本文整理汇总了PHP中checkhtml函数的典型用法代码示例。如果您正苦于以下问题:PHP checkhtml函数的具体用法?PHP checkhtml怎么用?PHP checkhtml使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了checkhtml函数的14个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: blog_post
function blog_post($POST, $olds=array()) {
global $_G, $space;
$isself = 1;
if(!empty($olds['uid']) && $olds['uid'] != $_G['uid']) {
$isself = 0;
$__G = $_G;
$_G['uid'] = $olds['uid'];
$_G['username'] = addslashes($olds['username']);
}
$POST['subject'] = getstr(trim($POST['subject']), 80);
$POST['subject'] = censor($POST['subject']);
if(strlen($POST['subject'])<1) $POST['subject'] = dgmdate($_G['timestamp'], 'Y-m-d');
$POST['friend'] = intval($POST['friend']);
$POST['target_ids'] = '';
if($POST['friend'] == 2) {
$uids = array();
$names = empty($_POST['target_names'])?array():explode(',', preg_replace("/(\s+)/s", ',', $_POST['target_names']));
if($names) {
$uids = C::t('common_member')->fetch_all_uid_by_username($names);
}
if(empty($uids)) {
$POST['friend'] = 3;
} else {
$POST['target_ids'] = implode(',', $uids);
}
} elseif($POST['friend'] == 4) {
$POST['password'] = trim($POST['password']);
if($POST['password'] == '') $POST['friend'] = 0;
}
if($POST['friend'] !== 2) {
$POST['target_ids'] = '';
}
if($POST['friend'] !== 4) {
$POST['password'] == '';
}
$POST['tag'] = dhtmlspecialchars(trim($POST['tag']));
$POST['tag'] = getstr($POST['tag'], 500);
$POST['tag'] = censor($POST['tag']);
$POST['message'] = checkhtml($POST['message']);
if($_G['mobile']) {
$POST['message'] = getstr($POST['message'], 0, 0, 0, 1);
$POST['message'] = censor($POST['message']);
} else {
$POST['message'] = getstr($POST['message'], 0, 0, 0, 0, 1);
$POST['message'] = censor($POST['message']);
$POST['message'] = preg_replace(array(
"/\<div\>\<\/div\>/i",
"/\<a\s+href\=\"([^\>]+?)\"\>/i"
), array(
'',
'<a href="\\1" target="_blank">'
), $POST['message']);
}
$message = $POST['message'];
if(censormod($message) || censormod($POST['subject']) || $_G['group']['allowblogmod']) {
$blog_status = 1;
} else {
$blog_status = 0;
}
if(empty($olds['classid']) || $POST['classid'] != $olds['classid']) {
if(!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') {
$classname = dhtmlspecialchars(trim(substr($POST['classid'], 4)));
$classname = getstr($classname);
$classname = censor($classname);
if(empty($classname)) {
$classid = 0;
} else {
$classid = C::t('home_class')->fetch_classid_by_uid_classname($_G['uid'], $classname);
if(empty($classid)) {
$setarr = array(
'classname' => $classname,
'uid' => $_G['uid'],
'dateline' => $_G['timestamp']
);
$classid = C::t('home_class')->insert($setarr, true);
}
}
} else {
$classid = intval($POST['classid']);
}
} else {
$classid = $olds['classid'];
}
if($classid && empty($classname)) {
$query = C::t('home_class')->fetch($classid);
$classname = ($query['uid'] == $_G['uid']) ? $query['classname'] : '';
if(empty($classname)) $classid = 0;
}
$blogarr = array(
'subject' => $POST['subject'],
'classid' => $classid,
'friend' => $POST['friend'],
//.........这里部分代码省略.........
示例2: blog_post
function blog_post($POST, $olds = array())
{
global $_SGLOBAL, $_SC, $space;
//�����߽�ɫ�л�
$isself = 1;
if (!empty($olds['uid']) && $olds['uid'] != $_SGLOBAL['supe_uid']) {
$isself = 0;
$__SGLOBAL = $_SGLOBAL;
$_SGLOBAL['supe_uid'] = $olds['uid'];
$_SGLOBAL['supe_username'] = addslashes($olds['username']);
}
//����
$POST['subject'] = getstr(trim($POST['subject']), 80, 1, 1, 1);
if (strlen($POST['subject']) < 1) {
$POST['subject'] = sgmdate('Y-m-d');
}
$POST['friend'] = intval($POST['friend']);
//��˽
$POST['target_ids'] = '';
if ($POST['friend'] == 2) {
//�ض�����
$uids = array();
$names = empty($_POST['target_names']) ? array() : explode(' ', str_replace(cplang('tab_space'), ' ', $_POST['target_names']));
if ($names) {
$query = $_SGLOBAL['db']->query("SELECT uid FROM " . tname('space') . " WHERE username IN (" . simplode($names) . ")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$uids[] = $value['uid'];
}
}
if (empty($uids)) {
$POST['friend'] = 3;
//���Լ��ɼ�
} else {
$POST['target_ids'] = implode(',', $uids);
}
} elseif ($POST['friend'] == 4) {
//����
$POST['password'] = trim($POST['password']);
if ($POST['password'] == '') {
$POST['friend'] = 0;
}
//����
}
if ($POST['friend'] !== 2) {
$POST['target_ids'] = '';
}
if ($POST['friend'] !== 4) {
$POST['password'] == '';
}
$POST['tag'] = shtmlspecialchars(trim($POST['tag']));
$POST['tag'] = getstr($POST['tag'], 500, 1, 1, 1);
//�������
//����
if ($_SGLOBAL['mobile']) {
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 1);
} else {
$POST['message'] = checkhtml($POST['message']);
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 0, 1);
$POST['message'] = preg_replace(array("/\\<div\\>\\<\\/div\\>/i", "/\\<a\\s+href\\=\"([^\\>]+?)\"\\>/i"), array('', '<a href="\\1" target="_blank">'), $POST['message']);
}
$message = $POST['message'];
//���˷���
if (empty($olds['classid']) || $POST['classid'] != $olds['classid']) {
if (!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') {
//������
$classname = shtmlspecialchars(trim(substr($POST['classid'], 4)));
$classname = getstr($classname, 0, 1, 1, 1);
if (empty($classname)) {
$classid = 0;
} else {
$classid = getcount('class', array('classname' => $classname, 'uid' => $_SGLOBAL['supe_uid']), 'classid');
if (empty($classid)) {
$setarr = array('classname' => $classname, 'uid' => $_SGLOBAL['supe_uid'], 'dateline' => $_SGLOBAL['timestamp']);
$classid = inserttable('class', $setarr, 1);
}
}
} else {
$classid = intval($POST['classid']);
}
} else {
$classid = $olds['classid'];
}
if ($classid && empty($classname)) {
//�Ƿ����Լ���
$classname = getcount('class', array('classid' => $classid, 'uid' => $_SGLOBAL['supe_uid']), 'classname');
if (empty($classname)) {
$classid = 0;
}
}
//����
$blogarr = array('subject' => $POST['subject'], 'classid' => $classid, 'friend' => $POST['friend'], 'password' => $POST['password'], 'noreply' => empty($_POST['noreply']) ? 0 : 1);
//����ͼƬ
$titlepic = '';
//��ȡ�ϴ���ͼƬ
$uploads = array();
if (!empty($POST['picids'])) {
$picids = array_keys($POST['picids']);
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('pic') . " WHERE picid IN (" . simplode($picids) . ") AND uid='{$_SGLOBAL['supe_uid']}'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if (empty($titlepic) && $value['thumb']) {
//.........这里部分代码省略.........
示例3: blog_post
function blog_post($POST, $olds=array()) {
global $_SGLOBAL, $_SC, $space;
//操作者角色切换
$isself = 1;
if(!empty($olds['uid']) && $olds['uid'] != $_SGLOBAL['supe_uid']) {
$isself = 0;
$__SGLOBAL = $_SGLOBAL;
$_SGLOBAL['supe_uid'] = $olds['uid'];
$_SGLOBAL['supe_username'] = addslashes($olds['username']);
}
//标题
$POST['subject'] = getstr(trim($POST['subject']), 80, 1, 1, 1);
if(strlen($POST['subject'])<1) $POST['subject'] = sgmdate('Y-m-d');
$POST['friend'] = intval($POST['friend']);
//隐私
$POST['target_ids'] = '';
if($POST['friend'] == 2) {
//特定好友
$uids = array();
$names = empty($_POST['target_names'])?array():explode(' ', str_replace(cplang('tab_space'), ' ', $_POST['target_names']));
if($names) {
$query = $_SGLOBAL['db']->query("SELECT uid FROM ".tname('space')." WHERE username IN (".simplode($names).")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$uids[] = $value['uid'];
}
}
if(empty($uids)) {
$POST['friend'] = 3;//仅自己可见
} else {
$POST['target_ids'] = implode(',', $uids);
}
} elseif($POST['friend'] == 4) {
//加密
$POST['password'] = trim($POST['password']);
if($POST['password'] == '') $POST['friend'] = 0;//公开
}
if($POST['friend'] !== 2) {
$POST['target_ids'] = '';
}
if($POST['friend'] !== 4) {
$POST['password'] == '';
}
$POST['tag'] = shtmlspecialchars(trim($POST['tag']));
$POST['tag'] = getstr($POST['tag'], 500, 1, 1, 1); //语词屏蔽
//内容
if($_SGLOBAL['mobile']) {
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 1);
} else {
$POST['message'] = checkhtml($POST['message']);
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 0, 1);
$POST['message'] = preg_replace(array(
"/\<div\>\<\/div\>/i",
"/\<a\s+href\=\"([^\>]+?)\"\>/i"
), array(
'',
'<a href="\\1" target="_blank">'
), $POST['message']);
}
$message = $POST['message'];
//个人分类
if(empty($olds['classid']) || $POST['classid'] != $olds['classid']) {
if(!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') {
//分类名
$classname = shtmlspecialchars(trim(substr($POST['classid'], 4)));
$classname = getstr($classname, 0, 1, 1, 1);
if(empty($classname)) {
$classid = 0;
} else {
$classid = getcount('class', array('classname'=>$classname, 'uid'=>$_SGLOBAL['supe_uid']), 'classid');
if(empty($classid)) {
$setarr = array(
'classname' => $classname,
'uid' => $_SGLOBAL['supe_uid'],
'dateline' => $_SGLOBAL['timestamp']
);
$classid = inserttable('class', $setarr, 1);
}
}
} else {
$classid = intval($POST['classid']);
}
} else {
$classid = $olds['classid'];
}
if($classid && empty($classname)) {
//是否是自己的
$classname = getcount('class', array('classid'=>$classid, 'uid'=>$_SGLOBAL['supe_uid']), 'classname');
if(empty($classname)) $classid = 0;
}
//主表
$blogarr = array(
'subject' => $POST['subject'],
//.........这里部分代码省略.........
示例4: tname
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('thread') . " WHERE tid='{$tid}'");
if (!($thread = $_SGLOBAL['db']->fetch_array($query))) {
showmessage('no_privilege');
}
//检查权限
$tagid = $thread['tagid'];
$mtag = ckmtagspace($thread['tagid']);
if ($mtag['grade'] < 8 && $thread['uid'] != $_SGLOBAL['supe_uid'] && $userevent['status'] < 3) {
showmessage('no_privilege');
}
}
$subject = getstr($_POST['subject'], 80, 1, 1, 1);
if (strlen($subject) < 2) {
showmessage('title_not_too_little');
}
$_POST['message'] = checkhtml($_POST['message']);
$_POST['message'] = getstr($_POST['message'], 0, 1, 0, 1, 0, 1);
$_POST['message'] = preg_replace("/\\<div\\>\\<\\/div\\>/i", '', $_POST['message']);
$message = $_POST['message'];
//标题图片
$titlepic = '';
//获取上传的图片
$uploads = array();
if (!empty($_POST['picids'])) {
$picids = array_keys($_POST['picids']);
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('pic') . " WHERE picid IN (" . simplode($picids) . ") AND uid='{$_SGLOBAL['supe_uid']}'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if (empty($titlepic) && $value['thumb']) {
$titlepic = pic_get($value['filepath'], $value['thumb'], $value['remote']);
}
$uploads[$_POST['picids'][$value['picid']]] = $value;示例5: showmessage
include_once S_ROOT . './source/function_blog.php';
if (empty($results) || empty($_POST['ids'])) {
showmessage('choose_at_least_one_log', 'cp.php?ac=import');
}
$allcount = $incount = 0;
krsort($results);
//倒序
foreach ($results as $key => $value) {
$allcount = $allcount + 1;
if (in_array($key, $_POST['ids'])) {
$value = saddslashes($value);
$dateline = intval(sstrtotime($value['dateCreated']));
$subject = getstr($value['title'], 80, 1, 1, 1);
$message = isset($value['description']) ? $value['description'] : $value['content'];
$message = getstr($message, 0, 1, 1, 1, 0, 1);
$message = checkhtml($message);
if (empty($subject) || empty($message)) {
$results[$key]['status'] = '--';
$results[$key]['blogid'] = 0;
continue;
}
//开始导入
$blogarr = array('uid' => $_SGLOBAL['supe_uid'], 'username' => $_SGLOBAL['supe_username'], 'subject' => $subject, 'pic' => getmessagepic($message), 'dateline' => $dateline ? $dateline : $_SGLOBAL['timestamp']);
$blogid = inserttable('blog', $blogarr, 1);
//插入内容
$fieldarr = array('blogid' => $blogid, 'message' => $message, 'postip' => getonlineip());
inserttable('blogfield', $fieldarr);
//统计
$incount = $incount + 1;
$results[$key]['status'] = 'OK';
$results[$key]['blogid'] = $blogid;示例6: blog_post
function blog_post($POST, $olds = array())
{
global $_G, $space;
$isself = 1;
if (!empty($olds['uid']) && $olds['uid'] != $_G['uid']) {
$isself = 0;
$__G = $_G;
$_G['uid'] = $olds['uid'];
$_G['username'] = addslashes($olds['username']);
}
$POST['subject'] = getstr(trim($POST['subject']), 80, 1, 1);
$POST['subject'] = censor($POST['subject']);
if (strlen($POST['subject']) < 1) {
$POST['subject'] = dgmdate($_G['timestamp'], 'Y-m-d');
}
$POST['friend'] = intval($POST['friend']);
$POST['target_ids'] = '';
if ($POST['friend'] == 2) {
$uids = array();
$names = empty($_POST['target_names']) ? array() : explode(',', preg_replace("/(\\s+)/s", ',', $_POST['target_names']));
if ($names) {
$query = DB::query("SELECT uid FROM " . DB::table('common_member') . " WHERE username IN (" . dimplode($names) . ")");
while ($value = DB::fetch($query)) {
$uids[] = $value['uid'];
}
}
if (empty($uids)) {
$POST['friend'] = 3;
} else {
$POST['target_ids'] = implode(',', $uids);
}
} elseif ($POST['friend'] == 4) {
$POST['password'] = trim($POST['password']);
if ($POST['password'] == '') {
$POST['friend'] = 0;
}
}
if ($POST['friend'] !== 2) {
$POST['target_ids'] = '';
}
if ($POST['friend'] !== 4) {
$POST['password'] == '';
}
$POST['tag'] = dhtmlspecialchars(trim($POST['tag']));
$POST['tag'] = getstr($POST['tag'], 500, 1, 1);
$POST['tag'] = censor($POST['tag']);
if ($_G['mobile']) {
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1);
$POST['message'] = censor($POST['message']);
} else {
$POST['message'] = checkhtml($POST['message']);
$POST['message'] = getstr($POST['message'], 0, 1, 0, 0, 1);
$POST['message'] = censor($POST['message']);
$POST['message'] = preg_replace(array("/\\<div\\>\\<\\/div\\>/i", "/\\<a\\s+href\\=\"([^\\>]+?)\"\\>/i"), array('', '<a href="\\1" target="_blank">'), $POST['message']);
}
$message = $POST['message'];
if (censormod($message) || censormod($POST['subject']) || $_G['group']['allowblogmod']) {
$blog_status = 1;
} else {
$blog_status = 0;
}
if (empty($olds['classid']) || $POST['classid'] != $olds['classid']) {
if (!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') {
$classname = dhtmlspecialchars(trim(substr($POST['classid'], 4)));
$classname = getstr($classname, 0, 1, 1);
$classname = censor($classname);
if (empty($classname)) {
$classid = 0;
} else {
$classid = DB::result(DB::query("SELECT classid FROM " . DB::table('home_class') . " WHERE uid='{$_G['uid']}' AND classname='{$classname}'"));
if (empty($classid)) {
$setarr = array('classname' => $classname, 'uid' => $_G['uid'], 'dateline' => $_G['timestamp']);
$classid = DB::insert('home_class', $setarr, 1);
}
}
} else {
$classid = intval($POST['classid']);
}
} else {
$classid = $olds['classid'];
}
if ($classid && empty($classname)) {
$classname = DB::result(DB::query("SELECT classname FROM " . DB::table('home_class') . " WHERE classid='{$classid}' AND uid='{$_G['uid']}'"));
if (empty($classname)) {
$classid = 0;
}
}
$blogarr = array('subject' => $POST['subject'], 'classid' => $classid, 'friend' => $POST['friend'], 'password' => $POST['password'], 'noreply' => empty($POST['noreply']) ? 0 : 1, 'catid' => intval($POST['catid']), 'status' => $blog_status);
$titlepic = '';
$uploads = array();
if (!empty($POST['picids'])) {
$picids = array_keys($POST['picids']);
$query = DB::query("SELECT * FROM " . DB::table('home_pic') . " WHERE picid IN (" . dimplode($picids) . ") AND uid='{$_G['uid']}'");
while ($value = DB::fetch($query)) {
if (empty($titlepic) && $value['thumb']) {
$titlepic = $value['filepath'] . '.thumb.jpg';
$blogarr['picflag'] = $value['remote'] ? 2 : 1;
}
$uploads[$POST['picids'][$value['picid']]] = $value;
}
//.........这里部分代码省略.........
示例7: blog_post
function blog_post($POST, $olds = array())
{
global $_SGLOBAL, $_SC;
//操作者角色切换
if (!empty($olds['uid'])) {
$__SGLOBAL = $_SGLOBAL;
$_SGLOBAL['supe_uid'] = $olds['uid'];
$_SGLOBAL['supe_username'] = addslashes($olds['username']);
}
//标题
$POST['subject'] = getstr(trim($POST['subject']), 80, 1, 1, 1);
if (strlen($POST['subject']) < 1) {
$POST['subject'] = sgmdate('Y-m-d');
}
$POST['friend'] = intval($POST['friend']);
//隐私
$POST['target_ids'] = '';
if ($POST['friend'] == 2) {
//特定好友
$uids = array();
$names = empty($_POST['target_names']) ? array() : explode(' ', str_replace(cplang('tab_space'), ' ', $_POST['target_names']));
if ($names) {
$query = $_SGLOBAL['db']->query("SELECT uid FROM " . tname('space') . " WHERE username IN (" . simplode($names) . ")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$uids[] = $value['uid'];
}
}
if (empty($uids)) {
$POST['friend'] = 3;
//仅自己可见
} else {
$POST['target_ids'] = implode(',', $uids);
}
} elseif ($POST['friend'] == 4) {
//加密
$POST['password'] = trim($POST['password']);
if ($POST['password'] == '') {
$POST['friend'] = 0;
}
//公开
}
if ($POST['friend'] !== 2) {
$POST['target_ids'] = '';
}
if ($POST['friend'] !== 4) {
$POST['password'] == '';
}
$POST['tag'] = shtmlspecialchars(trim($POST['tag']));
$POST['tag'] = getstr($POST['tag'], 500, 1, 1, 1);
//语词屏蔽
//内容
$POST['message'] = checkhtml($POST['message']);
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 0, 1);
$POST['message'] = preg_replace("/\\<div\\>\\<\\/div\\>/i", '', $POST['message']);
$message = $POST['message'];
//个人分类
if (empty($olds['classid']) || $POST['classid'] != $olds['classid']) {
if (!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') {
//分类名
$classname = shtmlspecialchars(trim(substr($POST['classid'], 4)));
$classname = getstr($classname, 0, 1, 1, 1);
if (empty($classname)) {
$classid = 0;
} else {
$classid = getcount('class', array('classname' => $classname, 'uid' => $_SGLOBAL['supe_uid']), 'classid');
if (empty($classid)) {
$setarr = array('classname' => $classname, 'uid' => $_SGLOBAL['supe_uid'], 'dateline' => $_SGLOBAL['timestamp']);
$classid = inserttable('class', $setarr, 1);
}
}
} else {
$classid = intval($POST['classid']);
}
} else {
$classid = $olds['classid'];
}
if ($classid && empty($classname)) {
//是否是自己的
$classname = getcount('class', array('classid' => $classid, 'uid' => $_SGLOBAL['supe_uid']), 'classname');
if (empty($classname)) {
$classid = 0;
}
}
//主表
$blogarr = array('subject' => $POST['subject'], 'classid' => $classid, 'friend' => $POST['friend'], 'password' => $POST['password'], 'noreply' => empty($_POST['noreply']) ? 0 : 1);
//标题图片
$titlepic = '';
//获取上传的图片
$uploads = array();
if (!empty($POST['picids'])) {
$picids = array_keys($POST['picids']);
$query = $_SGLOBAL['db']->query("SELECT * FROM " . tname('pic') . " WHERE picid IN (" . simplode($picids) . ") AND uid='{$_SGLOBAL['supe_uid']}'");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
if (empty($titlepic) && $value['thumb']) {
$titlepic = $value['filepath'] . '.thumb.jpg';
$blogarr['picflag'] = $value['remote'] ? 2 : 1;
}
$uploads[$POST['picids'][$value['picid']]] = $value;
}
if (empty($titlepic) && $value) {
//.........这里部分代码省略.........
示例8: save_news
function save_news()
{
$site = $this->config->item('site');
$this->config->load('uploader_settings', TRUE);
$this->load->helper("getstr");
$this->load->helper("checkhtml");
$this->load->helper(array('form', 'url'));
$this->load->library('form_validation');
$this->form_validation->set_rules('title', 'News Title', 'required|max_length[255]');
$this->form_validation->set_rules('content', 'News Detail', 'required');
//$this->form_validation->set_rules('catid', 'Category', 'required|numeric');
//$this->form_validation->set_rules('path', 'Photo', 'required');
$this->form_validation->set_rules('tag', 'Tag', 'required|max_length[100]');
if ($this->form_validation->run() == FALSE) {
$message = validation_errors();
$json = array("code" => 0, "message" => $message);
echo json_encode($json);
die;
} else {
$title = $this->input->post("title", TRUE);
$title = getstr($title, 255, 0, 0, -1);
$content = $this->input->post("content");
//Sexy过滤
$sexword = array("Vibrator", "Pink Leopard", "Stimulator", "G-Spot", "california exotics", "sexual", "sexy", "Circumcision", "Stimulation", "Penis", "Clitoral", "Penis Enlarger", "Vaginal", "Adult Toys", "Personal Massager", "Pink Lady", "cook ring", "vagina", "Cigarette", "condom", "vibrator", "personal Lubricant", "Toy-G", "urethral", "Vibrating Ring", "masturbation", "masturbators", "Virgin", "vibrators", "G spot", "Vibrating Wand", "cigar", "anal", "vibrating ball", "Fat Ring", "bullet", "wet towel", "Love Lounger", "Nandrolone phenylpropionate", "Climax", "dildo", "Women massaging", "Artificial Pussy", "Silicone Finger Ring", "Fresh pussy", "Gynecological Hydrogel", "delay spray", "Delay wet tissue", "Male Enhancement", "Exercise Balls", "Classic Double Balls", "Geisha", "Pussy", "Premature Ejaculation", "Double Dong", "OTO tablets", "Princess doll", "Fleshlight", "Massaging Wand", "Roman emperor", "NITERIDER", "love doll", "contraceptive", "spermicide", "sperm", "Black Ant", "beads Pulse", "Rabbits Rings", "Rabbits Ring", "Love Making", "Make Love", "love ball", "Power Love", "Pornography", "marijuana", "drug", "breast", "masturbator", "Original", "inflatable doll", "Kinekt", "nipple cover", "nipple tape");
foreach ($sexword as $sex) {
if (preg_match("/\\b{$sex}\\b/i", $title)) {
$json = array("code" => 0, "message" => "Title Contains Sensitive Words!");
echo json_encode($json);
die;
} elseif (preg_match("/\\b{$sex}\\b/i", $content)) {
$json = array("code" => 0, "message" => "Content Contains Sensitive Words!");
echo json_encode($json);
die;
}
}
$timestamp = time();
$img_rootpath = $this->config->item('img_rootpath', 'uploader_settings');
$img_path = $this->config->item('img_path', 'uploader_settings');
$username = $this->username;
$itemid = $this->input->post("itemid");
$itemid = intval($itemid);
$linkurl = preg_replace("/[^a-zA-z0-9]+/", "-", $title);
$introduce = $this->input->post("introduce") ? $this->input->post("introduce") : getstr($content, 255, 0, 0, -1);
$content = checkhtml($content);
$catid = $this->input->post("catid");
$catid = intval($catid);
$thumb = $this->input->post("path", TRUE);
$thumb = getstr($thumb, 255, 0, 0, -1);
$tag = $this->input->post("tag", TRUE);
$tag = getstr($tag, 255, 0, 0, -1);
$author = $this->input->post("author") ? $this->input->post("author") : $username;
$author = getstr($author, 50, 0, 0, -1);
$editor = $this->input->post("editor") ? $this->input->post("editor") : $username;
$editor = getstr($editor, 30, 0, 0, -1);
$source = $this->input->post("source") ? $this->input->post("source") : $site['site_name'];
$source = getstr($source, 30, 0, 0, -1);
$fromurl = $this->input->post("fromurl") ? $this->input->post("fromurl") : $site['main_domain'];
$fromurl = getstr($fromurl, 255, 0, 0, -1);
$ip = $this->input->ip_address();
$areaid = intval($areaid);
if ($fromurl && stripos($fromurl, $site['site_url']) === false) {
$islink = 1;
}
$totime = strtotime("30 years");
if ($itemid) {
$findnews = $this->comm->find("news", array("itemid" => $itemid, "username" => $username));
if (!$findnews) {
$json = array("code" => 0, "message" => 'Update error : You don\'t have operation permissions or the news is not exsit');
echo json_encode($json);
die;
}
if ($catid) {
$findcate = $this->comm->find("category", array("catid" => $catid, "parentid" => 0));
if (!$findcate) {
$json = array("code" => 0, "message" => 'Please choose the Category');
echo json_encode($json);
die;
} else {
$catid = 0;
}
}
$updaterecord = array('title' => $title, 'catid' => $catid, 'tag' => $tag, 'areaid' => $areaid, 'author' => $author, 'editor' => $editor, 'source' => $source, 'fromurl' => $fromurl, 'username' => $username, 'edittime' => $timestamp, 'introduce' => $introduce, 'totime' => $totime, 'linkurl' => $linkurl, 'ip' => $ip, 'news_data' => array('content' => $content));
$this->comm->linker()->update("news", array("itemid" => $itemid), $updaterecord);
$newthumb = $this->move_image($thumb, $linkurl);
if ($newthumb !== false) {
$this->db->update("news", array("thumb" => $newthumb), array("itemid" => $itemid));
}
$json = array("code" => 1, 'message' => "update success", 'href' => site_url("user/news/manage_news"));
echo json_encode($json);
die;
} else {
$companyinfo = $this->comm->linker()->find("member", array("username" => $username));
$newrecord = array('title' => $title, 'catid' => $catid, 'tag' => $tag, 'areaid' => $areaid, 'author' => $author, 'editor' => $editor, 'source' => $source, 'fromurl' => $fromurl, 'addtime' => $timestamp, 'username' => $username, "edittime" => $timestamp, 'introduce' => $introduce, 'totime' => $totime, 'linkurl' => $linkurl, 'status' => 2, 'ip' => $ip, 'news_data' => array('content' => $content));
$cmd5 = md5($title . $companyinfo['company']);
$findnews = $this->comm->find("check_news", array("cmd5" => $cmd5));
if (!$findnews) {
$itemid = $this->comm->linker()->create("news", $newrecord);
if ($itemid) {
$newthumb = $this->move_image($thumb, $linkurl);
if ($newthumb) {
//.........这里部分代码省略.........
示例9: comment_post
function comment_post()
{
$this->check_token();
$id = I('get.id', 0, 'intval');
$comment = $this->get_request_data();
if ($id > 0 && $this->check_body_fields($comment, array("content"))) {
if (!M('information')->where(array('id' => $id, 'status' => 1))->count()) {
$this->error(1405);
}
$_POST['member_id'] = $this->uid;
$rules = array(array('content', 'require', '内容不能为空!', 1, ''));
$_POST['content'] = checkhtml($comment['content']);
$_POST['table'] = 'information';
$_POST['table_id'] = $id;
$result = update_data('comment', $rules);
if (is_numeric($result)) {
$this->success(array("comment_id" => $result));
} else {
$this->error($result);
}
}
$this->error(1001);
}示例10: member_edit2
function member_edit2()
{
$userid = intval($this->uri->rsegment(3, 0));
$result = $this->comm->linker()->find('member', array('userid' => $userid), 'edittime DESC', '');
$user = array();
$company = array();
$data['user'] = $user[] = $result;
$data['company'] = $company[] = $result['mcompany'];
$data['area'] = $area = $this->comm->findAll('area', '', 'listorder DESC', 'areaid,areaname', '');
$data['areaid'] = $result['areaid'];
$phone = $result['mobile'];
$phone = explode("-", $phone);
if (count($phone) == 2) {
$data['phone_1'] = isset($phone[0]) ? $phone[0] : "086";
$data['phone_2'] = $phone[1];
} else {
$data['phone_1'] = '';
$data['phone_2'] = '';
}
$data['groupid'] = $result['groupid'];
$data['ctype'] = $result['mcompany']['ctype'];
$data['thumb'] = $result['mcompany']['thumb'];
$data['mode'] = $mode = $result['mcompany']['mode'];
$data['size'] = $result['mcompany']['size'];
$data['regunit'] = $result['mcompany']['regunit'];
$telephone = $result['mcompany']['telephone'];
$telephone = explode("-", $telephone);
if ($telephone[0]) {
$data['telephone_1'] = isset($telephone[0]) ? $telephone[0] : "086";
$data['telephone_2'] = $telephone[1];
$data['telephone_3'] = $telephone[2];
} else {
$data['telephone_1'] = '';
$data['telephone_2'] = '';
$data['telephone_3'] = '';
}
$content = $result['company_data']['content'];
$data['content'] = checkhtml($content);
$this->load->view('member/member/member_edit', $data);
}示例11: save_sell
function save_sell()
{
$this->config->load('uploader_settings', TRUE);
$this->load->helper("getstr");
$this->load->helper("checkhtml");
$this->load->helper(array('form', 'url'));
$this->load->library('form_validation');
$this->form_validation->set_rules('title', 'Product Name', 'required|max_length[255]');
$this->form_validation->set_rules('content', 'product Detail', 'required');
$this->form_validation->set_rules('catid', 'Category', 'required|numeric');
$this->form_validation->set_rules('path', 'Photo', 'required');
$this->form_validation->set_rules('minamount', 'Minimum Order', 'required|numeric');
$this->form_validation->set_rules('unit', 'Unit Type', 'required');
$this->form_validation->set_rules('minprice', 'Price', 'required|numeric');
$this->form_validation->set_rules('currency', 'Currency', 'required');
if ($this->form_validation->run() == FALSE) {
$message = validation_errors();
$json = array("code" => 0, "message" => $message);
echo json_encode($json);
die;
} else {
$title = $this->input->post("title", TRUE);
$title = getstr($title, 255, 0, 0, -1);
$content = $this->input->post("content");
//Sexy过滤
$sexword = array("Vibrator", "Pink Leopard", "Stimulator", "G-Spot", "california exotics", "sexual", "sexy", "Circumcision", "Stimulation", "Penis", "Clitoral", "Penis Enlarger", "Vaginal", "Adult Toys", "Personal Massager", "Pink Lady", "cook ring", "vagina", "Cigarette", "condom", "vibrator", "personal Lubricant", "Toy-G", "urethral", "Vibrating Ring", "masturbation", "masturbators", "Virgin", "vibrators", "G spot", "Vibrating Wand", "cigar", "anal", "vibrating ball", "Fat Ring", "bullet", "wet towel", "Love Lounger", "Nandrolone phenylpropionate", "Climax", "dildo", "Women massaging", "Artificial Pussy", "Silicone Finger Ring", "Fresh pussy", "Gynecological Hydrogel", "delay spray", "Delay wet tissue", "Male Enhancement", "Exercise Balls", "Classic Double Balls", "Geisha", "Pussy", "Premature Ejaculation", "Double Dong", "OTO tablets", "Princess doll", "Fleshlight", "Massaging Wand", "Roman emperor", "NITERIDER", "love doll", "contraceptive", "spermicide", "sperm", "Black Ant", "beads Pulse", "Rabbits Rings", "Rabbits Ring", "Love Making", "Make Love", "love ball", "Power Love", "Pornography", "marijuana", "drug", "breast", "masturbator", "Original", "inflatable doll", "Kinekt", "nipple cover", "nipple tape");
foreach ($sexword as $sex) {
if (preg_match("/\\b{$sex}\\b/i", $title)) {
$json = array("code" => 0, "message" => "Title Contains Sensitive Words!");
echo json_encode($json);
die;
} elseif (preg_match("/\\b{$sex}\\b/i", $content)) {
$json = array("code" => 0, "message" => "Content Contains Sensitive Words!");
echo json_encode($json);
die;
}
}
$timestamp = time();
$img_rootpath = $this->config->item('img_rootpath', 'uploader_settings');
$img_path = $this->config->item('img_path', 'uploader_settings');
$username = $this->username;
$itemid = $this->input->post("itemid");
$itemid = intval($itemid);
$linkurl = preg_replace("/[^a-zA-z0-9]+/", "-", $title);
$introduce = getstr($content, 255, 0, 0, -1);
$content = checkhtml($content);
$catid = $this->input->post("catid");
$catid = intval($catid);
$thumb = $this->input->post("path", TRUE);
$thumb = getstr($thumb, 255, 0, 0, -1);
$thumb1 = $this->input->post("path_1", TRUE);
$thumb1 = getstr($thumb1, 255, 0, 0, -1);
$thumb2 = $this->input->post("path_2", TRUE);
$thumb2 = getstr($thumb2, 255, 0, 0, -1);
$option = $this->input->post("option", TRUE);
foreach ($option as $k => $v) {
$tmp[$k] = getstr($v, 255, 0, 0, -1);
}
$option = $tmp;
$minamount = $this->input->post("minamount");
$minamount = floatval($minamount);
$unit = $this->input->post("unit", TRUE);
$unit = getstr($unit, 30, 0, 0, -1);
$minprice = $this->input->post("minprice");
$minprice = floatval($minprice);
$currency = $this->input->post("currency", TRUE);
$currency = getstr($currency, 15, 0, 0, -1);
$mycatid = $this->input->post("mycatid");
$mycatid = intval($mycatid);
$ip = $this->input->ip_address();
$i = 0;
foreach ($option as $k => $v) {
if ($i == 0) {
if (!is_numeric($v)) {
$areaid = 1;
break;
}
$areaid = $v;
$area = $this->comm->find("area", array("areaid" => $areaid));
$araeid = $area['areaid'];
$option[$k] = $area['areaname'];
break;
}
}
$areaid = intval($areaid);
if ($itemid) {
$findsell = $this->comm->find("sell", array("itemid" => $itemid, "username" => $username));
if (!$findsell) {
$json = array("code" => 0, "message" => 'Update error : You don\'t have operation permissions or the product is not exsit');
echo json_encode($json);
die;
}
$findcate = $this->comm->find("category", array("catid" => $catid));
if ($findcate && $findcate['child'] == 1) {
$json = array("code" => 0, "message" => 'Please choose the last Category');
echo json_encode($json);
die;
}
$updaterecord = array('title' => $title, 'catid' => $catid, 'mycatid' => $mycatid, 'areaid' => $areaid, 'unit' => $unit, 'minprice' => $minprice, 'maxprice' => $minprice, 'currency' => $currency, 'minamount' => $minamount, 'groupid' => 6, "edittime" => $timestamp, "editdate" => date("Y-m-d", $timestamp), 'introduce' => $introduce, "linkurl" => $linkurl, 'sell_data' => array('content' => $content));
$this->comm->linker()->update("sell", array("itemid" => $itemid), $updaterecord);
//.........这里部分代码省略.........
示例12: hclean
function hclean($string)
{
$string = strip_tags($string, '<p><a><b><i><blockquote><h1><h2><ol><ul><li><img><div><br><pre><strike>');
$string = checkhtml($string);
$string = tidytag($string);
return $string;
}示例13: pick_blog_post
function pick_blog_post($POST, $olds = array())
{
global $_G, $space;
$__G = $_G;
$_G['uid'] = $POST['uid'];
$_G['username'] = addslashes($POST['username']);
$POST['subject'] = getstr(trim($POST['subject']), 80, 1, 1);
//$POST['subject'] = addslashes($POST['subject']);
if (strlen($POST['subject']) < 1) {
$POST['subject'] = dgmdate($POST['public_time'], 'Y-m-d');
}
$POST['friend'] = intval($POST['friend']);
$POST['target_ids'] = '';
if ($POST['friend'] == 2) {
$uids = array();
$names = empty($_GET['target_names']) ? array() : explode(',', preg_replace("/(\\s+)/s", ',', $_GET['target_names']));
if ($names) {
$query = DB::query("SELECT uid FROM " . DB::table('common_member') . " WHERE username IN (" . dimplode($names) . ")");
while ($value = DB::fetch($query)) {
$uids[] = $value['uid'];
}
}
if (empty($uids)) {
$POST['friend'] = 3;
} else {
$POST['target_ids'] = implode(',', $uids);
}
} elseif ($POST['friend'] == 4) {
$POST['password'] = trim($POST['password']);
if ($POST['password'] == '') {
$POST['friend'] = 0;
}
}
if ($POST['friend'] !== 2) {
$POST['target_ids'] = '';
}
if ($POST['friend'] !== 4) {
$POST['password'] == '';
}
$POST['tag'] = dhtmlspecialchars(trim($POST['article_tag']));
$POST['tag'] = getstr($POST['tag'], 500, 1, 1);
$POST['tag'] = censor($POST['tag']);
if ($_G['mobile']) {
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1);
$POST['message'] = censor($POST['message']);
} else {
$POST['message'] = checkhtml($POST['message']);
$POST['message'] = getstr($POST['message'], 0, 1, 0, 0, 1);
//$POST['message'] = addslashes($POST['message']);
$POST['message'] = preg_replace(array("/\\<div\\>\\<\\/div\\>/i", "/\\<a\\s+href\\=\"([^\\>]+?)\"\\>/i"), array('', '<a href="\\1" target="_blank">'), $POST['message']);
}
$message = $POST['message'];
$blog_status = 0;
if ($olds['blog_id']) {
$info = DB::fetch_first("SELECT blogid FROM " . DB::table('home_blog') . " WHERE blogid='" . $olds['blog_id'] . "'");
}
if (empty($olds['classid']) || $POST['classid'] != $olds['classid']) {
if (!empty($POST['classid']) && substr($POST['classid'], 0, 4) == 'new:') {
$classname = dhtmlspecialchars(trim(substr($POST['classid'], 4)));
$classname = getstr($classname, 0, 1, 1);
$classname = censor($classname);
if (empty($classname)) {
$classid = 0;
} else {
$classid = DB::result(DB::query("SELECT classid FROM " . DB::table('home_class') . " WHERE uid='{$_G['uid']}' AND classname='{$classname}'"));
if (empty($classid)) {
$setarr = array('classname' => $classname, 'uid' => $_G['uid'], 'dateline' => $_G['timestamp']);
$classid = DB::insert('home_class', $setarr, 1);
}
}
} else {
$classid = intval($POST['classid']);
}
} else {
$classid = $olds['classid'];
}
if ($classid && empty($classname)) {
$classname = DB::result(DB::query("SELECT classname FROM " . DB::table('home_class') . " WHERE classid='{$classid}' AND uid='{$_G['uid']}'"));
if (empty($classname)) {
$classid = 0;
}
}
$blogarr = array('subject' => $POST['subject'], 'classid' => $classid, 'viewnum' => $POST['view_num'], 'friend' => $POST['friend'], 'password' => $POST['password'], 'noreply' => empty($POST['noreply']) ? 0 : 1, 'catid' => intval($POST['catid']), 'status' => $blog_status);
$titlepic = '';
$ckmessage = preg_replace("/(\\<div\\>|\\<\\/div\\>|\\s|\\ \\;|\\<br\\>|\\<p\\>|\\<\\/p\\>)+/is", '', $message);
if (empty($ckmessage)) {
return false;
}
$message = addslashes($message);
if (checkperm('manageblog')) {
$blogarr['hot'] = intval($POST['hot']);
}
if ($blogarr['catid']) {
DB::query("UPDATE " . DB::table('home_blog_category') . " SET num=num+1 WHERE catid='{$blogarr['catid']}'");
}
$blogarr['uid'] = $_G['uid'];
$blogarr['username'] = $_G['username'];
$blogarr['dateline'] = empty($POST['public_time']) ? $_G['timestamp'] : $POST['public_time'];
if ($info['blogid']) {
DB::update('home_blog', $blogarr, array('blogid' => $info['blogid']));
//.........这里部分代码省略.........
示例14: bwzt_post
function bwzt_post($POST, $olds = array())
{
global $_SGLOBAL, $_SC, $space;
//操作者角色切换
$isself = 1;
if (!empty($olds['uid']) && $olds['uid'] != $_SGLOBAL['supe_uid']) {
$isself = 0;
$__SGLOBAL = $_SGLOBAL;
$_SGLOBAL['supe_uid'] = $olds['uid'];
$_SGLOBAL['supe_username'] = addslashes($olds['username']);
}
//标题
$POST['subject'] = getstr(trim($POST['subject']), 80, 1, 1, 1);
if (strlen($POST['subject']) < 1) {
$POST['subject'] = sgmdate('Y-m-d');
}
$POST['friend'] = intval($POST['friend']);
//性别
$POST['sex'] = getstr(trim($POST['sex']), 80, 1, 1, 1);
if (strlen($POST['sex']) < 1) {
$POST['sex'] = "女";
}
//年龄
$POST['age'] = intval($POST['age']);
if ($POST['age'] < 0) {
$POST['age'] = 0;
}
//隐私
$POST['target_ids'] = '';
if ($POST['friend'] == 2) {
//特定好友
$uids = array();
$names = empty($_POST['target_names']) ? array() : explode(' ', str_replace(cplang('tab_space'), ' ', $_POST['target_names']));
if ($names) {
$query = $_SGLOBAL['db']->query("SELECT uid FROM " . tname('space') . " WHERE username IN (" . simplode($names) . ")");
while ($value = $_SGLOBAL['db']->fetch_array($query)) {
$uids[] = $value['uid'];
}
}
if (empty($uids)) {
$POST['friend'] = 3;
//仅自己可见
} else {
$POST['target_ids'] = implode(',', $uids);
}
} elseif ($POST['friend'] == 4) {
//加密
$POST['password'] = trim($POST['password']);
if ($POST['password'] == '') {
$POST['friend'] = 0;
}
//公开
}
if ($POST['friend'] !== 2) {
$POST['target_ids'] = '';
}
if ($POST['friend'] !== 4) {
$POST['password'] == '';
}
$POST['tag'] = shtmlspecialchars(trim($POST['tag']));
$POST['tag'] = getstr($POST['tag'], 500, 1, 1, 1);
//语词屏蔽
//内容
if ($_SGLOBAL['mobile']) {
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 1);
} else {
$POST['message'] = checkhtml($POST['message']);
$POST['message'] = getstr($POST['message'], 0, 1, 0, 1, 0, 1);
$POST['message'] = preg_replace(array("/\\<div\\>\\<\\/div\\>/i", "/\\<a\\s+href\\=\"([^\\>]+?)\"\\>/i"), array('', '<a href="\\1" target="_blank">'), $POST['message']);
}
$message = $POST['message'];
//个人分类
if (empty($olds['bwztclassid']) || $POST['bwztclassid'] != $olds['bwztclassid']) {
if (!empty($POST['bwztclassid']) && substr($POST['bwztclassid'], 0, 4) == 'new:') {
//分类名
$bwztclassname = shtmlspecialchars(trim(substr($POST['bwztclassid'], 4)));
$bwztclassname = getstr($bwztclassname, 0, 1, 1, 1);
if (empty($bwztclassname)) {
$bwztclassid = 0;
} else {
$bwztclassid = getcount('bwztclass', array('bwztclassname' => $bwztclassname, 'uid' => $_SGLOBAL['supe_uid']), 'bwztclassid');
if (empty($bwztclassid)) {
$setarr = array('bwztclassname' => $bwztclassname, 'uid' => $_SGLOBAL['supe_uid'], 'dateline' => $_SGLOBAL['timestamp']);
$bwztclassid = inserttable('bwztclass', $setarr, 1);
}
}
} else {
$bwztclassid = intval($POST['bwztclassid']);
}
} else {
$bwztclassid = $olds['bwztclassid'];
}
//new
//科室分类
//
if (empty($olds['bwztdivisionid']) || $POST['bwztdivisionid'] != $olds['bwztdivisionid']) {
if (!empty($POST['bwztdivisionid']) && substr($POST['bwztdivisionid'], 0, 4) == 'new:') {
//分类名
$bwztdivisionname = shtmlspecialchars(trim(substr($POST['bwztdivisionid'], 4)));
$bwztdivisionname = getstr($bwztdivisionname, 0, 1, 1, 1);
//.........这里部分代码省略.........