext("Email is Not Valid") . "</span>";
$bErrorFlag = true;
} else {
$sEmail = $sEmail;
}
}
// Validate all the custom fields
$aCustomData = array();
while ($rowCustomField = mysql_fetch_array($rsCustomFields, MYSQL_BOTH)) {
extract($rowCustomField);
$currentFieldData = FilterInput($_POST[$fam_custom_Field]);
$bErrorFlag |= !validateCustomField($type_ID, $currentFieldData, $fam_custom_Field, $aCustomErrors);
// assign processed value locally to $aPersonProps so we can use it to generate the form later
$aCustomData[$fam_custom_Field] = $currentFieldData;
}
//If no errors, then let's update...
if (!$bErrorFlag) {
// Format the phone numbers before we store them
if (!$bNoFormat_HomePhone) {
$sHomePhone = CollapsePhoneNumber($sHomePhone, $sCountry);
}
if (!$bNoFormat_WorkPhone) {
$sWorkPhone = CollapsePhoneNumber($sWorkPhone, $sCountry);
}
if (!$bNoFormat_CellPhone) {
$sCellPhone = CollapsePhoneNumber($sCellPhone, $sCountry);示例13: extract
if (mysql_num_rows($rsExistingFamily) > 0) {
extract(mysql_fetch_array($rsExistingFamily));
$famid = $fam_ID;
if (array_key_exists($famid, $Families)) {
$Families[$famid]->AddMember($per_ID, $iGender, GetAge($iBirthMonth, $iBirthDay, $iBirthYear), $dWedding, $per_HomePhone, $iEnvelope);
}
} else {
$sSQL = "INSERT INTO family_fam (fam_ID,\n fam_Name, \n fam_Address1, \n fam_Address2, \n fam_City, \n fam_State, \n fam_Zip, \n fam_Country, \n fam_HomePhone, \n fam_WorkPhone, \n fam_CellPhone, \n fam_Email, \n fam_DateEntered, \n fam_EnteredBy)\n VALUES (NULL, " . "\"" . $per_LastName . "\", " . "\"" . $sAddress1 . "\", " . "\"" . $sAddress2 . "\", " . "\"" . $sCity . "\", " . "\"" . $sState . "\", " . "\"" . $sZip . "\", " . "\"" . $per_Country . "\", " . "\"" . $per_HomePhone . "\", " . "\"" . $per_WorkPhone . "\", " . "\"" . $per_CellPhone . "\", " . "\"" . $per_Email . "\"," . "\"" . date("YmdHis") . "\"," . "\"" . $_SESSION['iUserID'] . "\");";
RunQuery($sSQL);
$sSQL = "SELECT LAST_INSERT_ID()";
$rsFid = RunQuery($sSQL);
$aFid = mysql_fetch_array($rsFid);
$famid = $aFid[0];
$sSQL = "INSERT INTO `family_custom` (`fam_ID`) VALUES ('" . $famid . "')";
RunQuery($sSQL);
$fFamily = new Family(FilterInput($_POST["FamilyMode"], 'int'));
$fFamily->AddMember($per_ID, $iGender, GetAge($iBirthMonth, $iBirthDay, $iBirthYear), $dWedding, $per_HomePhone, $iEnvelope);
$Families[$famid] = $fFamily;
}
$sSQL = "UPDATE person_per SET per_fam_ID = " . $famid . " WHERE per_ID = " . $per_ID;
RunQuery($sSQL);
if ($bHasFamCustom) {
// Check if family_custom record exists
$sSQL = "SELECT fam_id FROM family_custom WHERE fam_id = {$famid}";
$rsFamCustomID = RunQuery($sSQL);
if (mysql_num_rows($rsFamCustomID) == 0) {
$sSQL = "INSERT INTO `family_custom` (`fam_ID`) VALUES ('" . $famid . "')";
RunQuery($sSQL);
}
// Build the family_custom SQL
$sSQLFamCustom = "UPDATE family_custom SET ";示例14: note_nte
//Are we adding or editing?
if ($iNoteID <= 0) {
$sSQL = "INSERT INTO note_nte (nte_per_ID, nte_fam_ID, nte_Private, nte_Text, nte_EnteredBy, nte_DateEntered) VALUES (" . $iPersonID . "," . $iFamilyID . "," . $bPrivate . ",'" . $sNoteText . "'," . $_SESSION['iUserID'] . ",'" . date("YmdHis") . "')";
} else {
$sSQL = "UPDATE note_nte SET nte_Private = " . $bPrivate . ", nte_Text = '" . $sNoteText . "', nte_DateLastEdited = '" . date("YmdHis") . "', nte_EditedBy = " . $_SESSION['iUserID'] . " WHERE nte_ID = " . $iNoteID;
}
//Execute the SQL
RunQuery($sSQL);
//Send them back to whereever they came from
Redirect($sBackPage);
}
} else {
//Are we adding or editing?
if (isset($_GET["NoteID"])) {
//Get the NoteID from the querystring
$iNoteID = FilterInput($_GET["NoteID"], 'int');
//Get the data for this note
$sSQL = "SELECT * FROM note_nte WHERE nte_ID = " . $iNoteID;
$rsNote = RunQuery($sSQL);
extract(mysql_fetch_array($rsNote));
//Assign everything locally
$sNoteText = $nte_Text;
$bPrivate = $nte_Private;
$iPersonID = $nte_per_ID;
$iFamilyID = $nte_fam_ID;
}
}
require "Include/Header.php";
?>
<form method="post">示例15: FilterInput
case "number":
$sOrderSQL = "ORDER BY dep_ID DESC";
break;
case "closed":
$sOrderSQL = "ORDER BY dep_closed, dep_Date DESC, dep_ID DESC";
break;
default:
$sOrderSQL = " ORDER BY dep_Date DESC, dep_ID DESC";
break;
}
// Append a LIMIT clause to the SQL statement
$iPerPage = $_SESSION['SearchLimit'];
if (empty($_GET['Result_Set'])) {
$Result_Set = 0;
} else {
$Result_Set = FilterInput($_GET['Result_Set'], 'int');
}
$sLimitSQL = " LIMIT {$Result_Set}, {$iPerPage}";
// Build SQL query
$sSQL = "SELECT dep_ID, dep_Date, dep_Comment, dep_Closed, dep_Type FROM deposit_dep {$sCriteria} {$sOrderSQL} {$sLimitSQL}";
$sSQLTotal = "SELECT COUNT(dep_id) FROM deposit_dep {$sCriteria}";
// Execute SQL statement and get total result
$rsDep = RunQuery($sSQL);
$rsTotal = RunQuery($sSQLTotal);
list($Total) = mysql_fetch_row($rsTotal);
echo '<div align="center">';
echo '<form action="FindDepositSlip.php" method="get" name="ListNumber">';
// Show previous-page link unless we're at the first page
if ($Result_Set < $Total && $Result_Set > 0) {
$thisLinkResult = $Result_Set - $iPerPage;
if ($thisLinkResult < 0) {