当前位置: 首页>>代码示例>>PHP>>正文


PHP RemoveXSS函数代码示例

本文整理汇总了PHP中RemoveXSS函数的典型用法代码示例。如果您正苦于以下问题:PHP RemoveXSS函数的具体用法?PHP RemoveXSS怎么用?PHP RemoveXSS使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。


在下文中一共展示了RemoveXSS函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: print_r

/**
$a[0]		=	$_SERVER['REQUEST_URI'];
//$a[1]		=	'<script>alert(12313)</script>';
//$a[2]		=	'<script>alert(12313)</script>';
//$a[3]		=	'<script>alert(12313)</script>';

echo "<pre>";
echo $a[0];
print_r(DetectXSS($a));
echo "</pre>";
**/
function DetectXSS($val)
{
    if (!is_array($val)) {
        if (RemoveXSS($val) != $val) {
            log(htmlspecialchars($val));
            die('warning:found xss attack !');
        }
    } else {
        foreach ($val as $k => $v) {
            DetectXSS($v);
        }
    }
}
开发者ID:wangping1987,项目名称:dhfriendluck,代码行数:24,代码来源:xss.php

示例2: cevapOy

function cevapOy($deger, $userID, $cevapID)
{
    global $yol1, $currentFile;
    if (!empty($userID) && !empty($cevapID)) {
        if (cevapOyVar($userID, $cevapID)) {
            $sql2 = "UPDATE eo_askanswerrate \r\n\t\t\t\t\tSET degeri='{$deger}'\r\n\t\t\t\t\tWHERE userID='{$userID}' and cevapID='{$cevapID}'\t\t\t\t\t\r\n\t\t\t\t\t";
        } else {
            $sql2 = "INSERT INTO eo_askanswerrate \r\n\t\t\t\t\t(degeri,userID,cevapID)\r\n\t\t\t \t\tVALUES\r\n\t\t\t\t\t('{$deger}','{$userID}', '{$cevapID}')\r\n\t\t\t\t\t";
        }
        $result2 = mysql_query($sql2, $yol1);
        if ($result2) {
            echo "Oy verdiniz.";
            trackUser($currentFile, "success,QuesVote", RemoveXSS($_SESSION["usern"]));
        } else {
            echo "Oy verilemedi!";
            trackUser($currentFile, "fail,QuesVote", RemoveXSS($_SESSION["usern"]));
        }
    } else {
        echo "Oy verilemedi!";
    }
}
开发者ID:ergun805,项目名称:eOgr,代码行数:21,代码来源:oyCevap.php

示例3: header

Demo Site:		http://yunus.sourceforge.net/eogr
Source Track:	http://eogr.googlecode.com 
Support:		http://www.ohloh.net/p/eogr

This project is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 3 of the License, or any later version. See the GNU
Lesser General Public License for more details.
*/
@session_start();
header("Content-Type: text/html; charset=iso-8859-9");
require "conf.php";
checkLoginLang(true, true, "askForFriendship2.php");
$kisi = RemoveXSS($_POST["kisi"]);
$kabul = RemoveXSS($_POST["kabul"]);
/*
baglan2: parametresiz, 
veritabaný baðlantýsý
*/
function baglan2()
{
    global $_host;
    global $_username;
    global $_password;
    return @mysql_connect($_host, $_username, $_password);
}
if (!baglan2()) {
    die("<font id='hata'> L&#252;ften, 'veritaban&#305;' <a href=install.php>kurulumunu (installation)</a> yap&#305;n&#305;z!</font>");
}
$yol1 = baglan2();
开发者ID:ergun805,项目名称:eOgr,代码行数:31,代码来源:askForFriendship2.php

示例4: elseif

                     } else {
                         @unlink((string) $MW->getConfig->generic->avatar_path . $user['id'] . '.' . $ext);
                     }
                 }
             }
         }
     } elseif ($_POST['deleteavatar'] == 1 && preg_match("/\\d+\\.\\w+/i", $_POST['avatarfile'])) {
         if (@unlink((string) $MW->getConfig->generic->avatar_path . $_POST['avatarfile'])) {
             $DB->query("UPDATE account_extend SET avatar=NULL WHERE account_id=?d LIMIT 1", $user['id']);
         }
     }
     if (isset($_POST['profile']['g_id'])) {
         unset($_POST['profile']['g_id']);
     }
     $_POST['profile']['signature'] = htmlspecialchars($_POST['profile']['signature']);
     $DB->query("UPDATE account_extend SET ?a WHERE account_id=?d LIMIT 1", RemoveXSS($_POST['profile']), $user['id']);
     redirect('index.php?n=account&sub=manage', 1);
 } elseif ($_GET['action'] == 'changesecretq') {
     if (check_for_symbols($_POST['secreta1']) == FALSE && check_for_symbols($_POST['secreta2']) == FALSE && $_POST[secretq1] != '0' && $_POST[secretq2] != '0' && isset($_POST[secreta1]) && isset($_POST[secreta2]) && strlen($_POST[secreta1]) > 4 && strlen($_POST[secreta2]) > 4 && $_POST['secreta1'] != $_POST['secreta2'] && $_POST['secretq1'] != $_POST['secretq2']) {
         $DB->query("UPDATE account_extend SET secretq1=?,secretq2=?,secreta1=?,secreta2=? WHERE account_id=?d", strip_if_magic_quotes($_POST['secretq1']), strip_if_magic_quotes($_POST['secretq2']), strip_if_magic_quotes($_POST['secreta1']), strip_if_magic_quotes($_POST['secreta2']), $user['id']);
         output_message('notice', '<b>' . $lang['changed_secretq'] . '</b><meta http-equiv=refresh content="4;url=index.php?n=account&sub=manage">');
     } else {
         output_message('alert', '<b>' . $lang['fail_change_secretq'] . '</b><meta http-equiv=refresh content="3;url=index.php?n=account&sub=manage">');
     }
 } elseif ($_GET['action'] == 'resetsecretq') {
     if ($_POST['reset_secretq']) {
         $DB->query("UPDATE account_extend SET secretq1='0',secretq2='0',secreta1='0',secreta2='0' WHERE account_id=?d", $user['id']);
         output_message('notice', '<b>' . $lang['reset_succ_secretq'] . '</b><meta http-equiv=refresh content="4;url=index.php?n=account&sub=manage">');
     }
 } elseif ($_GET['action'] == 'change_gameplay') {
     if ($_POST['switch_wow_type'] == 'wotlk') {
开发者ID:BACKUPLIB,项目名称:mwenhanced,代码行数:31,代码来源:account.manage.php

示例5: temizle

     if (!empty($_GET['siraYap']) and $_GET["yonU"] != "dur" && $_GET['siraYap'] == "OK") {
         $siraYonu = $_SESSION["siraYonu2"] == "desc" ? "asc" : "desc";
         $_SESSION["siraYonu2"] = $siraYonu;
     } else {
         $siraYonu = $_SESSION["siraYonu2"];
     }
 }
 $sirAlan = temizle(isset($_GET['order']) ? $_GET['order'] : "");
 if ($sirAlan != "") {
     $query_eoUsers = "SELECT eo_comments.id as id, eo_comments.konuID as konuID, eo_users.id as userID, eo_comments.active, eo_comments.comment, eo_comments.commentDate,eo_users.userName as userName, eo_4konu.konuAdi as konuAdi FROM eo_comments {$filtr2} ORDER BY {$sirAlan} {$siraYonu}";
 } else {
     $query_eoUsers = "SELECT eo_comments.id as id, eo_comments.konuID as konuID, eo_users.id as userID, eo_comments.active,eo_comments.comment, eo_comments.commentDate, eo_users.userName as userName, eo_4konu.konuAdi as konuAdi FROM eo_comments {$filtr2} ORDER BY eo_comments.commentDate DESC";
     $sirAlan = "commentDate";
 }
 if (!empty($_GET["upd"]) and $_GET["upd"] == "1") {
     $query_limit_eoUsers = "SELECT eo_comments.id as id, eo_comments.comment FROM eo_comments where id='" . RemoveXSS($_GET["id"]) . "'";
 } else {
     $query_limit_eoUsers = sprintf("%s LIMIT %d, %d", $query_eoUsers, $startRow_eoUsers, $maxRows_eoUsers);
 }
 $eoUsers = mysql_query($query_limit_eoUsers, $yol);
 if (!$eoUsers) {
     echo mysql_error();
 }
 $row_eoUsers = @mysql_fetch_assoc($eoUsers);
 $totalRows_eoUsers = @mysql_num_rows($eoUsers);
 if (isset($_GET['totalRows_eoUsers'])) {
     $totalRows_eoUsers = $_GET['totalRows_eoUsers'];
 } else {
     $all_eoUsers = mysql_query($query_eoUsers);
     $totalRows_eoUsers = @mysql_num_rows($all_eoUsers);
 }
开发者ID:ergun805,项目名称:eOgr,代码行数:31,代码来源:dataCommentList.php

示例6: shoutbox

		if (!$userid){
			write_log("Someone is hacking shoutbox. - IP : ".getip(),'mod');
			die($lang_shoutbox['text_no_permission_to_shoutbox']);
		}
		if ($_GET["toguest"]){
			$type ='hb';
		}else{
			if(strpos($text,"@游客") > 0)
			$type = 'hb';
			else
			$type = 'sb';
		}
	}
	$date=sqlesc(time());

	sql_query("INSERT INTO shoutbox (userid, date, text, type, ip) VALUES (" . sqlesc($userid) . ", $date, " . sqlesc(RemoveXSS($text)) . ", ".sqlesc($type).", ".sqlesc(getip()).")") or sqlerr(__FILE__, __LINE__);
	
	file_put_contents("shoutbox_new.html",mysql_insert_id());
	if ($memcache->get('robotname') == ''){
	$robotname = sql_query("SELECT username from users where id=11") or sqlerr(__FILE__,__LINE__);
	$robotname = mysql_fetch_array($robotname);
	$memcache->set('robotname',$robotname[0],false,3600*24*7);
	}
	else
	$robot = $memcache->get('robotname');
	if (!$memcache->get('app_shoutbox_shoutup'))
	{
		if(preg_match( "/\[\@$robot\](.*?)(开奖|中奖|彩票)/",$text))
		sendshoutbox("[@$CURUSER[username]]:最近一期的彩票是第".($memcache->get('drawid'))."期,中奖号码。。忘记了。。。[url=/lottery.php?action=drawlog]here,here~[/url]","","",$date+5);
		elseif(preg_match( "/\[\@$robot\](.*?)(不|别|没|无|非)/",$text))
		//sendshoutbox("[@$CURUSER[username]]:我不认识否定词哎,不明白你说的啥意思,不过我的意思是你说的话的意思可能不是本来的意思。要是一直没人喂我的话我就要自己去偷麦粒了(。·`ω´·)[url=steal.php]你偷过麦粒么[/url] ","","",$date+5);
开发者ID:NullYing,项目名称:mtpt,代码行数:31,代码来源:shoutbox.php

示例7: begin_main_frame

    begin_main_frame();
    insert_compose_frame($postid, 'edit');
    end_main_frame();
    stdfoot();
    die;
}
//-------- Action: Post
if ($action == "post") {
    if ($CURUSER["forumpost"] == 'no') {
        stderr($lang_forums['std_sorry'], $lang_forums['std_unauthorized_to_post'], false);
        die;
    }
    $id = $_POST["id"];
    $type = $_POST["type"];
    $subject = RemoveXSS($_POST["subject"]);
    $body = RemoveXSS(trim($_POST["body"]));
    $onlyauthor = $_POST["onlyauthor"] + 0;
    $hassubject = false;
    switch ($type) {
        case 'new':
            check_whether_exist($id, 'forum');
            $forumid = $id;
            $hassubject = true;
            break;
        case 'reply':
            check_whether_exist($id, 'topic');
            $topicid = $id;
            $forumid = get_single_value("topics", "forumid", "WHERE id=" . sqlesc($topicid));
            break;
        case 'quote':
            check_whether_exist($id, 'topic');
开发者ID:chenrizhi,项目名称:mtpt,代码行数:31,代码来源:forums.php

示例8: stripslashes

//Vars
require_once '../include/functions.inc.php';
require_once '../include/globalvar.inc.php';
require_once '../include/dbinfo.inc.php';
require_once '../include/loginstate.inc.php';
$tid = $_POST['TopicID'];
//send comment
if (isset($name)) {
    $content = $_POST['content'];
    if (get_magic_quotes_gpc()) {
        $name = stripslashes($name);
        $tid = stripslashes($tid);
        $content = stripslashes($content);
    }
    //$content= SafeHTML(UBB2HTML($content));
    $content = RemoveXSS(UBB2HTML(strip_tags($content)));
    $name = $pdo->quote($name);
    $tid = $pdo->quote($tid);
    $content = $pdo->quote($content);
    $sql = $pdo->prepare("insert into tb_reply(TopicID,Name,content,Time,ip)\n\t\t\t\t\t\tvalues({$tid},{$name},{$content},now(),'127.0.0.1')");
    if (!$sql->execute()) {
        $pmstate = "0";
    } else {
        $sql = $pdo->prepare("UPDATE `{$DB_NAME}`.`tb_topic` SET `Lastreply_Time` = now(), `Lastreply_Name`= {$name}, `ReplyCount` = `ReplyCount`+1 WHERE `tb_topic`.`TopicID` = {$tid}");
        $sql->execute();
        $pmstate = "1";
    }
}
echo $pmstate;
if ($hadLogin) {
    echo "<script language='javascript'>\n";
开发者ID:BLumia,项目名称:BLumiaGist,代码行数:31,代码来源:tb_replyPost.php

示例9: doPost

 /**
  * 执行发布帖子
  */
 public function doPost()
 {
     //检测用户是否被禁言
     if ($isDisabled = model('DisableUser')->isDisableUser($this->mid, 'post')) {
         return array('status' => 0, 'msg' => '您已经被禁言了');
     }
     if ($_GET['post_type'] == 'index') {
         $type = false;
     } else {
         $type = true;
     }
     $weibaid = intval($_POST['weiba_id']);
     if (!CheckPermission('weiba_normal', 'weiba_post')) {
         $this->error('对不起,您没有权限进行该操作!', $type);
     }
     $is_lock = M('weiba_blacklist')->where('weiba_id=' . $weibaid . ' and uid=' . $this->mid)->find();
     if ($is_lock) {
         $this->error('您是黑名单用户没有发帖权限', $type);
     }
     $weibaid = intval($_POST['weiba_id']);
     if (!$weibaid) {
         $this->error('请选择微吧,等待返回选择微吧', $type);
     }
     $weiba = D('weiba')->where('weiba_id=' . $weibaid)->find();
     //黑名单功能添加
     if (!CheckPermission('core_admin', 'admin_login')) {
         switch ($weiba['who_can_post']) {
             case 1:
                 $map['weiba_id'] = $weibaid;
                 $map['follower_uid'] = $this->mid;
                 $res = D('weiba_follow')->where($map)->find();
                 if (!$res && !CheckPermission('core_admin', 'admin_login')) {
                     $this->error('对不起,您没有发帖权限,请关注该微吧!', $type);
                 }
                 break;
             case 2:
                 $map['weiba_id'] = $weibaid;
                 $map['level'] = array('in', '2,3');
                 $weiba_admin = D('weiba_follow')->where($map)->order('level desc')->field('follower_uid')->findAll();
                 if (!in_array($this->mid, getSubByKey($weiba_admin, 'follower_uid')) && !CheckPermission('core_admin', 'admin_login')) {
                     $this->error('对不起,您没有发帖权限,仅限该吧管理员发帖!', $type);
                 }
                 break;
             case 3:
                 $map['weiba_id'] = $weibaid;
                 $map['level'] = 3;
                 $weiba_admin = D('weiba_follow')->where($map)->order('level desc')->field('follower_uid')->find();
                 if ($this->mid != $weiba_admin['follower_uid'] && !CheckPermission('core_admin', 'admin_login')) {
                     $this->error('对不起,您没有发帖权限,仅限该吧吧主发帖!', $type);
                 }
                 break;
         }
     }
     $checkContent = str_replace('&nbsp;', '', $_POST['content']);
     $checkContent = str_replace('<br />', '', $checkContent);
     $checkContent = str_replace('<p>', '', $checkContent);
     $checkContent = str_replace('</p>', '', $checkContent);
     $checkContents = preg_replace('/<img(.*?)src=/i', 'img', $checkContent);
     $checkContents = preg_replace('/<embed(.*?)src=/i', 'img', $checkContents);
     $checkContents = RemoveXSS($checkContents);
     if (strlen(t($_POST['title'])) == 0) {
         $this->error('帖子标题不能为空,等待返回添加标题', $type);
     }
     if (strlen(t($checkContents)) == 0) {
         $this->error('帖子内容不能为空,等待返回添加内容', $type);
     }
     preg_match_all('/./us', t($_POST['title']), $match);
     if (count($match[0]) > 25) {
         //汉字和字母都为一个字
         $this->error('帖子标题不能超过25个字,等待返回修改标题', $type);
     }
     /* # 帖子内容 */
     $content = h($_POST['content']);
     if (get_str_length($content) >= 20000) {
         $this->error('帖子内容过长!无法发布!');
     }
     unset($content);
     if ($_POST['attach_ids']) {
         $attach = explode('|', $_POST['attach_ids']);
         foreach ($attach as $k => $a) {
             if (!$a) {
                 unset($attach[$k]);
             }
         }
         $attach = array_map('intval', $attach);
         $data['attach'] = serialize($attach);
     }
     $data['weiba_id'] = $weibaid;
     $data['title'] = t($_POST['title']);
     $data['content'] = h($_POST['content']);
     $data['post_uid'] = $this->mid;
     $data['post_time'] = time();
     $data['last_reply_uid'] = $this->mid;
     $data['last_reply_time'] = $data['post_time'];
     $data['feed_id'] = 0;
     /* # 格式化emoji */
     $data['title'] = formatEmoji(true, $data['title']);
//.........这里部分代码省略.........
开发者ID:boxshadow,项目名称:ThinkSNS-4,代码行数:101,代码来源:IndexAction.class.php

示例10: RemoveXSS

                        <td align="right" nowrap="nowrap"><?php 
        echo $metin[26];
        ?>
 :</td>
                        <td><?php 
        echo $row_eoUsers['id'];
        ?>
</td>
                      </tr>
                      <tr valign="baseline">
                        <td align="right" nowrap="nowrap"><label for="wall"> <?php 
        echo $metin[597];
        ?>
 :</label></td>
                        <td bgcolor="#CCFFFF"><textarea name="wall" id="wall" cols="60" rows="8"><?php 
        echo RemoveXSS($row_eoUsers['duvarYazisi']);
        ?>
</textarea></td>
                      </tr>
                      <tr valign="baseline">
                        <td colspan="2" align="center" bgcolor="#CCFFFF" class="tabloAlt"><input type="submit" value="<?php 
        echo $metin[25];
        ?>
" />
                          <input name="geri" type="button" id="geri" onclick="location.href = &quot;dataFriendActions.php&quot;;" value="<?php 
        echo $metin[28];
        ?>
" /></td>
                      </tr>
                    </table>
                    <input type="hidden" name="MM_update" value="form3" />
开发者ID:ergun805,项目名称:eOgr,代码行数:31,代码来源:dataFriendActions.php

示例11: foreach

}
foreach ($_GET as $key => $value) {
    $_GET[$key] = RemoveXSS($value);
}
foreach ($_POST as $key => $value) {
    $_POST[$key] = RemoveXSS($value);
}
$typeid = 5;
//景点栏目
require_once SLINEINC . "/listview.class.php";
if (isset($pageno)) {
    $pageno = intval(preg_replace("/[^\\d]/", '', $pageno));
}
//当前页
///没有设置,则默认为全部
$dest_id = RemoveXSS($dest_id);
//防止跨站攻击
$attrid = $attrid ? $attrid : 0;
//防止跨站攻击
$priceid = $priceid ? $priceid : 0;
$sorttype = $sorttype ? $sorttype : 0;
//这里增加子站判断
if ($GLOBALS['sys_child_webid'] != 0 && empty($dest_id)) {
    $dest_id = $GLOBALS['sys_child_webid'];
}
if (!is_numeric($dest_id)) {
    if ($dest_id != 'all') {
        $d_id = Helper_Archive::getDestIdByPinYin($dest_id);
        $dest_id = !empty($d_id) ? $d_id : $dest_id;
    } else {
        $dest_id = 0;
开发者ID:lz1988,项目名称:stourwebcms,代码行数:31,代码来源:search.php

示例12: temizle

         $siraYonu = $_SESSION["siraYonu2"] == "desc" ? "asc" : "desc";
         $_SESSION["siraYonu2"] = $siraYonu;
     } else {
         $siraYonu = $_SESSION["siraYonu2"];
     }
 }
 $sirAlan = temizle(isset($_GET['order']) ? $_GET['order'] : "");
 if ($sirAlan != "") {
     $query_eoUsers = "SELECT * FROM eo_shoutbox {$filtr2} ORDER BY {$sirAlan} {$siraYonu}";
 } else {
     $query_eoUsers = "SELECT * FROM eo_shoutbox {$filtr2} ORDER BY date DESC";
     $sirAlan = "date";
 }
 //echo  $query_eoUsers ;
 if (!empty($_GET["upd"]) and $_GET["upd"] == "1") {
     $query_limit_eoUsers = "SELECT * FROM eo_shoutbox where messageid='" . RemoveXSS($_GET["messageid"]) . "'";
 } else {
     $query_limit_eoUsers = sprintf("%s LIMIT %d, %d", $query_eoUsers, $startRow_eoUsers, $maxRows_eoUsers);
 }
 $eoUsers = mysql_query($query_limit_eoUsers, $yol) or die(mysql_error());
 $row_eoUsers = mysql_fetch_assoc($eoUsers);
 $totalRows_eoUsers = mysql_num_rows($eoUsers);
 if (isset($_GET['totalRows_eoUsers'])) {
     $totalRows_eoUsers = $_GET['totalRows_eoUsers'];
 } else {
     $all_eoUsers = mysql_query($query_eoUsers);
     $totalRows_eoUsers = mysql_num_rows($all_eoUsers);
 }
 $totalPages_eoUsers = ceil($totalRows_eoUsers / $maxRows_eoUsers) - 1;
 $queryString_eoUsers = "";
 if (!empty($_SERVER['QUERY_STRING'])) {
开发者ID:ergun805,项目名称:eOgr,代码行数:31,代码来源:dataChatActions.php

示例13: RemoveXSS

   </div>
 <form name='register' id='register' method='get' action='contact_us_exe.php' class='form' style='margin-left:50px;'>
	<?if (strlen($_GET["missing_info"]) > 0) {?>
		<p><font color=#FF0000>Required information is missing</font></p>
	    <div align="left">
	      <?}?>
	      <?if (strlen($_GET["email_problem"]) > 0) {?>
        </div>
	    <p align="left"><font color=#FF0000>The email address entered appears to be invalid</font></p>
	    <p>
	      <?}?>
	    </p>
	    
	      
        <textarea name='comments' rows='8' cols='50'><?php 
echo RemoveXSS($_GET["comments"]);
?>
	        </textarea>
        <p align="left">&nbsp;</p>
	
	  <div align="left">
	    <table width="370" border="0" align="left" cellpadding="2">
	      <tr>
	        <td width="77" align="left" class="labelset"><div align="left"><span class="asterix">*</span>Name:</div></td>
              <td width="279"><input type='text' name='fullname' value="<?php 
echo formFieldSafe($_GET["fullname"]);
?>
" class='field' style='width:250px;'></td>
            </tr>
	      <tr>
	        <td align="left" class="labelset"><div align="left"><span class="asterix">*</span>Email:</div></td>
开发者ID:sonnaxindustries,项目名称:sonnax_php,代码行数:31,代码来源:contact_us.php

示例14: sonBilgileriGetir

     echo $metin[478] . "<p class='ozetBilgi'>" . $bilg_6 . "</p>";
 }
 $bilg_7 = sonBilgileriGetir("soru", $geceliKullID);
 if (!empty($bilg_7)) {
     echo $metin[644] . "<p class='ozetBilgi'>" . $bilg_7 . "</p>";
 }
 if (empty($bilg_1) and empty($bilg_2) and empty($bilg_3) and empty($bilg_4) and empty($bilg_6) and empty($bilg_7)) {
     echo "<font id='uyari'>{$metin['586']}</font>";
 }
 ?>
               </div>
               <div id="tab3" class="tabContent">
                 <?php 
 //ARKADAS
 if (isset($_SESSION["seciliArkadas"])) {
     $seciliKisi = RemoveXSS($_SESSION["seciliArkadas"]);
 } else {
     $seciliKisi = "";
 }
 if ($seciliKisi != "" and getUserName($seciliKisi) != "-") {
     echo "<p>{$metin['584']} : <strong><a href='profil.php?kim=" . $seciliKisi . "' rel='facebox'>" . getUserName($seciliKisi) . "</a></strong></p>";
     $bil_1 = sonBilgileriGetir("sohbet", $seciliKisi);
     if (!empty($bil_1)) {
         echo $metin[474] . "<p class='ozetBilgi'>" . $bil_1 . "</p>";
     }
     $bil_2 = sonBilgileriGetir("yorum", $seciliKisi);
     if (!empty($bil_2)) {
         echo $metin[475] . "<p class='ozetBilgi'>" . $bil_2 . "</p>";
     }
     $bil_3 = sonBilgileriGetir("oy", $seciliKisi);
     if (!empty($bil_3)) {
开发者ID:ergun805,项目名称:eOgr,代码行数:31,代码来源:friends.php

示例15: cevapSil

function cevapSil($cevapID, $userID)
{
    global $yol1, $tur, $currentFile;
    if (!empty($userID) && !empty($cevapID)) {
        if ($tur == "2" or cevapSahibi($cevapID) == $userID) {
            $sql2 = "DELETE FROM eo_askanswerrate \r\n\t\t\t\t\t WHERE cevapID = {$cevapID}";
            $result2 = mysql_query($sql2, $yol1);
            $sql2 = "DELETE FROM eo_askanswer \r\n\t\t\t\t\t WHERE id = {$cevapID}";
            $result2 = mysql_query($sql2, $yol1);
            if ($result2) {
                echo "Cevap ve oylar silindi.";
                trackUser($currentFile, "success,DelAnsw", RemoveXSS($_SESSION["usern"]));
            } else {
                echo "Cevap ve oylar silinemedi!";
                trackUser($currentFile, "fail,DelAnsw", RemoveXSS($_SESSION["usern"]));
            }
        }
    } else {
        echo "Cevap ve oylar silinemiyor!";
    }
}
开发者ID:ergun805,项目名称:eOgr,代码行数:21,代码来源:delCevap.php


注:本文中的RemoveXSS函数示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。