本文整理汇总了PHP中check_sql函数的典型用法代码示例。如果您正苦于以下问题:PHP check_sql函数的具体用法?PHP check_sql怎么用?PHP check_sql使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了check_sql函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: __construct
public function __construct()
{
//connect to the database if not connected
if (!$this->db) {
require_once "resources/classes/database.php";
$database = new database();
$database->connect();
$this->db = $database->db;
}
//add multi-lingual support
$language = new text();
$text = $language->get();
//get the ringback types
$sql = "select * from v_vars ";
$sql .= "where var_cat = 'Defaults' ";
$sql .= "and var_name LIKE '%-ring' ";
$sql .= "order by var_name asc ";
$prep_statement = $this->db->prepare(check_sql($sql));
$prep_statement->execute();
$ringbacks = $prep_statement->fetchAll(PDO::FETCH_NAMED);
unset($prep_statement, $sql);
foreach ($ringbacks as $ringback) {
$ringback = $ringback['var_name'];
$label = $text['label-' . $ringback];
if ($label == "") {
$label = $ringback;
}
$ringback_list[$ringback] = $label;
}
$this->ringbacks = $ringback_list;
unset($ringback_list);
//get the default_ringback label
/*
$sql = "select * from v_vars where var_name = 'ringback' ";
$prep_statement = $this->db->prepare(check_sql($sql));
$prep_statement->execute();
$result = $prep_statement->fetch();
unset ($prep_statement, $sql);
$default_ringback = (string) $result['var_value'];
$default_ringback = preg_replace('/\A\$\${/',"",$default_ringback);
$default_ringback = preg_replace('/}\z/',"",$default_ringback);
#$label = $text['label-'.$default_ringback];
#if($label == "") {
$label = $default_ringback;
#}
$this->default_ringback_label = $label;
unset($results, $default_ringback, $label);
*/
//get music on hold and recordings
if (is_dir($_SERVER["PROJECT_ROOT"] . '/app/music_on_hold')) {
require_once "app/music_on_hold/resources/classes/switch_music_on_hold.php";
$music = new switch_music_on_hold();
$this->music_list = $music->get();
}
if (is_dir($_SERVER["PROJECT_ROOT"] . '/app/recordings')) {
require_once "app/recordings/resources/classes/switch_recordings.php";
$recordings = new switch_recordings();
$this->recordings_list = $recordings->list_recordings();
}
}示例2: login_check
function login_check($username, $password)
{
global $con, $DB_SALT;
// print $username.$password.$DB_SALT;
// $Pwd = strrev($username).'#'. $DB_SALT .'#'.strrev($password);
// $Pwd = md5($Pwd);
if ($username && $password) {
$Pwd = pwd_encode($username, $password);
$query = "SELECT * FROM User WHERE NAME='" . $username . "' AND Password='" . $Pwd . "'";
// print '$query= '. $query . '<br>';
$result = mysql_query($query);
if ($row = mysql_fetch_array($result)) {
$_SESSION['user'] = $row['Name'];
$_SESSION['userID'] = $row['ID'];
$_SESSION['isadmin'] = $row['Is_Admin'];
return True;
}
}
// check token
$token = check_sql(trim($_REQUEST['token']));
if ($token and $token != '') {
$query = "SELECT * From User WHERE Token='{$token}'";
// print '$query= '. $query . '<br>';
$result = mysql_query($query);
if ($row = mysql_fetch_array($result)) {
$_SESSION['user'] = $row['Name'];
$_SESSION['userID'] = $row['ID'];
$_SESSION['isadmin'] = $row['Is_Admin'];
return True;
}
}
return False;
}示例3: addFriend
function addFriend($id)
{
$sessionid = $_SESSION['SESS_LOGIN_ID'];
$sql_newfriend = "INSERT INTO friend (User_ID_1, User_ID_2)\n\tVALUES ('{$sessionid}', '{$id}')";
check_sql($sql_newfriend, $conn);
$sql_newfriend = "INSERT INTO friend (User_ID_1, User_ID_2)\n\tVALUES ('{$id}', '{$sessionid}')";
check_sql($sql_newfriend, $conn);
}示例4: list_recordings
public function list_recordings()
{
$sql = "select recording_uuid, recording_filename, recording_base64 from v_recordings ";
$sql .= "where domain_uuid = '" . $this->domain_uuid . "' ";
$prep_statement = $this->db->prepare(check_sql($sql));
$prep_statement->execute();
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
foreach ($result as &$row) {
$recordings[$_SESSION['switch']['recordings']['dir'] . '/' . $_SESSION['domain_name'] . "/" . $row['recording_filename']] = $row['recording_filename'];
}
unset($prep_statement);
return $recordings;
}示例5: ifgroupmembers
function ifgroupmembers($db, $groupid, $username)
{
$sql = "select * from v_group_members ";
$sql .= "where v_id = '{$v_id}' ";
$sql .= "and groupid = '{$groupid}' ";
$sql .= "and username = '{$username}' ";
$prepstatement = $db->prepare(check_sql($sql));
$prepstatement->execute();
if (count($prepstatement->fetchAll()) == 0) {
return true;
} else {
return false;
}
unset($sql, $prepstatement);
}示例6: is_group_member
function is_group_member($group_uuid, $user_uuid)
{
global $db, $domain_uuid;
$sql = "select * from v_group_users ";
$sql .= "where user_uuid = '" . $user_uuid . "' ";
$sql .= "and group_uuid = '" . $group_uuid . "' ";
$sql .= "and domain_uuid = '" . ($domain_uuid != '' ? $domain_uuid : $_SESSION['domain_uuid']) . "' ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
if (count($prep_statement->fetchAll(PDO::FETCH_NAMED)) == 0) {
return true;
} else {
return false;
}
unset($sql, $prep_statement);
}示例7: Add_S
function Add_S($array)
{
foreach ($array as $key => $value) {
if (!is_array($value)) {
$filter = "\\<.+javascript:window\\[.{1}\\\\x|<.*=(&#\\d+?;?)+?>|<.*(data|src)=data:text\\/html.*>|\\b(alert\\(|confirm\\(|expression\\(|prompt\\(|benchmark\\s*?\\(.*\\)|sleep\\s*?\\(.*\\)|load_file\\s*?\\()|<[a-z]+?\\b[^>]*?\\bon([a-z]{4,})\\s*?=|^\\+\\/v(8|9)|\\b(and|or)\\b\\s*?([\\(\\)'\"\\d]+?=[\\(\\)'\"\\d]+?|[\\(\\)'\"a-zA-Z]+?=[\\(\\)'\"a-zA-Z]+?|>|<|\\s+?[\\w]+?\\s+?\\bin\\b\\s*?\\(|\\blike\\b\\s+?[\"'])|\\/\\*.*\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT(\\(|@{1,2}\\w+?\\s*|\\s+?.+?|.*(`|'|\").+(`|'|\")\\s*)|UPDATE\\s*(\\(.+\\)\\s*|@{1,2}.+?\\s*|\\s+?.+?|(`|'|\").*?(`|'|\")\\s*)SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM\\s+?|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)|FROM\\s.?|\\(select|\\(\\sselect|\\bunion\\b|select\\s.+?";
//过滤子查询各种
!get_magic_quotes_gpc() && ($value = addslashes($value));
$value = check_sql($value);
webscan_StOpAttack($key, $value, $filter, "GET");
$array[$key] = $value;
} else {
$array[$key] = Add_S($array[$key]);
}
}
return $array;
}示例8: search_config
function search_config($name)
{
$name = check_sql($name);
$userId = $_SESSION['userID'];
$query = "SELECT Config.ID,Config.Name,Config.Time,Config.Config,Config.AutoI,Config.Description,Config.IsDefault FROM Config,User WHERE Config.User_ID=User.ID AND Config.Name LIKE '%{$name}%'";
// echo $query.'<br>';
$ret = array('data' => array());
$result = mysql_query($query);
while ($row = mysql_fetch_row($result)) {
// foreach ($row as $key => $value){
// $row[$key] = check_xss($value);
// }
$ret['data'][] = $row;
// var_dump($row);
}
return $ret;
}示例9: search_config
function search_config($s)
{
$name = check_sql($name);
$userId = $_SESSION['userID'];
$query = "SELECT Config.Name,Config.Description FROM Config,User WHERE Config.User_ID=User.ID AND Config.Name like '%{$name}%'";
// echo $query.'<br>';
$ret = array();
$result = mysql_query($query);
while ($row = mysql_fetch_row($result)) {
foreach ($row as $key => $value) {
$row[$key] = check_xss($value);
}
$ret[] = $row;
// var_dump($row);
}
return $ret;
}示例10: device_by_ext
function device_by_ext($db, $ext, $domain)
{
$sql = 'select t1.* ';
$sql .= 'from v_devices t1 inner join v_device_lines t2 on t1.device_uuid=t2.device_uuid ';
$sql .= 'inner join v_domains t3 on t2.domain_uuid=t3.domain_uuid ';
$sql .= 'where t2.user_id=:ext ';
$sql .= 'and t3.domain_name=:domain ';
$sql .= 'and t3.domain_enabled = \'true\' ';
$prep = $db->prepare(check_sql($sql));
if ($prep) {
$prep->bindParam(':ext', $ext);
$prep->bindParam(':domain', $domain);
$prep->execute();
$row = $prep->fetch();
unset($prep);
return $row;
}
return false;
}示例11: add_task
function add_task($target, $arguments)
{
$target = check_sql($target);
$time = time();
// $argJson = base64_encode(json_encode($arguments));
// $argJson = json_encode($arguments,JSON_FORCE_OBJECT);
$argJson = json_encode($arguments);
$argJson = mysql_real_escape_string($argJson);
$userid = get_userid();
var_dump($argJson);
$query = "INSERT INTO Task(Target,Start_Time,Arguments,Status,User_ID) VALUES('{$target}',{$time},'{$argJson}','waiting',{$userid})";
// echo $query . '<br>';
$result = mysql_query($query);
if ($result) {
return True;
} else {
echo mysql_error();
return False;
}
}示例12: get_code
function get_code($id = 0, $name = '')
{
$pID = intval($id);
$pName = check_sql($name);
$query = "SELECT ID,Name,Type,Author,Time,Version,Web,Description,Code FROM Plugin";
if (is_int($pID) and $pID > 0) {
$query .= " WHERE ID={$pID}";
} elseif ($pName != '') {
$query .= " WHERE Name={$pName}";
}
// print($query.'<br>');
// $ret = array('data' => array(), );
$result = mysql_query($query);
if ($row = mysql_fetch_row($result)) {
foreach ($row as $key => $value) {
// echo $key.' => '.$value;
$row[$key] = check_xss($value);
}
$ret['data'][] = $row;
return $ret;
}
}示例13: call_block_get_extensions
function call_block_get_extensions($select_extension)
{
global $db, $text;
//list voicemail
$sql = "select extension, user_context, description from v_extensions ";
$sql .= "where domain_uuid = '" . $_SESSION['domain_uuid'] . "' ";
$sql .= "and enabled = 'true' ";
$sql .= "order by extension asc ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
$result = $prep_statement->fetchAll(PDO::FETCH_ASSOC);
echo "<optgroup label='" . $text['label-voicemail'] . "'>\n";
foreach ($result as &$row) {
$extension = $row["extension"];
$context = $row["user_context"];
$description = $row["description"];
if ($extension == $select_extension) {
$selected = "selected='selected'";
}
echo "\t\t<option value='Voicemail {$context} {$extension}' {$selected}>" . $extension . " " . $description . "</option>\n";
$selected = "";
}
echo "</optgroup>\n";
}示例14: elseif
$accountcode = $_SESSION['domain_name'];
}
echo " <input class='formfld' type='text' name='broadcast_accountcode' maxlength='255' value=\"{$broadcast_accountcode}\">\n";
echo "<br />\n";
echo $text['description-accountcode'] . "\n";
echo "</td>\n";
echo "</tr>\n";
} elseif (if_group("admin") && file_exists($_SERVER["PROJECT_ROOT"] . "/app/billing/app_config.php")) {
$sql_accountcode = "SELECT type_value FROM v_billings WHERE domain_uuid = '" . $_SESSION['domain_uuid'] . "'";
echo "<tr>\n";
echo "<td class='vncell' valign='top' align='left' nowrap='nowrap'>\n";
echo " " . $text['label-accountcode'] . "\n";
echo "</td>\n";
echo "<td class='vtable' align='left'>\n";
echo " <select name='broadcast_accountcode' id='broadcast_accountcode' class='formfld'>\n";
$prep_statement_accountcode = $db->prepare(check_sql($sql_accountcode));
$prep_statement_accountcode->execute();
$result_accountcode = $prep_statement_accountcode->fetchAll(PDO::FETCH_NAMED);
foreach ($result_accountcode as &$row_accountcode) {
$selected = '';
if ($action == "add" && $row_accountcode['type_value'] == $_SESSION['domain_name']) {
$selected = 'selected="selected"';
} elseif ($row_accountcode['type_value'] == $accountcode) {
$selected = 'selected="selected"';
}
echo " <option value=\"" . $row_accountcode['type_value'] . "\" {$selected}>" . $row_accountcode['type_value'] . "</option>\n";
}
unset($sql_accountcode, $prep_statement_accountcode, $result_accountcode);
echo "</select>";
echo "<br />\n";
echo $text['description-accountcode'] . "\n";示例15: substr
}
}
$count = $db->exec("BEGIN;");
//returns affected rows
//This is the buffer we want to do stuff with, maybe thow to a function?
$buf = substr($rbuf, 0, $i + 1);
$buf = str_replace("{domain_uuid}", $domain_uuid, $buf);
$totalsize = strlen($buf) + $totalsize;
$lnarray = explode("\n", $buf);
//print_r($lnarray);
$columnvaluecount = 0;
foreach ($lnarray as $sql) {
//--- Begin SQLite -------------------------------------
if (strlen($sql) > 0) {
//echo $sql."<br /><br />\n";
$count = $db->exec(check_sql($sql));
//returns affected rows
$x++;
if ($x > 10000) {
$count = $db->exec("COMMIT;");
//returns affected rows
$count = $db->exec("BEGIN;");
//returns affected rows
}
}
unset($sql);
//---EndSQLite-------------------------------------
//if ($columnvaluecount > 10) { break; }
$columnvaluecount++;
}
//Point marker back to last \n point