当前位置: 首页>>代码示例>>PHP>>正文


PHP SEC_checkToken函数代码示例

本文整理汇总了PHP中SEC_checkToken函数的典型用法代码示例。如果您正苦于以下问题:PHP SEC_checkToken函数的具体用法?PHP SEC_checkToken怎么用?PHP SEC_checkToken使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。


在下文中一共展示了SEC_checkToken函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: display

 /**
  * Return HTML widget
  *
  * @return string
  */
 public function display()
 {
     global $_CONF, $_TABLES, $LANG_SX00;
     $action = $this->getAction();
     $entry = $this->getEntry();
     if (!empty($action) && SEC_checkToken()) {
         switch ($action) {
             case 'delete':
                 $this->deleteEntry($entry);
                 break;
             case $LANG_SX00['addentry']:
                 $this->addEntry($entry, true);
                 break;
             case $LANG_SX00['addcen']:
                 foreach ($_CONF['censorlist'] as $entry) {
                     $this->addEntry($entry, true);
                 }
                 break;
             case 'mass_delete':
                 if (isset($_POST['delitem'])) {
                     $this->deleteSelectedEntries($_POST['delitem']);
                 }
                 break;
         }
     }
     return $this->getWidget();
 }
开发者ID:Geeklog-Core,项目名称:geeklog,代码行数:32,代码来源:EditBlackList.Admin.class.php

示例2: display

 /**
  * Constructor
  */
 function display()
 {
     global $_CONF, $_TABLES, $LANG_SX00;
     $action = '';
     if (isset($_GET['action'])) {
         $action = $_GET['action'];
     } elseif (isset($_POST['paction'])) {
         $action = $_POST['paction'];
     }
     if ($action == 'delete' && SEC_checkToken()) {
         $entry = $_GET['entry'];
         if (!empty($entry)) {
             $dbentry = addslashes($entry);
             DB_delete($_TABLES['spamx'], array('name', 'value'), array('HTTPHeader', $dbentry));
         }
     } elseif ($action == $LANG_SX00['addentry'] && SEC_checkToken()) {
         $entry = '';
         $name = COM_applyFilter($_REQUEST['header-name']);
         $n = explode(':', $name);
         $name = $n[0];
         $value = $_REQUEST['header-value'];
         if (!empty($name) && !empty($value)) {
             $entry = $name . ': ' . $value;
         }
         $dbentry = addslashes($entry);
         if (!empty($entry)) {
             $result = DB_query("INSERT INTO {$_TABLES['spamx']} VALUES ('HTTPHeader','{$dbentry}')");
         }
     }
     $token = SEC_createToken();
     $display = '<hr' . XHTML . '>' . LB . '<p><b>';
     $display .= $LANG_SX00['headerblack'];
     $display .= '</b></p>' . LB . '<ul>' . LB;
     $result = DB_query("SELECT value FROM {$_TABLES['spamx']} WHERE name='HTTPHeader' ORDER BY value");
     $nrows = DB_numRows($result);
     for ($i = 0; $i < $nrows; $i++) {
         list($e) = DB_fetchArray($result);
         $display .= '<li>' . COM_createLink(htmlspecialchars($e), $_CONF['site_admin_url'] . '/plugins/spamx/index.php?command=EditHeader&amp;action=delete&amp;entry=' . urlencode($e) . '&amp;' . CSRF_TOKEN . '=' . $token) . '</li>' . LB;
     }
     $display .= '</ul>' . LB . '<p>' . $LANG_SX00['e1'] . '</p>' . LB;
     $display .= '<p>' . $LANG_SX00['e2'] . '</p>' . LB;
     $display .= '<form method="post" action="' . $_CONF['site_admin_url'] . '/plugins/spamx/index.php?command=EditHeader">' . LB;
     $display .= '<table border="0" width="100%">' . LB;
     $display .= '<tr><td align="right"><b>Header:</b></td>' . LB;
     $display .= '<td><input type="text" size="40" name="header-name"' . XHTML . '> e.g. <tt>User-Agent</tt></td></tr>' . LB;
     $display .= '<tr><td align="right"><b>Content:</b></td>' . LB;
     $display .= '<td><input type="text" size="40" name="header-value"' . XHTML . '> e.g. <tt>Mozilla</tt></td></tr>' . LB;
     $display .= '</table>' . LB;
     $display .= '<p><input type="submit" name="paction" value="' . $LANG_SX00['addentry'] . '"' . XHTML . '>';
     $display .= '<input type="hidden" name="' . CSRF_TOKEN . "\" value=\"{$token}\"" . XHTML . '></p>' . LB;
     $display .= '</form>' . LB;
     return $display;
 }
开发者ID:alxstuart,项目名称:ajfs.me,代码行数:56,代码来源:EditHeader.Admin.class.php

示例3: display

 /**
  * Constructor
  */
 function display()
 {
     global $_CONF, $_TABLES, $LANG_SX00;
     $action = '';
     if (isset($_GET['action'])) {
         $action = $_GET['action'];
     } elseif (isset($_POST['paction'])) {
         $action = $_POST['paction'];
     }
     $entry = '';
     if (isset($_GET['entry'])) {
         $entry = COM_stripslashes($_GET['entry']);
     } elseif (isset($_POST['pentry'])) {
         $entry = COM_stripslashes($_POST['pentry']);
     }
     if ($action == 'delete' && SEC_checkToken()) {
         $entry = DB_escapeString($entry);
         DB_delete($_TABLES['spamx'], array('name', 'value'), array('Personal', $entry));
     } elseif ($action == $LANG_SX00['addentry'] && SEC_checkToken()) {
         if (!empty($entry)) {
             $entry = DB_escapeString($entry);
             $result = DB_query("INSERT INTO {$_TABLES['spamx']} VALUES ('Personal', '{$entry}')");
         }
     } elseif ($action == $LANG_SX00['addcen'] && SEC_checkToken()) {
         foreach ($_CONF['censorlist'] as $entry) {
             $entry = DB_escapeString($entry);
             $result = DB_query("INSERT INTO {$_TABLES['spamx']} VALUES ('Personal', '{$entry}')");
         }
     }
     $token = SEC_createToken();
     $display = '<hr' . XHTML . '>' . LB . '<p><b>';
     $display .= $LANG_SX00['pblack'];
     $display .= '</b></p>' . LB . '<ul>' . LB;
     $result = DB_query("SELECT value FROM {$_TABLES['spamx']} WHERE name = 'Personal'");
     $nrows = DB_numRows($result);
     for ($i = 0; $i < $nrows; $i++) {
         $A = DB_fetchArray($result);
         $e = $A['value'];
         $display .= '<li>' . COM_createLink(htmlspecialchars($e), $_CONF['site_admin_url'] . '/plugins/spamx/index.php?command=EditBlackList&amp;action=delete&amp;entry=' . urlencode($e) . '&amp;' . CSRF_TOKEN . '=' . $token) . '</li>' . LB;
     }
     $display .= '</ul>' . LB . '<p>' . $LANG_SX00['e1'] . '</p>' . LB;
     $display .= '<p>' . $LANG_SX00['e2'] . '</p>' . LB;
     $display .= '<form method="post" action="' . $_CONF['site_admin_url'] . '/plugins/spamx/index.php?command=EditBlackList">' . LB;
     $display .= '<div><input type="text" size="30" name="pentry"' . XHTML . '>&nbsp;&nbsp;&nbsp;';
     $display .= '<input type="submit" name="paction" value="' . $LANG_SX00['addentry'] . '"' . XHTML . '>' . LB;
     $display .= '<p>' . $LANG_SX00['e3'] . '</p>&nbsp;&nbsp;&nbsp;';
     $display .= '<input type="submit" name="paction" value="' . $LANG_SX00['addcen'] . '"' . XHTML . '>' . LB;
     $display .= '<input type="hidden" name="' . CSRF_TOKEN . "\" value=\"{$token}\"" . XHTML . '>' . LB;
     $display .= '</div></form>' . LB;
     return $display;
 }
开发者ID:NewRoute,项目名称:glfusion,代码行数:54,代码来源:EditBlackList.Admin.class.php

示例4: display

 /**
  * Return HTML widget
  *
  * @return string
  */
 public function display()
 {
     global $LANG_SX00;
     $action = $this->getAction();
     $entry = $this->getEntry();
     if ($action === 'delete' && SEC_checkToken()) {
         $this->deleteEntry($entry);
     } elseif ($action === $LANG_SX00['addentry'] && SEC_checkToken()) {
         $entry = '';
         $name = COM_applyFilter($_REQUEST['header-name']);
         $n = explode(':', $name);
         $name = $n[0];
         $value = $_REQUEST['header-value'];
         if (!empty($name) && !empty($value)) {
             $entry = $name . ': ' . $value;
         }
         $this->addEntry($entry);
     }
     return $this->getWidget();
 }
开发者ID:Geeklog-Core,项目名称:geeklog,代码行数:25,代码来源:EditHeader.Admin.class.php

示例5: security_check_reminder

function security_check_reminder()
{
    global $_CONF, $_TABLES, $_IMAGE_TYPE, $MESSAGE;
    $retval = '';
    if (!SEC_inGroup('Root')) {
        return $retval;
    }
    $done = DB_getItem($_TABLES['vars'], 'value', "name = 'security_check'");
    if ($done != 1) {
        $retval .= COM_showMessage(92);
    }
    return $retval;
}
// MAIN
$display = '';
if (isset($_POST['mode']) && $_POST['mode'] == 'moderation' && SEC_checkToken()) {
    $action = array();
    if (isset($_POST['action'])) {
        $action = $_POST['action'];
    }
    if ($_POST['type'] == 'user') {
        $mod_result = moderateusers($_POST['id'], $action, COM_applyFilter($_POST['count'], true));
    } else {
        $mod_result = moderation($_POST['id'], $action, $_POST['type'], COM_applyFilter($_POST['count'], true));
    }
    $display .= COM_siteHeader('menu', $LANG29[34]) . COM_showMessageFromParameter() . $mod_result;
} else {
    $display .= COM_siteHeader('menu', $LANG29[34]) . COM_showMessageFromParameter() . security_check_reminder() . commandcontrol(SEC_createToken());
}
$display .= COM_siteFooter();
COM_output($display);
开发者ID:hostellerie,项目名称:nexpro,代码行数:31,代码来源:moderation.php

示例6: Template

}
/**
* Main
*/
$display = '';
$mode = '';
if (isset($_POST['save'])) {
    $mode = 'save';
}
if (isset($_POST['cancel'])) {
    $mode = 'cancel';
}
$T = new Template($_MG_CONF['template_path'] . '/admin');
$T->set_file('admin', 'administration.thtml');
$T->set_var(array('site_admin_url' => $_CONF['site_admin_url'], 'site_url' => $_MG_CONF['site_url'], 'mg_navigation' => MG_navigation(), 'lang_admin' => $LANG_MG00['admin'], 'version' => $_MG_CONF['pi_version']));
if ($mode == 'save' && SEC_checkToken()) {
    $T->set_var(array('admin_body' => MG_saveConfig(), 'mg_navigation' => MG_navigation()));
} elseif ($mode == 'cancel') {
    echo COM_refresh($_MG_CONF['admin_url'] . 'index.php');
    exit;
} elseif ($mode == $LANG_MG01['continue']) {
    COM_setMessage(2);
    echo COM_refresh($_MG_CONF['admin_url'] . 'index.php');
    exit;
} else {
    $T->set_var(array('admin_body' => MG_editConfig(), 'title' => $LANG_MG01['system_options'], 'lang_help' => '<img src="' . MG_getImageFile('button_help.png') . '" style="border:none;" alt="?" />', 'help_url' => $_MG_CONF['site_url'] . '/docs/usage.html#System_Options'));
}
$T->parse('output', 'admin');
$display = COM_siteHeader('menu', '');
$display .= $T->finish($T->get_var('output'));
$display .= COM_siteFooter();
开发者ID:spacequad,项目名称:glfusion,代码行数:31,代码来源:cfgedit.php

示例7: trim

        $old = trim($_GET['prevorder']);
        $sorting = "?order={$ord}&amp;direction={$dir}&amp;prevorder={$old}";
    }
    $display = COM_refresh($_CONF['site_admin_url'] . '/plugins.php' . $sorting);
} elseif ($mode == 'change_load_order' && SEC_checkToken()) {
    change_load_order(COM_applyFilter($_GET['pi_name']), COM_applyFilter($_GET['where']));
    $display = COM_refresh($_CONF['site_admin_url'] . '/plugins.php');
} elseif ($mode == 'autoinstall' && SEC_checkToken()) {
    if (SEC_hasRights('plugin.install')) {
        $plugin = '';
        if (isset($_GET['plugin'])) {
            $plugin = COM_applyFilter($_GET['plugin']);
        }
        if (plugin_autoinstall($plugin)) {
            PLG_pluginStateChange($plugin, 'installed');
            $display .= COM_refresh($_CONF['site_admin_url'] . '/plugins.php?msg=44');
        } else {
            $display .= COM_refresh($_CONF['site_admin_url'] . '/plugins.php?msg=72');
        }
    } else {
        $display = COM_refresh($_CONF['site_admin_url'] . '/plugins.php');
    }
} elseif ($mode == 'continue_upgrade') {
    $display .= continue_upgrade(COM_sanitizeFilename($_GET['plugin']), $_GET['piversion'], $_GET['codeversion']);
} elseif (isset($_FILES['plugin']) && SEC_checkToken() && SEC_hasRights('plugin.install,plugin.upload')) {
    $display .= plugin_upload();
} else {
    // 'cancel' or no mode at all
    $display .= plugin_main();
}
COM_output($display);
开发者ID:alxstuart,项目名称:ajfs.me,代码行数:31,代码来源:plugins.php

示例8: preg_replace

 case 'download':
     $file = '';
     if (isset($_GET['file'])) {
         $file = preg_replace('/[^a-zA-Z0-9\\-_\\.]/', '', COM_applyFilter($_GET['file']));
         $file = str_replace('..', '', $file);
         if (!file_exists($_CONF['backup_path'] . $file)) {
             $file = '';
         }
     }
     if (!empty($file)) {
         DBADMIN_download($file);
         exit;
     }
     break;
 case 'delete':
     if (isset($_POST['delitem']) && SEC_checkToken()) {
         foreach ($_POST['delitem'] as $delfile) {
             $file = preg_replace('/[^a-zA-Z0-9\\-_\\.]/', '', COM_applyFilter($delfile));
             $file = str_replace('..', '', $file);
             if (!@unlink($_CONF['backup_path'] . $file)) {
                 COM_errorLog('Unable to remove backup file "' . $file . '"');
             }
         }
     } else {
         COM_accessLog("User {$_USER['username']} tried to illegally delete database backup(s) and failed CSRF checks.");
         echo COM_refresh($_CONF['site_admin_url'] . '/index.php');
     }
     break;
 case 'config':
     $view = 'config';
     break;
开发者ID:JohnToro,项目名称:lglib,代码行数:31,代码来源:index.php

示例9: COM_refresh

         }
     } else {
         $display = COM_refresh($_CONF['site_url'] . '/index.php');
     }
     break;
 case $LANG_CALJP_1[45]:
     // save edited personal event
     if (!empty($LANG_CALJP_1[45]) && $_CAJP_CONF['personalcalendars'] == 1 && !COM_isAnonUser() && (isset($_POST['calendar_type']) && $_POST['calendar_type'] == 'personal') && SEC_checkToken()) {
         $display = plugin_savesubmission_calendarjp($_POST);
     } else {
         $display = COM_refresh($_CONF['site_url'] . '/index.php');
     }
     break;
 case 'deleteevent':
 case $LANG_CALJP_1[51]:
     if ($_CAJP_CONF['personalcalendars'] == 1 && SEC_checkToken()) {
         $eid = COM_applyFilter($_REQUEST['eid']);
         if (!empty($eid) && !COM_isAnonUser()) {
             DB_query("DELETE FROM {$_TABLES['personal_eventsjp']} WHERE uid={$_USER['uid']} AND eid='{$eid}'");
             $display .= COM_refresh($_CONF['site_url'] . '/calendarjp/index.php?mode=personal&msg=26');
         } else {
             $display = COM_refresh($_CONF['site_url'] . '/index.php');
         }
     } else {
         $display = COM_refresh($_CONF['site_url'] . '/index.php');
     }
     break;
 case 'edit':
     if ($_CAJP_CONF['personalcalendars'] == 1) {
         $eid = COM_applyFilter($_GET['eid']);
         if (!empty($eid) && !COM_isAnonUser()) {
开发者ID:milk54,项目名称:geeklog-japan,代码行数:31,代码来源:event.php

示例10: savepoll

/**
* Saves a poll
*
* Saves a poll topic and potential answers to the database
*
* @param    string  $pid            Poll topic ID
* @param    string  $old_pid        Previous poll topic ID
* @param    array   $Q              Array of poll questions
* @param    string  $mainpage       Checkbox: poll appears on homepage
* @param    string  $topic          The text for the topic
* @param    string  $meta_description
* @param    string  $meta_keywords
* @param    int     $statuscode     (unused)
* @param    string  $open           Checkbox: poll open for voting
* @param    string  $hideresults    Checkbox: hide results until closed
* @param    int     $commentcode    Indicates if users can comment on poll
* @param    array   $A              Array of possible answers
* @param    array   $V              Array of vote per each answer
* @param    array   $R              Array of remark per each answer
* @param    int     $owner_id       ID of poll owner
* @param    int     $group_id       ID of group poll belongs to
* @param    int     $perm_owner     Permissions the owner has on poll
* @param    int     $perm_grup      Permissions the group has on poll
* @param    int     $perm_members   Permissions logged in members have on poll
* @param    int     $perm_anon      Permissions anonymous users have on poll
* @return   string                  HTML redirect or error message
*
*/
function savepoll($pid, $old_pid, $Q, $mainpage, $topic, $meta_description, $meta_keywords, $statuscode, $open, $hideresults, $commentcode, $A, $V, $R, $owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon)
{
    global $_CONF, $_TABLES, $_USER, $LANG21, $LANG25, $MESSAGE, $_POLL_VERBOSE, $_PO_CONF;
    $retval = '';
    // Convert array values to numeric permission values
    list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon);
    $topic = COM_stripslashes($topic);
    $meta_description = strip_tags(COM_stripslashes($meta_description));
    $meta_keywords = strip_tags(COM_stripslashes($meta_keywords));
    $pid = COM_sanitizeID($pid);
    $old_pid = COM_sanitizeID($old_pid);
    if (empty($pid)) {
        if (empty($old_pid)) {
            $pid = COM_makeSid();
        } else {
            $pid = $old_pid;
        }
    }
    // check if any question was entered
    if (empty($topic) or count($Q) == 0 or strlen($Q[0]) == 0 or strlen($A[0][0]) == 0) {
        $retval .= COM_siteHeader('menu', $LANG25[5]);
        $retval .= COM_startBlock($LANG21[32], '', COM_getBlockTemplate('_msg_block', 'header'));
        $retval .= $LANG25[2];
        $retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
        $retval .= COM_siteFooter();
        return $retval;
    }
    if (!SEC_checkToken()) {
        COM_accessLog("User {$_USER['username']} tried to save poll {$pid} and failed CSRF checks.");
        return COM_refresh($_CONF['site_admin_url'] . '/plugins/polls/index.php');
    }
    // check for poll id change
    if (!empty($old_pid) && $pid != $old_pid) {
        // check if new pid is already in use
        if (DB_count($_TABLES['polltopics'], 'pid', $pid) > 0) {
            // TBD: abort, display editor with all content intact again
            $pid = $old_pid;
            // for now ...
        }
    }
    // start processing the poll topic
    if ($_POLL_VERBOSE) {
        COM_errorLog('**** Inside savepoll() in ' . $_CONF['site_admin_url'] . '/plugins/polls/index.php ***');
    }
    $access = 0;
    if (DB_count($_TABLES['polltopics'], 'pid', $pid) > 0) {
        $result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['polltopics']} WHERE pid = '{$pid}'");
        $P = DB_fetchArray($result);
        $access = SEC_hasAccess($P['owner_id'], $P['group_id'], $P['perm_owner'], $P['perm_group'], $P['perm_members'], $P['perm_anon']);
    } else {
        $access = SEC_hasAccess($owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon);
    }
    if ($access < 3 || !SEC_inGroup($group_id)) {
        $display .= COM_siteHeader('menu', $MESSAGE[30]) . COM_showMessageText($MESSAGE[29], $MESSAGE[30]) . COM_siteFooter();
        COM_accessLog("User {$_USER['username']} tried to illegally submit or edit poll {$pid}.");
        COM_output($display);
        exit;
    }
    if (empty($voters)) {
        $voters = 0;
    }
    if ($_POLL_VERBOSE) {
        COM_errorLog('owner permissions: ' . $perm_owner, 1);
        COM_errorLog('group permissions: ' . $perm_group, 1);
        COM_errorLog('member permissions: ' . $perm_members, 1);
        COM_errorLog('anonymous permissions: ' . $perm_anon, 1);
    }
    // we delete everything and re-create it with the input from the form
    $del_pid = $pid;
    if (!empty($old_pid) && $pid != $old_pid) {
        $del_pid = $old_pid;
        // delete by old pid, create using new pid below
//.........这里部分代码省略.........
开发者ID:hostellerie,项目名称:nexpro,代码行数:101,代码来源:index.php

示例11: MyTextSanitizer

 $myts = new MyTextSanitizer();
 // MyTextSanitizer object
 $eh = new ErrorHandler();
 //ErrorHandler object
 $mytree = new XoopsTree($_DB_name, $_TABLES['filemgmt_cat'], "cid", "pid");
 $mytree->setGroupAccessFilter($_GROUPS);
 $groupsql = filemgmt_buildAccessSql();
 $sql = "SELECT COUNT(*) FROM {$_TABLES['filemgmt_cat']} WHERE pid=0 ";
 $sql .= $groupsql;
 list($catAccessCnt) = DB_fetchArray(DB_query($sql));
 if ($catAccessCnt < 1) {
     COM_errorLOG("Submit.php => FileMgmt Plugin Access denied. Attempted user upload of a file, Remote address is:{$_SERVER['REMOTE_ADDR']}");
     redirect_header($_CONF['site_url'] . "/index.php", 1, _GL_ERRORNOUPLOAD);
     exit;
 }
 if (isset($_POST['submit']) && SEC_checkToken()) {
     if (!COM_isAnonUser()) {
         $submitter = (int) $_USER['uid'];
     } else {
         $submitter = 1;
     }
     // Check if Title entered
     if (!isset($_POST['title']) || $_POST["title"] == '') {
         $eh->show("1001");
     }
     // Check if filename entered
     if ($_FILES['newfile']['name'] != '') {
         $name = $_FILES['newfile']['name'];
         $url = rawurlencode($name);
         $name = $myts->makeTboxData4Save($name);
         $url = $myts->makeTboxData4Save($url);
开发者ID:spacequad,项目名称:glfusion,代码行数:31,代码来源:submit.php

示例12: SEC_createToken

         $boards_delforum->set_var('gltoken_name', CSRF_TOKEN);
         $boards_delforum->set_var('gltoken', SEC_createToken());
         $boards_delforum->parse('output', 'boards_delforum');
         $display .= $boards_delforum->finish($boards_delforum->get_var('output'));
         $display .= COM_endBlock();
         $display = COM_createHTMLDocument($display);
         COM_output($display);
         exit;
     }
 } elseif ($mode == $LANG_GF01['EDIT'] && isset($_POST['what']) && COM_applyFilter($_POST['what']) == 'order' && SEC_checkToken()) {
     $order = COM_applyFilter($_POST['order'], true);
     DB_query("UPDATE {$_TABLES['forum_forums']} SET forum_order='{$order}' WHERE forum_id='{$id}'");
     $display = COM_refresh($_CONF['site_admin_url'] . '/plugins/forum/boards.php?msg=7');
     COM_output($display);
     exit;
 } elseif ($mode == 'save' && SEC_checkToken() && $submit != $LANG_GF01['CANCEL']) {
     $category = isset($_REQUEST['category']) ? COM_applyFilter($_POST['category'], true) : 0;
     $order = isset($_POST['order']) ? COM_applyFilter($_POST['order'], true) : 0;
     $name = gf_preparefordb($_POST['name'], 'text');
     $dscp = gf_preparefordb($_POST['dscp'], 'text');
     $is_hidden = isset($_POST['is_hidden']) ? COM_applyFilter($_POST['is_hidden'], true) : 0;
     $is_readonly = isset($_POST['is_readonly']) ? COM_applyFilter($_POST['is_readonly'], true) : 0;
     $no_newposts = isset($_POST['no_newposts']) ? COM_applyFilter($_POST['no_newposts'], true) : 0;
     $privgroup = isset($_POST['privgroup']) ? COM_applyFilter($_POST['privgroup'], true) : 0;
     if ($privgroup == 0) {
         $privgroup = 2;
     }
     DB_query("UPDATE {$_TABLES['forum_forums']} SET forum_cat={$category},forum_name='{$name}', forum_order={$order},forum_dscp='{$dscp}', grp_id={$privgroup},\n                is_hidden='{$is_hidden}', is_readonly='{$is_readonly}', no_newposts='{$no_newposts}' WHERE forum_id='{$id}'");
     $display = COM_refresh($_CONF['site_admin_url'] . '/plugins/forum/boards.php?msg=8');
     COM_output($display);
     exit;
开发者ID:ivywe,项目名称:forum,代码行数:31,代码来源:boards.php

示例13: array_key_exists

        exit;
    }
}
$conf_group = array_key_exists('conf_group', $_POST) ? COM_applyFilter($_POST['conf_group']) : $default_conf_group;
if (array_key_exists('set_action', $_POST) && SEC_checkToken()) {
    if ($_POST['set_action'] == 'restore') {
        $config->restore_param($_POST['name'], $conf_group, $_POST['subgroup'], $_POST['tab']);
    } elseif ($_POST['set_action'] == 'unset') {
        $config->unset_param($_POST['name'], $conf_group, $_POST['subgroup'], $_POST['tab']);
    }
    // notify plugins when config item enabled or disabled
    $config_item[] = $_POST['name'];
    PLG_configChange($conf_group, $config_item);
    $subgroup = array_key_exists('subgroup', $_POST) ? COM_applyFilter($_POST['subgroup']) : null;
    $display = $config->get_ui($conf_group, $subgroup);
} elseif (array_key_exists('form_submit', $_POST) && SEC_checkToken()) {
    $result = null;
    if (!array_key_exists('form_reset', $_POST)) {
        if ($conf_group == 'Core') {
            require_once 'configuration_validation.php';
        } else {
            // Retrieve plugin config validation if found
            $filename = $_CONF['path'] . 'plugins/' . $conf_group . '/configuration_validation.php';
            if (file_exists($filename)) {
                require_once $filename;
            }
        }
        $result = $config->updateConfig($_POST, $conf_group);
        // notify plugins
        if (is_array($result) && count($result) > 0) {
            PLG_configChange($conf_group, array_keys($result));
开发者ID:milk54,项目名称:geeklog-japan,代码行数:31,代码来源:configuration.php

示例14: str_replace

    $mailresult = str_replace('<successcount>', $successcount, $LANG31[20]);
    $retval .= str_replace('<failcount>', $failcount, $mailresult);
    $retval .= '<h2>' . $LANG31[21] . '</h2>';
    for ($i = 0; $i < count($failures); $i++) {
        $retval .= current($failures) . '<br' . XHTML . '>';
        next($failures);
    }
    if (count($failures) == 0) {
        $retval .= $LANG31[23];
    }
    $retval .= '<h2>' . $LANG31[22] . '</h2>';
    for ($i = 0; $i < count($successes); $i++) {
        $retval .= current($successes) . '<br' . XHTML . '>';
        next($successes);
    }
    if (count($successes) == 0) {
        $retval .= $LANG31[24];
    }
    $retval .= COM_endBlock();
    return $retval;
}
// MAIN
$display .= COM_siteHeader('menu', $LANG31[1]);
if (isset($_POST['mail']) && $_POST['mail'] == 'mail' && SEC_checkToken()) {
    $display .= send_messages($_POST);
} else {
    $display .= COM_showMessageFromParameter();
    $display .= display_mailform();
}
$display .= COM_siteFooter();
COM_output($display);
开发者ID:hostellerie,项目名称:nexpro,代码行数:31,代码来源:mail.php

示例15: CALENDAR_saveEvent


//.........这里部分代码省略.........
    if ($allday == 'on') {
        $allday = 1;
    } else {
        $allday = 0;
    }
    // Make sure start date is before end date
    if (checkdate($start_month, $start_day, $start_year)) {
        $datestart = sprintf('%4d-%02d-%02d', $start_year, $start_month, $start_day);
        $timestart = $start_hour . ':' . $start_minute . ':00';
    } else {
        $retval .= COM_showMessageText($LANG_CAL_ADMIN[23], $LANG_CAL_ADMIN[2]);
        $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG_CAL_ADMIN[2]));
        return $retval;
    }
    if (checkdate($end_month, $end_day, $end_year)) {
        $dateend = sprintf('%4d-%02d-%02d', $end_year, $end_month, $end_day);
        $timeend = $end_hour . ':' . $end_minute . ':00';
    } else {
        $retval .= COM_showMessageText($LANG_CAL_ADMIN[24], $LANG_CAL_ADMIN[2]);
        $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG_CAL_ADMIN[2]));
        return $retval;
    }
    if ($allday == 0) {
        if ($dateend < $datestart) {
            $retval .= COM_showMessageText($LANG_CAL_ADMIN[25], $LANG_CAL_ADMIN[2]);
            $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG_CAL_ADMIN[2]));
            return $retval;
        }
    } else {
        if ($dateend < $datestart) {
            // Force end date to be same as start date
            $dateend = $datestart;
        }
    }
    // Remove any autotags the user doesn't have permission to use
    $description = PLG_replaceTags($description, '', true);
    // clean 'em up
    if ($postmode == 'html') {
        $description = COM_checkHTML(COM_checkWords($description), 'calendar.edit');
    } else {
        $postmode = 'plaintext';
        $description = htmlspecialchars(COM_checkWords($description));
    }
    $description = DB_escapeString($description);
    $title = DB_escapeString(strip_tags(COM_checkWords($title)));
    $location = DB_escapeString(COM_checkHTML(COM_checkWords($location), 'calendar.edit'));
    $address1 = DB_escapeString(strip_tags(COM_checkWords($address1)));
    $address2 = DB_escapeString(strip_tags(COM_checkWords($address2)));
    $city = DB_escapeString(strip_tags(COM_checkWords($city)));
    $zipcode = DB_escapeString(strip_tags(COM_checkWords($zipcode)));
    $event_type = DB_escapeString(strip_tags(COM_checkWords($event_type)));
    $url = DB_escapeString(strip_tags($url));
    if ($allday == 0) {
        // Add 12 to make time on 24 hour clock if needed
        if ($start_ampm == 'pm' and $start_hour != 12) {
            $start_hour = $start_hour + 12;
        }
        // If 12AM set hour to 00
        if ($start_ampm == 'am' and $start_hour == 12) {
            $start_hour = '00';
        }
        // Add 12 to make time on 24 hour clock if needed
        if ($end_ampm == 'pm' and $end_hour != 12) {
            $end_hour = $end_hour + 12;
        }
        // If 12AM set hour to 00
        if ($end_ampm == 'am' and $end_hour == 12) {
            $end_hour = '00';
        }
        $timestart = $start_hour . ':' . $start_minute . ':00';
        $timeend = $end_hour . ':' . $end_minute . ':00';
    }
    if (!empty($eid) and !empty($description) and !empty($title)) {
        if (!SEC_checkToken()) {
            COM_accessLog("User {$_USER['username']} tried to save event {$eid} and failed CSRF checks.");
            COM_redirect($_CONF['site_admin_url'] . '/plugins/calendar/index.php');
        }
        $hits = DB_getItem($_TABLES['events'], 'hits', "eid = '{$eid}'");
        if (empty($hits)) {
            $hits = 0;
        }
        DB_delete($_TABLES['eventsubmission'], 'eid', $eid);
        DB_save($_TABLES['events'], 'eid,title,event_type,url,allday,datestart,dateend,timestart,' . 'timeend,location,address1,address2,city,state,zipcode,description,' . 'postmode,owner_id,group_id,perm_owner,perm_group,perm_members,' . 'perm_anon,hits', "'{$eid}','{$title}','{$event_type}','{$url}',{$allday},'{$datestart}'," . "'{$dateend}','{$timestart}','{$timeend}','{$location}','{$address1}'," . "'{$address2}','{$city}','{$state}','{$zipcode}','{$description}','{$postmode}'," . "{$owner_id},{$group_id},{$perm_owner},{$perm_group},{$perm_members},{$perm_anon},{$hits}");
        if (DB_count($_TABLES['personal_events'], 'eid', $eid) > 0) {
            $result = DB_query("SELECT uid FROM {$_TABLES['personal_events']} " . "WHERE eid = '{$eid}'");
            $numrows = DB_numRows($result);
            for ($i = 1; $i <= $numrows; $i++) {
                $P = DB_fetchArray($result);
                DB_save($_TABLES['personal_events'], 'eid,title,event_type,datestart,dateend,address1,address2,' . 'city,state,zipcode,allday,url,description,postmode,' . 'group_id,owner_id,perm_owner,perm_group,perm_members,' . 'perm_anon,uid,location,timestart,timeend', "'{$eid}','{$title}','{$event_type}','{$datestart}','{$dateend}'," . "'{$address1}','{$address2}','{$city}','{$state}','{$zipcode}'," . "{$allday},'{$url}','{$description}','{$postmode}',{$group_id}," . "{$owner_id},{$perm_owner},{$perm_group},{$perm_members}," . "{$perm_anon},{$P['uid']},'{$location}','{$timestart}','{$timeend}'");
            }
        }
        PLG_itemSaved($eid, 'calendar');
        COM_rdfUpToDateCheck('calendar', $event_type, $eid);
        return PLG_afterSaveSwitch($_CA_CONF['aftersave'], $_CONF['site_url'] . '/calendar/event.php?eid=' . $eid, 'calendar', 17);
    } else {
        $retval .= COM_showMessageText($LANG_CAL_ADMIN[10], $LANG_CAL_ADMIN[2]);
        $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG_CAL_ADMIN[2]));
        return $retval;
    }
}
开发者ID:Geeklog-Core,项目名称:geeklog,代码行数:101,代码来源:index.php


注:本文中的SEC_checkToken函数示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。