本文整理汇总了PHP中SEC_checkToken函数的典型用法代码示例。如果您正苦于以下问题:PHP SEC_checkToken函数的具体用法?PHP SEC_checkToken怎么用?PHP SEC_checkToken使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了SEC_checkToken函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: display
/**
* Return HTML widget
*
* @return string
*/
public function display()
{
global $_CONF, $_TABLES, $LANG_SX00;
$action = $this->getAction();
$entry = $this->getEntry();
if (!empty($action) && SEC_checkToken()) {
switch ($action) {
case 'delete':
$this->deleteEntry($entry);
break;
case $LANG_SX00['addentry']:
$this->addEntry($entry, true);
break;
case $LANG_SX00['addcen']:
foreach ($_CONF['censorlist'] as $entry) {
$this->addEntry($entry, true);
}
break;
case 'mass_delete':
if (isset($_POST['delitem'])) {
$this->deleteSelectedEntries($_POST['delitem']);
}
break;
}
}
return $this->getWidget();
}
示例2: display
/**
* Constructor
*/
function display()
{
global $_CONF, $_TABLES, $LANG_SX00;
$action = '';
if (isset($_GET['action'])) {
$action = $_GET['action'];
} elseif (isset($_POST['paction'])) {
$action = $_POST['paction'];
}
if ($action == 'delete' && SEC_checkToken()) {
$entry = $_GET['entry'];
if (!empty($entry)) {
$dbentry = addslashes($entry);
DB_delete($_TABLES['spamx'], array('name', 'value'), array('HTTPHeader', $dbentry));
}
} elseif ($action == $LANG_SX00['addentry'] && SEC_checkToken()) {
$entry = '';
$name = COM_applyFilter($_REQUEST['header-name']);
$n = explode(':', $name);
$name = $n[0];
$value = $_REQUEST['header-value'];
if (!empty($name) && !empty($value)) {
$entry = $name . ': ' . $value;
}
$dbentry = addslashes($entry);
if (!empty($entry)) {
$result = DB_query("INSERT INTO {$_TABLES['spamx']} VALUES ('HTTPHeader','{$dbentry}')");
}
}
$token = SEC_createToken();
$display = '<hr' . XHTML . '>' . LB . '<p><b>';
$display .= $LANG_SX00['headerblack'];
$display .= '</b></p>' . LB . '<ul>' . LB;
$result = DB_query("SELECT value FROM {$_TABLES['spamx']} WHERE name='HTTPHeader' ORDER BY value");
$nrows = DB_numRows($result);
for ($i = 0; $i < $nrows; $i++) {
list($e) = DB_fetchArray($result);
$display .= '<li>' . COM_createLink(htmlspecialchars($e), $_CONF['site_admin_url'] . '/plugins/spamx/index.php?command=EditHeader&action=delete&entry=' . urlencode($e) . '&' . CSRF_TOKEN . '=' . $token) . '</li>' . LB;
}
$display .= '</ul>' . LB . '<p>' . $LANG_SX00['e1'] . '</p>' . LB;
$display .= '<p>' . $LANG_SX00['e2'] . '</p>' . LB;
$display .= '<form method="post" action="' . $_CONF['site_admin_url'] . '/plugins/spamx/index.php?command=EditHeader">' . LB;
$display .= '<table border="0" width="100%">' . LB;
$display .= '<tr><td align="right"><b>Header:</b></td>' . LB;
$display .= '<td><input type="text" size="40" name="header-name"' . XHTML . '> e.g. <tt>User-Agent</tt></td></tr>' . LB;
$display .= '<tr><td align="right"><b>Content:</b></td>' . LB;
$display .= '<td><input type="text" size="40" name="header-value"' . XHTML . '> e.g. <tt>Mozilla</tt></td></tr>' . LB;
$display .= '</table>' . LB;
$display .= '<p><input type="submit" name="paction" value="' . $LANG_SX00['addentry'] . '"' . XHTML . '>';
$display .= '<input type="hidden" name="' . CSRF_TOKEN . "\" value=\"{$token}\"" . XHTML . '></p>' . LB;
$display .= '</form>' . LB;
return $display;
}
示例3: display
/**
* Constructor
*/
function display()
{
global $_CONF, $_TABLES, $LANG_SX00;
$action = '';
if (isset($_GET['action'])) {
$action = $_GET['action'];
} elseif (isset($_POST['paction'])) {
$action = $_POST['paction'];
}
$entry = '';
if (isset($_GET['entry'])) {
$entry = COM_stripslashes($_GET['entry']);
} elseif (isset($_POST['pentry'])) {
$entry = COM_stripslashes($_POST['pentry']);
}
if ($action == 'delete' && SEC_checkToken()) {
$entry = DB_escapeString($entry);
DB_delete($_TABLES['spamx'], array('name', 'value'), array('Personal', $entry));
} elseif ($action == $LANG_SX00['addentry'] && SEC_checkToken()) {
if (!empty($entry)) {
$entry = DB_escapeString($entry);
$result = DB_query("INSERT INTO {$_TABLES['spamx']} VALUES ('Personal', '{$entry}')");
}
} elseif ($action == $LANG_SX00['addcen'] && SEC_checkToken()) {
foreach ($_CONF['censorlist'] as $entry) {
$entry = DB_escapeString($entry);
$result = DB_query("INSERT INTO {$_TABLES['spamx']} VALUES ('Personal', '{$entry}')");
}
}
$token = SEC_createToken();
$display = '<hr' . XHTML . '>' . LB . '<p><b>';
$display .= $LANG_SX00['pblack'];
$display .= '</b></p>' . LB . '<ul>' . LB;
$result = DB_query("SELECT value FROM {$_TABLES['spamx']} WHERE name = 'Personal'");
$nrows = DB_numRows($result);
for ($i = 0; $i < $nrows; $i++) {
$A = DB_fetchArray($result);
$e = $A['value'];
$display .= '<li>' . COM_createLink(htmlspecialchars($e), $_CONF['site_admin_url'] . '/plugins/spamx/index.php?command=EditBlackList&action=delete&entry=' . urlencode($e) . '&' . CSRF_TOKEN . '=' . $token) . '</li>' . LB;
}
$display .= '</ul>' . LB . '<p>' . $LANG_SX00['e1'] . '</p>' . LB;
$display .= '<p>' . $LANG_SX00['e2'] . '</p>' . LB;
$display .= '<form method="post" action="' . $_CONF['site_admin_url'] . '/plugins/spamx/index.php?command=EditBlackList">' . LB;
$display .= '<div><input type="text" size="30" name="pentry"' . XHTML . '> ';
$display .= '<input type="submit" name="paction" value="' . $LANG_SX00['addentry'] . '"' . XHTML . '>' . LB;
$display .= '<p>' . $LANG_SX00['e3'] . '</p> ';
$display .= '<input type="submit" name="paction" value="' . $LANG_SX00['addcen'] . '"' . XHTML . '>' . LB;
$display .= '<input type="hidden" name="' . CSRF_TOKEN . "\" value=\"{$token}\"" . XHTML . '>' . LB;
$display .= '</div></form>' . LB;
return $display;
}
示例4: display
/**
* Return HTML widget
*
* @return string
*/
public function display()
{
global $LANG_SX00;
$action = $this->getAction();
$entry = $this->getEntry();
if ($action === 'delete' && SEC_checkToken()) {
$this->deleteEntry($entry);
} elseif ($action === $LANG_SX00['addentry'] && SEC_checkToken()) {
$entry = '';
$name = COM_applyFilter($_REQUEST['header-name']);
$n = explode(':', $name);
$name = $n[0];
$value = $_REQUEST['header-value'];
if (!empty($name) && !empty($value)) {
$entry = $name . ': ' . $value;
}
$this->addEntry($entry);
}
return $this->getWidget();
}
示例5: security_check_reminder
function security_check_reminder()
{
global $_CONF, $_TABLES, $_IMAGE_TYPE, $MESSAGE;
$retval = '';
if (!SEC_inGroup('Root')) {
return $retval;
}
$done = DB_getItem($_TABLES['vars'], 'value', "name = 'security_check'");
if ($done != 1) {
$retval .= COM_showMessage(92);
}
return $retval;
}
// MAIN
$display = '';
if (isset($_POST['mode']) && $_POST['mode'] == 'moderation' && SEC_checkToken()) {
$action = array();
if (isset($_POST['action'])) {
$action = $_POST['action'];
}
if ($_POST['type'] == 'user') {
$mod_result = moderateusers($_POST['id'], $action, COM_applyFilter($_POST['count'], true));
} else {
$mod_result = moderation($_POST['id'], $action, $_POST['type'], COM_applyFilter($_POST['count'], true));
}
$display .= COM_siteHeader('menu', $LANG29[34]) . COM_showMessageFromParameter() . $mod_result;
} else {
$display .= COM_siteHeader('menu', $LANG29[34]) . COM_showMessageFromParameter() . security_check_reminder() . commandcontrol(SEC_createToken());
}
$display .= COM_siteFooter();
COM_output($display);
示例6: Template
}
/**
* Main
*/
$display = '';
$mode = '';
if (isset($_POST['save'])) {
$mode = 'save';
}
if (isset($_POST['cancel'])) {
$mode = 'cancel';
}
$T = new Template($_MG_CONF['template_path'] . '/admin');
$T->set_file('admin', 'administration.thtml');
$T->set_var(array('site_admin_url' => $_CONF['site_admin_url'], 'site_url' => $_MG_CONF['site_url'], 'mg_navigation' => MG_navigation(), 'lang_admin' => $LANG_MG00['admin'], 'version' => $_MG_CONF['pi_version']));
if ($mode == 'save' && SEC_checkToken()) {
$T->set_var(array('admin_body' => MG_saveConfig(), 'mg_navigation' => MG_navigation()));
} elseif ($mode == 'cancel') {
echo COM_refresh($_MG_CONF['admin_url'] . 'index.php');
exit;
} elseif ($mode == $LANG_MG01['continue']) {
COM_setMessage(2);
echo COM_refresh($_MG_CONF['admin_url'] . 'index.php');
exit;
} else {
$T->set_var(array('admin_body' => MG_editConfig(), 'title' => $LANG_MG01['system_options'], 'lang_help' => '<img src="' . MG_getImageFile('button_help.png') . '" style="border:none;" alt="?" />', 'help_url' => $_MG_CONF['site_url'] . '/docs/usage.html#System_Options'));
}
$T->parse('output', 'admin');
$display = COM_siteHeader('menu', '');
$display .= $T->finish($T->get_var('output'));
$display .= COM_siteFooter();
示例7: trim
$old = trim($_GET['prevorder']);
$sorting = "?order={$ord}&direction={$dir}&prevorder={$old}";
}
$display = COM_refresh($_CONF['site_admin_url'] . '/plugins.php' . $sorting);
} elseif ($mode == 'change_load_order' && SEC_checkToken()) {
change_load_order(COM_applyFilter($_GET['pi_name']), COM_applyFilter($_GET['where']));
$display = COM_refresh($_CONF['site_admin_url'] . '/plugins.php');
} elseif ($mode == 'autoinstall' && SEC_checkToken()) {
if (SEC_hasRights('plugin.install')) {
$plugin = '';
if (isset($_GET['plugin'])) {
$plugin = COM_applyFilter($_GET['plugin']);
}
if (plugin_autoinstall($plugin)) {
PLG_pluginStateChange($plugin, 'installed');
$display .= COM_refresh($_CONF['site_admin_url'] . '/plugins.php?msg=44');
} else {
$display .= COM_refresh($_CONF['site_admin_url'] . '/plugins.php?msg=72');
}
} else {
$display = COM_refresh($_CONF['site_admin_url'] . '/plugins.php');
}
} elseif ($mode == 'continue_upgrade') {
$display .= continue_upgrade(COM_sanitizeFilename($_GET['plugin']), $_GET['piversion'], $_GET['codeversion']);
} elseif (isset($_FILES['plugin']) && SEC_checkToken() && SEC_hasRights('plugin.install,plugin.upload')) {
$display .= plugin_upload();
} else {
// 'cancel' or no mode at all
$display .= plugin_main();
}
COM_output($display);
示例8: preg_replace
case 'download':
$file = '';
if (isset($_GET['file'])) {
$file = preg_replace('/[^a-zA-Z0-9\\-_\\.]/', '', COM_applyFilter($_GET['file']));
$file = str_replace('..', '', $file);
if (!file_exists($_CONF['backup_path'] . $file)) {
$file = '';
}
}
if (!empty($file)) {
DBADMIN_download($file);
exit;
}
break;
case 'delete':
if (isset($_POST['delitem']) && SEC_checkToken()) {
foreach ($_POST['delitem'] as $delfile) {
$file = preg_replace('/[^a-zA-Z0-9\\-_\\.]/', '', COM_applyFilter($delfile));
$file = str_replace('..', '', $file);
if (!@unlink($_CONF['backup_path'] . $file)) {
COM_errorLog('Unable to remove backup file "' . $file . '"');
}
}
} else {
COM_accessLog("User {$_USER['username']} tried to illegally delete database backup(s) and failed CSRF checks.");
echo COM_refresh($_CONF['site_admin_url'] . '/index.php');
}
break;
case 'config':
$view = 'config';
break;
示例9: COM_refresh
}
} else {
$display = COM_refresh($_CONF['site_url'] . '/index.php');
}
break;
case $LANG_CALJP_1[45]:
// save edited personal event
if (!empty($LANG_CALJP_1[45]) && $_CAJP_CONF['personalcalendars'] == 1 && !COM_isAnonUser() && (isset($_POST['calendar_type']) && $_POST['calendar_type'] == 'personal') && SEC_checkToken()) {
$display = plugin_savesubmission_calendarjp($_POST);
} else {
$display = COM_refresh($_CONF['site_url'] . '/index.php');
}
break;
case 'deleteevent':
case $LANG_CALJP_1[51]:
if ($_CAJP_CONF['personalcalendars'] == 1 && SEC_checkToken()) {
$eid = COM_applyFilter($_REQUEST['eid']);
if (!empty($eid) && !COM_isAnonUser()) {
DB_query("DELETE FROM {$_TABLES['personal_eventsjp']} WHERE uid={$_USER['uid']} AND eid='{$eid}'");
$display .= COM_refresh($_CONF['site_url'] . '/calendarjp/index.php?mode=personal&msg=26');
} else {
$display = COM_refresh($_CONF['site_url'] . '/index.php');
}
} else {
$display = COM_refresh($_CONF['site_url'] . '/index.php');
}
break;
case 'edit':
if ($_CAJP_CONF['personalcalendars'] == 1) {
$eid = COM_applyFilter($_GET['eid']);
if (!empty($eid) && !COM_isAnonUser()) {
示例10: savepoll
/**
* Saves a poll
*
* Saves a poll topic and potential answers to the database
*
* @param string $pid Poll topic ID
* @param string $old_pid Previous poll topic ID
* @param array $Q Array of poll questions
* @param string $mainpage Checkbox: poll appears on homepage
* @param string $topic The text for the topic
* @param string $meta_description
* @param string $meta_keywords
* @param int $statuscode (unused)
* @param string $open Checkbox: poll open for voting
* @param string $hideresults Checkbox: hide results until closed
* @param int $commentcode Indicates if users can comment on poll
* @param array $A Array of possible answers
* @param array $V Array of vote per each answer
* @param array $R Array of remark per each answer
* @param int $owner_id ID of poll owner
* @param int $group_id ID of group poll belongs to
* @param int $perm_owner Permissions the owner has on poll
* @param int $perm_grup Permissions the group has on poll
* @param int $perm_members Permissions logged in members have on poll
* @param int $perm_anon Permissions anonymous users have on poll
* @return string HTML redirect or error message
*
*/
function savepoll($pid, $old_pid, $Q, $mainpage, $topic, $meta_description, $meta_keywords, $statuscode, $open, $hideresults, $commentcode, $A, $V, $R, $owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon)
{
global $_CONF, $_TABLES, $_USER, $LANG21, $LANG25, $MESSAGE, $_POLL_VERBOSE, $_PO_CONF;
$retval = '';
// Convert array values to numeric permission values
list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon);
$topic = COM_stripslashes($topic);
$meta_description = strip_tags(COM_stripslashes($meta_description));
$meta_keywords = strip_tags(COM_stripslashes($meta_keywords));
$pid = COM_sanitizeID($pid);
$old_pid = COM_sanitizeID($old_pid);
if (empty($pid)) {
if (empty($old_pid)) {
$pid = COM_makeSid();
} else {
$pid = $old_pid;
}
}
// check if any question was entered
if (empty($topic) or count($Q) == 0 or strlen($Q[0]) == 0 or strlen($A[0][0]) == 0) {
$retval .= COM_siteHeader('menu', $LANG25[5]);
$retval .= COM_startBlock($LANG21[32], '', COM_getBlockTemplate('_msg_block', 'header'));
$retval .= $LANG25[2];
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$retval .= COM_siteFooter();
return $retval;
}
if (!SEC_checkToken()) {
COM_accessLog("User {$_USER['username']} tried to save poll {$pid} and failed CSRF checks.");
return COM_refresh($_CONF['site_admin_url'] . '/plugins/polls/index.php');
}
// check for poll id change
if (!empty($old_pid) && $pid != $old_pid) {
// check if new pid is already in use
if (DB_count($_TABLES['polltopics'], 'pid', $pid) > 0) {
// TBD: abort, display editor with all content intact again
$pid = $old_pid;
// for now ...
}
}
// start processing the poll topic
if ($_POLL_VERBOSE) {
COM_errorLog('**** Inside savepoll() in ' . $_CONF['site_admin_url'] . '/plugins/polls/index.php ***');
}
$access = 0;
if (DB_count($_TABLES['polltopics'], 'pid', $pid) > 0) {
$result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['polltopics']} WHERE pid = '{$pid}'");
$P = DB_fetchArray($result);
$access = SEC_hasAccess($P['owner_id'], $P['group_id'], $P['perm_owner'], $P['perm_group'], $P['perm_members'], $P['perm_anon']);
} else {
$access = SEC_hasAccess($owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon);
}
if ($access < 3 || !SEC_inGroup($group_id)) {
$display .= COM_siteHeader('menu', $MESSAGE[30]) . COM_showMessageText($MESSAGE[29], $MESSAGE[30]) . COM_siteFooter();
COM_accessLog("User {$_USER['username']} tried to illegally submit or edit poll {$pid}.");
COM_output($display);
exit;
}
if (empty($voters)) {
$voters = 0;
}
if ($_POLL_VERBOSE) {
COM_errorLog('owner permissions: ' . $perm_owner, 1);
COM_errorLog('group permissions: ' . $perm_group, 1);
COM_errorLog('member permissions: ' . $perm_members, 1);
COM_errorLog('anonymous permissions: ' . $perm_anon, 1);
}
// we delete everything and re-create it with the input from the form
$del_pid = $pid;
if (!empty($old_pid) && $pid != $old_pid) {
$del_pid = $old_pid;
// delete by old pid, create using new pid below
//.........这里部分代码省略.........
示例11: MyTextSanitizer
$myts = new MyTextSanitizer();
// MyTextSanitizer object
$eh = new ErrorHandler();
//ErrorHandler object
$mytree = new XoopsTree($_DB_name, $_TABLES['filemgmt_cat'], "cid", "pid");
$mytree->setGroupAccessFilter($_GROUPS);
$groupsql = filemgmt_buildAccessSql();
$sql = "SELECT COUNT(*) FROM {$_TABLES['filemgmt_cat']} WHERE pid=0 ";
$sql .= $groupsql;
list($catAccessCnt) = DB_fetchArray(DB_query($sql));
if ($catAccessCnt < 1) {
COM_errorLOG("Submit.php => FileMgmt Plugin Access denied. Attempted user upload of a file, Remote address is:{$_SERVER['REMOTE_ADDR']}");
redirect_header($_CONF['site_url'] . "/index.php", 1, _GL_ERRORNOUPLOAD);
exit;
}
if (isset($_POST['submit']) && SEC_checkToken()) {
if (!COM_isAnonUser()) {
$submitter = (int) $_USER['uid'];
} else {
$submitter = 1;
}
// Check if Title entered
if (!isset($_POST['title']) || $_POST["title"] == '') {
$eh->show("1001");
}
// Check if filename entered
if ($_FILES['newfile']['name'] != '') {
$name = $_FILES['newfile']['name'];
$url = rawurlencode($name);
$name = $myts->makeTboxData4Save($name);
$url = $myts->makeTboxData4Save($url);
示例12: SEC_createToken
$boards_delforum->set_var('gltoken_name', CSRF_TOKEN);
$boards_delforum->set_var('gltoken', SEC_createToken());
$boards_delforum->parse('output', 'boards_delforum');
$display .= $boards_delforum->finish($boards_delforum->get_var('output'));
$display .= COM_endBlock();
$display = COM_createHTMLDocument($display);
COM_output($display);
exit;
}
} elseif ($mode == $LANG_GF01['EDIT'] && isset($_POST['what']) && COM_applyFilter($_POST['what']) == 'order' && SEC_checkToken()) {
$order = COM_applyFilter($_POST['order'], true);
DB_query("UPDATE {$_TABLES['forum_forums']} SET forum_order='{$order}' WHERE forum_id='{$id}'");
$display = COM_refresh($_CONF['site_admin_url'] . '/plugins/forum/boards.php?msg=7');
COM_output($display);
exit;
} elseif ($mode == 'save' && SEC_checkToken() && $submit != $LANG_GF01['CANCEL']) {
$category = isset($_REQUEST['category']) ? COM_applyFilter($_POST['category'], true) : 0;
$order = isset($_POST['order']) ? COM_applyFilter($_POST['order'], true) : 0;
$name = gf_preparefordb($_POST['name'], 'text');
$dscp = gf_preparefordb($_POST['dscp'], 'text');
$is_hidden = isset($_POST['is_hidden']) ? COM_applyFilter($_POST['is_hidden'], true) : 0;
$is_readonly = isset($_POST['is_readonly']) ? COM_applyFilter($_POST['is_readonly'], true) : 0;
$no_newposts = isset($_POST['no_newposts']) ? COM_applyFilter($_POST['no_newposts'], true) : 0;
$privgroup = isset($_POST['privgroup']) ? COM_applyFilter($_POST['privgroup'], true) : 0;
if ($privgroup == 0) {
$privgroup = 2;
}
DB_query("UPDATE {$_TABLES['forum_forums']} SET forum_cat={$category},forum_name='{$name}', forum_order={$order},forum_dscp='{$dscp}', grp_id={$privgroup},\n is_hidden='{$is_hidden}', is_readonly='{$is_readonly}', no_newposts='{$no_newposts}' WHERE forum_id='{$id}'");
$display = COM_refresh($_CONF['site_admin_url'] . '/plugins/forum/boards.php?msg=8');
COM_output($display);
exit;
示例13: array_key_exists
exit;
}
}
$conf_group = array_key_exists('conf_group', $_POST) ? COM_applyFilter($_POST['conf_group']) : $default_conf_group;
if (array_key_exists('set_action', $_POST) && SEC_checkToken()) {
if ($_POST['set_action'] == 'restore') {
$config->restore_param($_POST['name'], $conf_group, $_POST['subgroup'], $_POST['tab']);
} elseif ($_POST['set_action'] == 'unset') {
$config->unset_param($_POST['name'], $conf_group, $_POST['subgroup'], $_POST['tab']);
}
// notify plugins when config item enabled or disabled
$config_item[] = $_POST['name'];
PLG_configChange($conf_group, $config_item);
$subgroup = array_key_exists('subgroup', $_POST) ? COM_applyFilter($_POST['subgroup']) : null;
$display = $config->get_ui($conf_group, $subgroup);
} elseif (array_key_exists('form_submit', $_POST) && SEC_checkToken()) {
$result = null;
if (!array_key_exists('form_reset', $_POST)) {
if ($conf_group == 'Core') {
require_once 'configuration_validation.php';
} else {
// Retrieve plugin config validation if found
$filename = $_CONF['path'] . 'plugins/' . $conf_group . '/configuration_validation.php';
if (file_exists($filename)) {
require_once $filename;
}
}
$result = $config->updateConfig($_POST, $conf_group);
// notify plugins
if (is_array($result) && count($result) > 0) {
PLG_configChange($conf_group, array_keys($result));
示例14: str_replace
$mailresult = str_replace('<successcount>', $successcount, $LANG31[20]);
$retval .= str_replace('<failcount>', $failcount, $mailresult);
$retval .= '<h2>' . $LANG31[21] . '</h2>';
for ($i = 0; $i < count($failures); $i++) {
$retval .= current($failures) . '<br' . XHTML . '>';
next($failures);
}
if (count($failures) == 0) {
$retval .= $LANG31[23];
}
$retval .= '<h2>' . $LANG31[22] . '</h2>';
for ($i = 0; $i < count($successes); $i++) {
$retval .= current($successes) . '<br' . XHTML . '>';
next($successes);
}
if (count($successes) == 0) {
$retval .= $LANG31[24];
}
$retval .= COM_endBlock();
return $retval;
}
// MAIN
$display .= COM_siteHeader('menu', $LANG31[1]);
if (isset($_POST['mail']) && $_POST['mail'] == 'mail' && SEC_checkToken()) {
$display .= send_messages($_POST);
} else {
$display .= COM_showMessageFromParameter();
$display .= display_mailform();
}
$display .= COM_siteFooter();
COM_output($display);
示例15: CALENDAR_saveEvent
//.........这里部分代码省略.........
if ($allday == 'on') {
$allday = 1;
} else {
$allday = 0;
}
// Make sure start date is before end date
if (checkdate($start_month, $start_day, $start_year)) {
$datestart = sprintf('%4d-%02d-%02d', $start_year, $start_month, $start_day);
$timestart = $start_hour . ':' . $start_minute . ':00';
} else {
$retval .= COM_showMessageText($LANG_CAL_ADMIN[23], $LANG_CAL_ADMIN[2]);
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG_CAL_ADMIN[2]));
return $retval;
}
if (checkdate($end_month, $end_day, $end_year)) {
$dateend = sprintf('%4d-%02d-%02d', $end_year, $end_month, $end_day);
$timeend = $end_hour . ':' . $end_minute . ':00';
} else {
$retval .= COM_showMessageText($LANG_CAL_ADMIN[24], $LANG_CAL_ADMIN[2]);
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG_CAL_ADMIN[2]));
return $retval;
}
if ($allday == 0) {
if ($dateend < $datestart) {
$retval .= COM_showMessageText($LANG_CAL_ADMIN[25], $LANG_CAL_ADMIN[2]);
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG_CAL_ADMIN[2]));
return $retval;
}
} else {
if ($dateend < $datestart) {
// Force end date to be same as start date
$dateend = $datestart;
}
}
// Remove any autotags the user doesn't have permission to use
$description = PLG_replaceTags($description, '', true);
// clean 'em up
if ($postmode == 'html') {
$description = COM_checkHTML(COM_checkWords($description), 'calendar.edit');
} else {
$postmode = 'plaintext';
$description = htmlspecialchars(COM_checkWords($description));
}
$description = DB_escapeString($description);
$title = DB_escapeString(strip_tags(COM_checkWords($title)));
$location = DB_escapeString(COM_checkHTML(COM_checkWords($location), 'calendar.edit'));
$address1 = DB_escapeString(strip_tags(COM_checkWords($address1)));
$address2 = DB_escapeString(strip_tags(COM_checkWords($address2)));
$city = DB_escapeString(strip_tags(COM_checkWords($city)));
$zipcode = DB_escapeString(strip_tags(COM_checkWords($zipcode)));
$event_type = DB_escapeString(strip_tags(COM_checkWords($event_type)));
$url = DB_escapeString(strip_tags($url));
if ($allday == 0) {
// Add 12 to make time on 24 hour clock if needed
if ($start_ampm == 'pm' and $start_hour != 12) {
$start_hour = $start_hour + 12;
}
// If 12AM set hour to 00
if ($start_ampm == 'am' and $start_hour == 12) {
$start_hour = '00';
}
// Add 12 to make time on 24 hour clock if needed
if ($end_ampm == 'pm' and $end_hour != 12) {
$end_hour = $end_hour + 12;
}
// If 12AM set hour to 00
if ($end_ampm == 'am' and $end_hour == 12) {
$end_hour = '00';
}
$timestart = $start_hour . ':' . $start_minute . ':00';
$timeend = $end_hour . ':' . $end_minute . ':00';
}
if (!empty($eid) and !empty($description) and !empty($title)) {
if (!SEC_checkToken()) {
COM_accessLog("User {$_USER['username']} tried to save event {$eid} and failed CSRF checks.");
COM_redirect($_CONF['site_admin_url'] . '/plugins/calendar/index.php');
}
$hits = DB_getItem($_TABLES['events'], 'hits', "eid = '{$eid}'");
if (empty($hits)) {
$hits = 0;
}
DB_delete($_TABLES['eventsubmission'], 'eid', $eid);
DB_save($_TABLES['events'], 'eid,title,event_type,url,allday,datestart,dateend,timestart,' . 'timeend,location,address1,address2,city,state,zipcode,description,' . 'postmode,owner_id,group_id,perm_owner,perm_group,perm_members,' . 'perm_anon,hits', "'{$eid}','{$title}','{$event_type}','{$url}',{$allday},'{$datestart}'," . "'{$dateend}','{$timestart}','{$timeend}','{$location}','{$address1}'," . "'{$address2}','{$city}','{$state}','{$zipcode}','{$description}','{$postmode}'," . "{$owner_id},{$group_id},{$perm_owner},{$perm_group},{$perm_members},{$perm_anon},{$hits}");
if (DB_count($_TABLES['personal_events'], 'eid', $eid) > 0) {
$result = DB_query("SELECT uid FROM {$_TABLES['personal_events']} " . "WHERE eid = '{$eid}'");
$numrows = DB_numRows($result);
for ($i = 1; $i <= $numrows; $i++) {
$P = DB_fetchArray($result);
DB_save($_TABLES['personal_events'], 'eid,title,event_type,datestart,dateend,address1,address2,' . 'city,state,zipcode,allday,url,description,postmode,' . 'group_id,owner_id,perm_owner,perm_group,perm_members,' . 'perm_anon,uid,location,timestart,timeend', "'{$eid}','{$title}','{$event_type}','{$datestart}','{$dateend}'," . "'{$address1}','{$address2}','{$city}','{$state}','{$zipcode}'," . "{$allday},'{$url}','{$description}','{$postmode}',{$group_id}," . "{$owner_id},{$perm_owner},{$perm_group},{$perm_members}," . "{$perm_anon},{$P['uid']},'{$location}','{$timestart}','{$timeend}'");
}
}
PLG_itemSaved($eid, 'calendar');
COM_rdfUpToDateCheck('calendar', $event_type, $eid);
return PLG_afterSaveSwitch($_CA_CONF['aftersave'], $_CONF['site_url'] . '/calendar/event.php?eid=' . $eid, 'calendar', 17);
} else {
$retval .= COM_showMessageText($LANG_CAL_ADMIN[10], $LANG_CAL_ADMIN[2]);
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG_CAL_ADMIN[2]));
return $retval;
}
}