当前位置: 首页>>代码示例>>PHP>>正文


PHP anti_injection函数代码示例

本文整理汇总了PHP中anti_injection函数的典型用法代码示例。如果您正苦于以下问题:PHP anti_injection函数的具体用法?PHP anti_injection怎么用?PHP anti_injection使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。


在下文中一共展示了anti_injection函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: Checkout

<?php

include "../classes/Config.php";
include "functions.php";
$checkout = new Checkout();
$cadastros = new Cadastros();
if (isset($_POST) && !empty($_POST)) {
    if (isset($_POST['notificationCode']) && !empty($_POST['notificationCode'])) {
        $transaction_id = anti_injection($_POST['notificationCode']);
        $content = $checkout->CheckNotification($transaction_id);
        /////////// INICIA VERIFICAÇÃO DE CRÉDITO ///////////
        $transaction_info = $vendas->getRegistro($content->code);
        if ($transaction_info['vnd_venda_entregue'] == '0') {
            if ($transaction_info['vnd_produtos_id'] == '0') {
                $cnt_credit = $transaction_info['vnd_item_count'];
            } else {
                $info = $produtos_info->getRegistro($transaction_info['vnd_produtos_id']);
                $cnt_credit = $info['pro_produto_credit'];
            }
            if ($cadastros->CheckCreditExists($transaction_info['vnd_accounts_id'])) {
                $cnt_credit_act = $cadastros->GetCreditCount($transaction_info['vnd_accounts_id']);
                $cnt_credit = $cnt_credit + $cnt_credit_act;
                $result = $cadastros->UpdateCredit($transaction_info['vnd_accounts_id'], $cnt_credit);
                if ($result) {
                    $vendas->UpdateEntregue($content->code);
                }
            } else {
                $result = $cadastros->AddCredit($transaction_info['vnd_accounts_id'], $cnt_credit);
                if ($result) {
                    $vendas->UpdateEntregue($content->code);
                }
开发者ID:ExtraProgrammers,项目名称:PrivateGSIASorteios,代码行数:31,代码来源:checkout_api.php

示例2: session_start

<?php

session_start();
include "koneksi.php";
include "fungsi.php";
$pesan = 0;
selesaiDispSK($_POST["id_disposisi"]);
if (isset($_POST["terima"])) {
    $ds_sk = mysql_fetch_array(mysql_query("SELECT * FROM myapp_maintable_suratkeluar WHERE id='" . $_POST["id_surat_keluar"] . "'"));
    $peneken_nota = $_SESSION["id_level"];
    if ($ds_sk["id_ttd"] == 1 || $ds_sk["id_ttd"] == 4) {
        mysql_query("UPDATE myapp_maintable_suratkeluar SET no_nodin='" . nomor_nodin($peneken_nota, date("Y")) . "', tgl_nodin=CURDATE() WHERE id='" . $_POST["id_surat_keluar"] . "'");
    }
    if ($ds_sk["id_ttd"] == 4) {
        mysql_query("UPDATE myapp_maintable_suratkeluar SET status=2 WHERE id='" . $_POST["id_surat_keluar"] . "'");
    } else {
        pushDispSK(anti_injection($_POST["id_surat_keluar"]), $_SESSION["id_level"], 2, anti_injection($_POST["catatan"]), 1);
    }
    header("location:../?mod=inform&pesan=30&redir=posisi_surat_keluar_kabid");
} else {
    if (isset($_POST["tolak"])) {
        $ds_id_dis = mysql_fetch_array(mysql_query("SELECT * FROM myapp_disptable_suratkeluar WHERE id='" . $_POST["id_disposisi"] . "'"));
        pushDispSK(anti_injection($_POST["id_surat_keluar"]), $_SESSION["id_level"], levelBawahan(anti_injection($_POST["id_surat_keluar"]), 3), anti_injection($_POST["catatan"]), 2);
        header("location:../?mod=inform&pesan=31&redir=posisi_surat_keluar_kabid");
    }
}
开发者ID:ibnoe,项目名称:dinsosnaker2014,代码行数:26,代码来源:posisi_surat_keluar_kabid.php

示例3: error_reporting

<?php 
error_reporting(0);
include "config/koneksi.php";
function anti_injection($data)
{
    $filter = mysql_real_escape_string(stripslashes(strip_tags(htmlspecialchars($data, ENT_QUOTES))));
    return $filter;
}
$user = anti_injection($_POST['username']);
$pass = anti_injection(md5($_POST['password']));
if (!ctype_alnum($user) or !ctype_alnum($pass)) {
    echo "<div id='gagal' class='alert alert-danger'>Maaf anda bukan Administrator</div>";
}
// pastikan username dan password adalah berupa huruf atau angka.
$login = sprintf("SELECT * FROM digilib_admin WHERE username='{$user}' AND password='{$pass}'", mysql_real_escape_string($user), mysql_real_escape_string($pass));
$cek_lagi = mysql_query($login);
$ketemu = mysql_num_rows($cek_lagi);
$r = mysql_fetch_array($cek_lagi);
// Apabila username dan password ditemukan
if ($ketemu > 0) {
    session_start();
    $_SESSION['id_admin'] = $r['id_admin'];
    $_SESSION['nama'] = $r['nama'];
    $_SESSION['username'] = $r['username'];
    $_SESSION['password'] = $r['password'];
    $_SESSION['telphp'] = $r['telphp'];
    $_SESSION['delete'] = $r['delete'];
    if ($_SESSION['username'] !== '') {
        echo "<div id='sukses' class='alert alert-info'><strong>BERHASIL...</strong><button type='button' class='close' data-dismiss='alert'><i class='ace-icon fa fa-times'></i></button></div><script>window.location ='media.php?home'</script>";
    }
开发者ID:BayuAnggoroSakti,项目名称:digital_library,代码行数:30,代码来源:cek_login.php

示例4: anti_injection

$password = $_POST['password'];
function anti_injection($data)
{
    $filter = mysql_real_escape_string(stripslashes(strip_tags(htmlspecialchars($data, ENT_QUOTES))));
    return $filter;
}
if (!ctype_alnum($username) or !ctype_alnum($password)) {
    header('Content-Type: application/json');
    echo json_encode(array('cek' => 'false'));
    //echo 'false';
    $user = $_POST['username'];
    $aksi = "Melakukan percobaan tindakan sql injection";
    catat($user, $aksi);
} else {
    $username = anti_injection($username);
    $password = anti_injection($password);
    $login = mysql_query("SELECT * FROM  petugas WHERE USERNAME_LOGIN='{$username}' AND PASSWORD_LOGIN='{$password}' ");
    $ada = mysql_num_rows($login);
    $r = mysql_fetch_array($login);
    if ($ada > 0) {
        session_start();
        $_SESSION['KODE_PETUGAS'] = $r['KODE_PETUGAS'];
        $_SESSION['NAMA_PETUGAS'] = $r['NAMA_PETUGAS'];
        $_SESSION['EMAIL'] = $r['EMAIL'];
        $_SESSION['USERNAME_LOGIN'] = $r['USERNAME_LOGIN'];
        $_SESSION['STATE_ID'] = $r['STATE_ID'];
        $_SESSION['AKSES'] = $r['AKSES'];
        $user = $_SESSION['KODE_PETUGAS'];
        $aksi = "Melakukan login sistem";
        catat($user, $aksi);
        header('Content-Type: application/json');
开发者ID:smilescripts,项目名称:pegawai_consina,代码行数:31,代码来源:cek.php

示例5: anti_injection

        <?php 
include "../php/koneksi.php";
include "../php/fungsi.php";
$id_surat = anti_injection($_GET["id"]);
$id_disposisi = anti_injection($_GET["id_disposisi"]);
bacaDispSK($id_disposisi);
$ds = mysql_fetch_array(mysql_query("SELECT \n                                                    \ta.*, b.unit_kerja, CONCAT('(', c.kode_masalah, ') ', c.masalah) AS masalah,\n                                                    \tCONCAT('(', d.kode, ') ', d.jenis_surat) AS jenis_surat\n                                                    FROM \n                                                    \tmyapp_maintable_suratkeluar a\n                                                    \tLEFT JOIN myapp_reftable_unitkerja b ON a.id_skpd_tujuan = b.id_unit_kerja\n                                                    \tLEFT JOIN myapp_reftable_masalah c ON a.id_masalah = c.id_masalah\n                                                    \tLEFT JOIN myapp_reftable_jenissurat d ON a.id_jenis_surat = d.id_jenis_surat\n                                                    WHERE \n                                                    \ta.id='" . $id_surat . "'"));
?>
<fieldset>
	<legend><h3>EDIT SURAT KELUAR</h3></legend>		
		<form name="frm" action="../php/edit_surat_keluar.php" method="POST">

            <input type="hidden" name="id" value="<?php 
echo $_GET["id"];
?>
" />
            <table border="0px" cellspacing='0' cellpadding='0' width='100%'>
                <tr>
                    <td width='20%'>Nomor Surat</td>
                    <td width='10px'>:</td>
                    <td><b><?php 
echo $ds["no_surat"];
?>
</b></td>
                </tr>
                <tr>
                    <td width='20%'>Tanggal Surat</td>
                    <td width='10px'>:</td>
                    <td><b><?php 
echo $ds["tgl_surat"];
开发者ID:ibnoe,项目名称:dinsosnaker2014,代码行数:30,代码来源:detail_sk.php

示例6: anti_injection

<?php

include "koneksi.php";
include "fungsi.php";
$ids = anti_injection($_GET["id"]);
$sql = "DELETE FROM myapp_maintable_suratmasuk WHERE id='" . $ids . "'";
mysql_query($sql);
//echo($sql);
header("location:../?mod=inform&pesan=2&redir=manajemen_surat_masuk_1");
开发者ID:ibnoe,项目名称:dinsosnaker2014,代码行数:9,代码来源:hapus_surat_masuk.php

示例7: getSubTitulo

?>

<?php 
getSubTitulo('Formulário de Cadastro');
?>

<p>
<span style="font-weight:bold;">OBS:</span> Ao excluir um bloco, será excluido tudo o que estiver vinculado à ela (igreja, líderes, tribos, jovens, etc...).
</p><br />

<?php 
/** Verifica, insere, etc, tudo aqui */
$form_id_cidade = isset($_POST['form-cidade']) ? $_POST['form-cidade'] : '';
$form_nome_bloco = isset($_POST['form-bloco']) ? $_POST['form-bloco'] : '';
$form_id_cidade = anti_injection($form_id_cidade);
$form_nome_bloco = anti_injection($form_nome_bloco);
$form_id_estado = $_SESSION['estado'];
//Verifica se usuario digitou alguma coisa
if (!empty($form_nome_bloco) && !empty($form_id_cidade)) {
    try {
        //Verifica se registro ja existe
        $rs = $conx->prepare('SELECT id FROM fj_bloco WHERE nome_bloco=?');
        $rs->bindParam(1, $form_nome_bloco);
        $rs->execute();
        $row = $rs->fetchAll(PDO::FETCH_ASSOC);
        //Conta as linhas para verificação logo abaixo
        $numRows = count($row);
    } catch (PDOException $e) {
        getDivResult(PAG_QUERY_ERR, DIV_ERR);
    }
    //Se não existe registro, insere, se existe, mostra erro de duplicidade
开发者ID:admtiagonogueira,项目名称:vision,代码行数:31,代码来源:est-cad-bloco.php

示例8: error_reporting

<?php 
error_reporting(0);
include "config/koneksi.php";
function anti_injection($data)
{
    $filter = mysql_real_escape_string(stripslashes(strip_tags(htmlspecialchars($data, ENT_QUOTES))));
    return $filter;
}
$username = anti_injection($_POST['username2']);
$password = anti_injection($_POST['password2']);
$email = anti_injection($_POST['email2']);
$enkrip_pass = md5($password2);
$nip = anti_injection($_POST['nip']);
$cek_username = mysql_num_rows(mysql_query("SELECT username FROM tbl_user\n               WHERE username='{$username}'"));
$ceknipdaftar = mysql_num_rows(mysql_query("SELECT nip FROM tbl_user\n               WHERE nip='{$nip}'"));
$cek_email = mysql_num_rows(mysql_query("SELECT email FROM tbl_user\n               WHERE email='{$email}'"));
$cek_nip = mysql_num_rows(mysql_query("SELECT nip FROM pegawai\n               WHERE nip='{$nip}'"));
if ($cek_username > 0) {
    echo "<div id='gagal' class='alert alert-danger'>Maaf Username sudah terdaftar<button type='button' class='close' data-dismiss='alert'><i class='ace-icon fa fa-times'></i></button></div>";
} else {
    if ($cek_nip == 0) {
        echo "<div id='gagal' class='alert alert-danger'>Mohon maaf NIP anda tidak terdaftar mohon menghubungi HRD<button type='button' class='close' data-dismiss='alert'><i class='ace-icon fa fa-times'></i></button></div>";
    } else {
        if ($cek_email > 0) {
            echo "<div id='gagal' class='alert alert-danger'>Mohon maaf Email anda tidak terdaftar<button type='button' class='close' data-dismiss='alert'><i class='ace-icon fa fa-times'></i></button></div>";
        } else {
            if ($ceknipdaftar > 0) {
                echo "<div id='gagal' class='alert alert-danger'>Mohon maaf NIP anda sudah terdaftar<button type='button' class='close' data-dismiss='alert'><i class='ace-icon fa fa-times'></i></button></div>";
            } else {
                mysql_query("INSERT INTO tbl_user(id_user,username,\n                                 pass,\n                                 email,\n                                 level_user,w_daftar,nip,photo)\n                      VALUES('','{$username}',\n                             '{$enkrip_pass}',\n                             '{$email}',\n                             '5',NOW(),'{$nip}','../assets/avatars/avatar5.png')");
开发者ID:gibranda,项目名称:ASKA,代码行数:30,代码来源:daftar.input.php

示例9: anti_injection

<?php

$nama = anti_injection($_POST["nama"]);
$kode = anti_injection($_POST["kode"]);
if ((int) $_GET["mode"] == 1) {
    if ($nama == '') {
        ?>
			<script type="text/javascript">
				alert('nama tidak boleh kosong');
				document.location.href='./index.php?mod=home&opt=jurusan&opts=tambah';
			</script>
		<?php 
    } else {
        $d = mysql_query("insert into tbl_jurusan (nama) values ('{$nama}')");
        if ($d) {
            benar("./index.php?mod=home&opt=jurusan&opts=list");
        } else {
            salah("./index.php?mod=home&opt=jurusan&opts=tambah");
        }
    }
} else {
    if ((int) $_GET["mode"] == 2) {
        if ((int) $_GET["id_jurusan"] != 0) {
            if ($nama == '') {
                ?>
			<script type="text/javascript">
				alert('nama tidak boleh kosong');
				document.location.href='./index.php?mod=home&opt=jurusan&opts=edit&id_user=<?php 
                echo (int) $_GET["id_user"];
                ?>
';
开发者ID:smilingrey,项目名称:ALIA,代码行数:31,代码来源:validasi.php

示例10: addUserAct

 public function addUserAct($user, $pass, $nama)
 {
     $data = array('IdUser' => '', 'uidUser' => anti_injection($user), 'passUser' => password_generator($pass), 'nameUser' => $nama);
     $query = $this->db->insert('tuser', $data);
 }
开发者ID:RxFroScarletD,项目名称:shiningbatu,代码行数:5,代码来源:model.php

示例11: getSubTitulo

?>

<?php 
getSubTitulo('Registro de eventos');
?>

<?php 
/** Verifica, insere, etc, tudo aqui */
$form_nome_evento = isset($_POST['form-nome-evento']) ? $_POST['form-nome-evento'] : '';
$form_descricao = isset($_POST['form-descricao']) ? $_POST['form-descricao'] : '';
$form_data_evento = isset($_POST['form-data-evento']) ? $_POST['form-data-evento'] : '';
$form_qtd_jovens = isset($_POST['form-qtd-jovens']) ? $_POST['form-qtd-jovens'] : '';
$form_nome_evento = anti_injection($form_nome_evento);
$form_descricao = anti_injection($form_descricao);
$form_data_evento = anti_injection($form_data_evento);
$form_qtd_jovens = anti_injection($form_qtd_jovens);
$form_data_cad_evento = date('Y-m-d');
$form_id_estado = $_SESSION['estado'];
$form_id_cidade = $_SESSION['cidade'];
$form_id_regiao = $_SESSION['regiao'];
$form_id_bairro = $_SESSION['bairro'];
$form_id_igreja = $_SESSION['igreja'];
$form_id_lider_equipe = $_SESSION['lider_equipe'];
//Verifica se usuario digitou alguma coisa
if (!empty($form_nome_evento) && !empty($form_descricao) && !empty($form_data_evento) && !empty($form_qtd_jovens)) {
    try {
        //Verifica se registro ja existe
        $rs = $conx->prepare('SELECT id FROM fj_eventos WHERE fk_q_igreja_id=? AND fk_bairro_id=? AND fk_estado_id=? AND fk_cidade_id=? AND fk_regiao_id=? AND data_evento=? AND nome_evento=?');
        $rs->bindParam(1, $form_id_igreja);
        $rs->bindParam(2, $form_id_bairro);
        $rs->bindParam(3, $form_id_estado);
开发者ID:admtiagonogueira,项目名称:vision,代码行数:31,代码来源:loc-cad-evento.php

示例12: trim

<?php

include "config/koneksi.php";
include "config/library.php";
$nama = trim($_POST['nama']);
$pesan = trim($_POST['pesan']);
if (empty($nama)) {
    echo "Anda belum mengisikan NAMA<br />\n  \t      <a href=javascript:history.go(-1)><b>Ulangi Lagi</b>";
} elseif (empty($pesan)) {
    echo "Anda belum mengisikan PESAN<br />\n  \t      <a href=javascript:history.go(-1)><b>Ulangi Lagi</b>";
} elseif (strlen($_POST['pesan']) > 100) {
    echo "PESAN Anda kepanjangan, dikurangin atau dibagi jadi beberapa bagian.<br />\n  \t      <a href=javascript:history.go(-1)><b>Ulangi Lagi</b>";
} else {
    function anti_injection($data)
    {
        $filter = mysql_real_escape_string(stripslashes(strip_tags(htmlspecialchars($data, ENT_QUOTES))));
        return $filter;
    }
    $nama = anti_injection($_POST['nama']);
    $website = anti_injection($_POST['website']);
    $pesan = anti_injection($_POST['pesan']);
    $kueri = mysql_query("INSERT INTO shoutbox(nama, website, pesan, tanggal, jam)\n          VALUES('{$nama}', '{$website}', '{$pesan}', '{$tgl_sekarang}','{$jam_sekarang}')");
    echo "<meta http-equiv='refresh' content='0; url=index.php'>";
}
开发者ID:jenalgit,项目名称:cms,代码行数:24,代码来源:simpanshoutbox.php

示例13: bacaDisp

<title>Cetak Lembar Disposisi</title>
</head>
<body onload="window.print();">
<table border='1' style="border-collapse: collapse; width:100%;">
    <tr>
        <td width='5%' align='center' style="padding: 10px; font-weight: bold; text-transform: uppercase; background-color: black; color: white;">No.</td>
        <td width='20%' align='center' style="padding: 10px; font-weight: bold; text-transform: uppercase; background-color: black; color: white;">Asal</td>
        <td width='20%' align='center' style="padding: 10px; font-weight: bold; text-transform: uppercase; background-color: black; color: white;">Tujuan</td>
        <td width='20%' align='center' style="padding: 10px; font-weight: bold; text-transform: uppercase; background-color: black; color: white;">Catatan</td>
        <td align='center' style="padding: 10px; font-weight: bold; text-transform: uppercase; background-color: black; color: white;">Paraf</td>
    </tr>
    <?php 
include "../php/koneksi.php";
include "../php/fungsi.php";
bacaDisp($_GET["id_disposisi"]);
$id_surat = anti_injection($_GET['id']);
$sql = "SELECT\n            \tb.level AS level_asal, c.level AS level_tujuan, a.catatan, a.tgl_disposisi, c.urutan, d.nama\n            FROM\n            \tmyapp_disptable_suratmasuk a\n            \tLEFT JOIN myapp_reftable_levelpengguna b ON a.id_level_asal = b.id\n            \tLEFT JOIN myapp_reftable_levelpengguna c ON a.id_level_tujuan = c.id\n                LEFT JOIN myapp_maintable_pengguna d ON a.id_pengguna_tujuan = d.id\n            WHERE\n            \tMD5(MD5(a.id_surat_masuk )) = '" . $id_surat . "'";
$res = mysql_query($sql);
$ctr = 0;
while ($ds = mysql_fetch_array($res)) {
    $ctr++;
    $nama = "";
    if ($ds["urutan"] == 4) {
        $nama = " [[ " . $ds["nama"] . " ]]";
    }
    ?>
    <tr>
        <td align='center' style="padding: 10px;"><?php 
    echo $ctr;
    ?>
</td>
开发者ID:ibnoe,项目名称:dinsosnaker2014,代码行数:31,代码来源:lembar_disposisi.php

示例14: stripslashes

      &nbsp;&nbsp;<IMG SRC="images/menu/textmenu_member.gif" BORDER="0">
				<TABLE width="740" align=center cellSpacing=0 cellPadding=0 border=0>
				<TR>
					<TD height="1" class="dotline" ></TD>
				</TR>
      <TR><td>
<?php 
$user_login = stripslashes($_POST['user_login']);
$user_login = mysql_real_escape_string($_POST['user_login']);
$pwd_login = stripslashes($_POST['pwd_login']);
$pwd_login = mysql_real_escape_string($_POST['pwd_login']);
if (is_valid($user_login) == true && is_valid($pwd_login) == true) {
    $Username = preg_replace('/"/i', '\\"', $user_login);
    $Password = preg_replace("/'/i", "\\'", $pwd_login);
    anti_injection($Username, $Password, $IPADDRESS);
    //ÃкºÊÁÒªÔ¡àÊÃÔÁ maxsite 1.10 ¾Ñ²¹Òâ´Â www.narongrit.net
    if (USE_CAPCHA) {
        if ($_SESSION['security_code'] != $_POST['security_code'] or empty($_POST['security_code'])) {
            echo "<script language='javascript'>";
            echo "alert('" . _JAVA_CAPTCHA_NOACC . "')";
            echo "</script>";
            echo "<script language='javascript'>javascript:history.go(-1)</script>";
            //		echo "		if(".$_SESSION['security_code']." != ".$_POST['security_code']." OR empty(".$_POST['security_code'].")) {";
            exit;
        }
    }
    if (isset($Username) and isset($Password)) {
        $db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD);
        $res['admin'] = $db->select_query("SELECT * FROM " . TB_ADMIN . " WHERE username='" . $Username . "' AND password='" . md5($Password) . "'  ");
        $rows['admin'] = $db->rows($res['admin']);
开发者ID:robocon,项目名称:iopr,代码行数:30,代码来源:login_check.php

示例15: session_start

<?php

session_start();
include "../koneksi.php";
include "../../method/function.php";
// set the post variabel securely
$username = anti_injection($_POST['username']);
$password = anti_injection($_POST['password']);
$res = mysql_query("SELECT \n                        \ta.*, b.atasan AS atasan, b.level as level \n                        FROM \n                        \tmyapp_maintable_pengguna a\n                        LEFT JOIN \n                        \tmyapp_reftable_levelpengguna b ON a.id_level = b.id\n                        WHERE \n                        \tusername = '" . $username . "' AND password = '" . md5($password) . "'");
if (mysql_num_rows($res) == 1) {
    $ds = mysql_fetch_array($res);
    $_SESSION["password"] = $ds["password"];
    $_SESSION["id_pengguna"] = $ds["id"];
    $_SESSION["id_level"] = $ds["id_level"];
    $_SESSION["username"] = $ds["username"];
    $_SESSION["nama"] = $ds["nama"];
    $_SESSION["atasan"] = $ds["atasan"];
    $_SESSION["level"] = $ds["level"];
    // set login act depend on id level of user
    // rules
    switch ($ds['id_level']) {
        case 18:
            header("location:../../?mod=main_loket");
            break;
        case 1:
            header("location:../../?mod=main_kaban");
            break;
        case 2:
            header("location:../../?mod=main_sekretaris");
            break;
        case 3:
开发者ID:ibnoe,项目名称:dinsosnaker2014,代码行数:31,代码来源:login.php


注:本文中的anti_injection函数示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。