本文整理汇总了PHP中db_escape_string函数的典型用法代码示例。如果您正苦于以下问题:PHP db_escape_string函数的具体用法?PHP db_escape_string怎么用?PHP db_escape_string使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了db_escape_string函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: authenticate
function authenticate($login, $password)
{
$try_login = db_escape_string($_SERVER["REMOTE_USER"]);
if (!$try_login) {
$try_login = $this->get_login_by_ssl_certificate();
}
# if (!$try_login) $try_login = "test_qqq";
if ($try_login) {
$user_id = $this->auto_create_user($try_login);
if ($user_id) {
$_SESSION["fake_login"] = $try_login;
$_SESSION["fake_password"] = "******";
$_SESSION["hide_hello"] = true;
$_SESSION["hide_logout"] = true;
// LemonLDAP can send user informations via HTTP HEADER
if (defined('AUTH_AUTO_CREATE') && AUTH_AUTO_CREATE) {
// update user name
$fullname = $_SERVER['HTTP_USER_NAME'] ? $_SERVER['HTTP_USER_NAME'] : $_SERVER['AUTHENTICATE_CN'];
if ($fullname) {
$fullname = db_escape_string($fullname);
db_query($this->link, "UPDATE ttrss_users SET full_name = '{$fullname}' WHERE id = " . $user_id);
}
// update user mail
$email = $_SERVER['HTTP_USER_MAIL'] ? $_SERVER['HTTP_USER_MAIL'] : $_SERVER['AUTHENTICATE_MAIL'];
if ($email) {
$email = db_escape_string($email);
db_query($this->link, "UPDATE ttrss_users SET email = '{$email}' WHERE id = " . $user_id);
}
}
return $user_id;
}
}
return false;
}示例2: totalSiteFileNumber
public function totalSiteFileNumber($siteId)
{
$q = "SELECT count(*) AS count FROM file WHERE site_id='" . db_escape_string($siteId) . "'\t";
$db = Database::connection();
$r = $db->query($q)->nextRow();
return $r['count'];
}示例3: shareArticle
function shareArticle()
{
$param = db_escape_string($_REQUEST['param']);
$result = db_query($this->link, "SELECT uuid, ref_id FROM ttrss_user_entries WHERE int_id = '{$param}'\n\t\t\tAND owner_uid = " . $_SESSION['uid']);
if (db_num_rows($result) == 0) {
print "Article not found.";
} else {
$uuid = db_fetch_result($result, 0, "uuid");
$ref_id = db_fetch_result($result, 0, "ref_id");
if (!$uuid) {
$uuid = db_escape_string(sha1(uniqid(rand(), true)));
db_query($this->link, "UPDATE ttrss_user_entries SET uuid = '{$uuid}' WHERE int_id = '{$param}'\n\t\t\t\t\tAND owner_uid = " . $_SESSION['uid']);
}
print __("You can share this article by the following unique URL:");
$url_path = get_self_url_prefix();
$url_path .= "/public.php?op=share&key={$uuid}";
print "<div class=\"tagCloudContainer\">";
print "<a id='pub_opml_url' href='{$url_path}' target='_blank'>{$url_path}</a>";
print "</div>";
/* if (!label_find_id($this->link, __('Shared'), $_SESSION["uid"]))
label_create($this->link, __('Shared'), $_SESSION["uid"]);
label_add_article($this->link, $ref_id, __('Shared'), $_SESSION['uid']); */
}
print "<div align='center'>";
print "<button dojoType=\"dijit.form.Button\" onclick=\"return dijit.byId('shareArticleDlg').hide()\">" . __('Close this window') . "</button>";
print "</div>";
}示例4: session_require
function session_require($req)
{
global $Language;
/*
Codendi admins always return true
*/
if (user_is_super_user()) {
return true;
}
if (isset($req['group']) && $req['group']) {
$query = "SELECT user_id FROM user_group WHERE user_id=" . user_getid() . " AND group_id=" . db_ei($req['group']);
if (isset($req['admin_flags']) && $req['admin_flags']) {
$query .= " AND admin_flags = '" . db_escape_string($req['admin_flags']) . "'";
}
if (db_numrows(db_query($query)) < 1 || !$req['group']) {
exit_error($Language->getText('include_session', 'insufficient_g_access'), $Language->getText('include_session', 'no_perm_to_view'));
}
} elseif (isset($req['user']) && $req['user']) {
if (user_getid() != $req['user']) {
exit_error($Language->getText('include_session', 'insufficient_u_access'), $Language->getText('include_session', 'no_perm_to_view'));
}
} elseif (isset($req['isloggedin']) && $req['isloggedin']) {
if (!user_isloggedin()) {
exit_error($Language->getText('include_session', 'required_login'), $Language->getText('include_session', 'login'));
}
} else {
exit_error($Language->getText('include_session', 'insufficient_access'), $Language->getText('include_session', 'no_access'));
}
}示例5: getInfo
function getInfo()
{
//retrieve Data from the DB
$id = db_escape_string($_REQUEST['id']);
$result = db_query("SELECT title, link\n\t\t\t\tFROM ttrss_entries, ttrss_user_entries\n\t\t\t\tWHERE id = '{$id}' AND ref_id = id AND owner_uid = " . $_SESSION['uid']);
if (db_num_rows($result) != 0) {
$title = truncate_string(strip_tags(db_fetch_result($result, 0, 'title')), 100, '...');
$article_link = db_fetch_result($result, 0, 'link');
}
$consumer_key = $this->host->get($this, "pocket_consumer_key");
$pocket_access_token = $this->host->get($this, "pocket_access_token");
//Call Pocket API
if (function_exists('curl_init')) {
$postfields = array('consumer_key' => $consumer_key, 'access_token' => $pocket_access_token, 'url' => $article_link, 'title' => $title);
$cURL = curl_init();
curl_setopt($cURL, CURLOPT_URL, 'https://getpocket.com/v3/add');
curl_setopt($cURL, CURLOPT_HEADER, 1);
curl_setopt($cURL, CURLOPT_HTTPHEADER, array('Content-type: application/x-www-form-urlencoded;charset=UTF-8'));
curl_setopt($cURL, CURLOPT_RETURNTRANSFER, true);
curl_setopt($cURL, CURLOPT_TIMEOUT, 5);
curl_setopt($cURL, CURLOPT_POST, 4);
curl_setopt($cURL, CURLOPT_POSTFIELDS, http_build_query($postfields));
$apicall = curl_exec($cURL);
curl_close($cURL);
//Store error code in $status
$status = preg_match('/^X-Error: .*$/m', $apicall, $matches) ? $matches[0] : 1;
} else {
$status = 'For the plugin to work you need to <strong>enable PHP extension CURL</strong>!';
}
//Return information on article and status
print json_encode(array("title" => $title, "link" => $article_link, "id" => $id, "status" => $status));
}示例6: checkInput
function checkInput($q, $v, $t)
{
if (is_array($v) == false) {
$v = array($v);
}
if (is_array($t) == false) {
$t = array($t);
}
if (count($v) != count($t)) {
$e = new mb_exception("array params and array types have a different count in " . $_SERVER['SCRIPT_FILENAME'] . ": Sql: " . $q);
}
if (PREPAREDSTATEMENTS == true && SYS_DBTYPE == "pgsql") {
$this->v = $v;
} else {
for ($i = 0; $i < count($v); $i++) {
if ($t[$i] == 's') {
$v[$i] = db_escape_string($v[$i]);
} else {
if ($t[$i] == 'i') {
if (preg_match("/w/", $v[$i])) {
$e = new mb_exception($_SERVER['SCRIPT_FILENAME'] . ": Unable to parse integer in: " . $q . " with: param " . $i . "," . $v[i]);
die("wrong data type in sql:" . $q);
}
} else {
if ($t[$i] == 'd') {
}
}
}
}
$this->v = $v;
}
}示例7: getUrl
function getUrl()
{
$id = db_escape_string($_REQUEST['id']);
//get feed url
$result1 = db_query("SELECT link\n\t\t\tFROM ttrss_entries, ttrss_user_entries\n\t\t\tWHERE id = '{$id}' AND ref_id = id AND owner_uid = " . $_SESSION['uid']);
$url = "";
if (db_num_rows($result1) != 0) {
$url = db_fetch_result($result1, 0, "link");
}
//search for feed mobilizer
$result2 = db_query("SELECT url\n\t\t\tFROM ttrss_user_entries ue, plugin_mobilize_feeds pf, plugin_mobilize_mobilizers pm\n\t\t\tWHERE ue.ref_id = '{$id}' and ue.owner_uid = " . $_SESSION['uid'] . " \n\t\t\tand ue.feed_id = pf.id \n\t\t\tand pf.owner_uid = ue.owner_uid\n\t\t\tand pf.mobilizer_id = pm.id");
//no mobilizer set for this feed, select default
if (!db_num_rows($result2)) {
$result2 = db_query("SELECT url\tFROM plugin_mobilize_mobilizers WHERE id = '0'");
}
$mobilizer_url = $url;
if (db_num_rows($result2) != 0) {
$mobilizer_url = db_fetch_result($result2, 0, "url");
if ($mobilizer_url != "") {
# we got an configured url for the feed, lets do search and replace
$mobilizer_url = str_replace("%s", $url, $mobilizer_url);
} else {
$mobilizer_url = $url;
}
}
print json_encode(array("url" => $mobilizer_url, "id" => $id));
}示例8: setNote
function setNote()
{
$id = db_escape_string($_REQUEST["id"]);
$note = trim(strip_tags(db_escape_string($_REQUEST["note"])));
db_query("UPDATE ttrss_user_entries SET note = '{$note}'\n\t\t\tWHERE ref_id = '{$id}' AND owner_uid = " . $_SESSION["uid"]);
$formatted_note = format_article_note($id, $note);
print json_encode(array("note" => $formatted_note, "raw_length" => mb_strlen($note)));
}示例9: save
function save()
{
$tags = explode(",", db_escape_string($_POST["tags"]));
$tags = array_map("trim", $tags);
$tags = array_map("mb_strtolower", $tags);
$tags = join(", ", $tags);
$this->host->set($this, "tags", $tags);
echo __("Configuration saved.");
}示例10: changeemail
function changeemail()
{
$email = db_escape_string($_POST["email"]);
$full_name = db_escape_string($_POST["full_name"]);
$active_uid = $_SESSION["uid"];
db_query($this->link, "UPDATE ttrss_users SET email = '{$email}',\n\t\t\tfull_name = '{$full_name}' WHERE id = '{$active_uid}'");
print __("Your personal data has been saved.");
return;
}示例11: smarty_function_get_nodes_by_parent
function smarty_function_get_nodes_by_parent($params, &$smarty)
{
global $node;
$sql_time = "";
$sql_type = "";
$parent = $params['parent'];
$permissions = permissions::checkPerms($parent);
if (!$permissions['r']) {
$error = $error_messages['READ_PERMISSION_ERROR'];
return false;
}
$parent_vectot = $parent['node_vector'];
if ($params['listing_amount'] == 'all') {
$listing_amount = DEF_MAX_LISTING_AMMOUNT;
} else {
$listing_amount = $params['listing_amount'];
}
if (empty($params['offset'])) {
$offset = 0;
} else {
$offset = $params['offset'];
}
if (isset($params['orderby'])) {
$orderby = db_escape_string($params['orderby']);
}
global $db, $node;
$node_id = $node['node_id'];
$user_id = $_SESSION['user_id'];
if (isset($params['time'])) {
$sql_time = " nodes.node_created > '" . db_escape_string($params['time']) . "' and ";
}
$q = "select parent.node_name as parent_name,users.*,nodes.*,node_access.node_user_subchild_count from nodes left join nodes as parent on parent.node_id=nodes.node_parent left join node_access on node_access.node_id=nodes.node_id and node_access.user_id='{$user_id}' left join users on users.user_id=nodes.node_creator where ";
$q .= " {$sql_time} nodes.node_parent='{$parent}' and nodes.node_system_access!='private'";
if (isset($_POST['template_event']) && $_POST['template_event'] == 'filter_by') {
if (isset($_POST['search_type']) && $_POST['search_type'] == 'content') {
$sql_type .= " and node_content like '%" . db_escape_string($_POST['node_content']) . "%' ";
} else {
$q2 = "select user_id from users where login='" . db_escape_string($_POST['node_content']) . "'";
$userset = $db->query($q2);
$userset->next();
$id = $userset->getString('user_id');
$sql_type = " and nodes.node_creator='{$id}'";
}
$q .= $sql_type;
}
if (isset($orderby)) {
$q .= " order by {$orderby} ";
} else {
$q .= " order by nodes.node_id desc ";
}
$q .= " LIMIT {$offset},{$listing_amount} ";
$set = $db->query($q);
while ($set->next()) {
$pole[] = $set->getRecord();
}
$smarty->assign('get_nodes_by_parent', $pole);
}示例12: getUrl
function getUrl()
{
$id = db_escape_string($_REQUEST['id']);
$result = db_query("SELECT link\n\t\t\t\tFROM ttrss_entries, ttrss_user_entries\n\t\t\t\tWHERE id = '{$id}' AND ref_id = id AND owner_uid = " . $_SESSION['uid']);
$url = "";
if (db_num_rows($result) != 0) {
$url = db_fetch_result($result, 0, "link");
}
print json_encode(array("url" => $url, "id" => $id));
}示例13: getInfo
function getInfo()
{
$id = db_escape_string($_REQUEST['id']);
$result = db_query($this->link, "SELECT title, link\n\t\t\t\tFROM ttrss_entries, ttrss_user_entries\n\t\t\t\tWHERE id = '{$id}' AND ref_id = id AND owner_uid = " . $_SESSION['uid']);
if (db_num_rows($result) != 0) {
$title = truncate_string(strip_tags(db_fetch_result($result, 0, 'title')), 100, '...');
$article_link = db_fetch_result($result, 0, 'link');
}
print json_encode(array("title" => $title, "link" => $article_link, "id" => $id));
}示例14: find_user_by_login
function find_user_by_login($login)
{
$login = db_escape_string($login);
$result = db_query($this->link, "SELECT id FROM ttrss_users WHERE\n\t\t\tlogin = '{$login}'");
if (db_num_rows($result) > 0) {
return db_fetch_result($result, 0, "id");
} else {
return false;
}
}示例15: udvaelg
function udvaelg($tmp, $key, $art)
{
include "../includes/std_func.php";
$tmp = strtolower($tmp);
if ($art) {
#20150105-1
if ($art != 'BELOB') {
$tmp = str_replace(",", ":", $tmp);
}
#20150601
$tmp = str_replace(";", ":", $tmp);
if ($art == 'BELOB' && !strpos($tmp, ':')) {
#20151019
$tmp = usdecimal($tmp);
$tmp1 = $tmp - 0.005;
$tmp2 = $tmp + 0.004;
$tmp = number_format($tmp1, 3, ',', '') . ":" . number_format($tmp2, 3, ',', '');
}
}
list($tmp1, $tmp2) = explode(":", $tmp);
if (strstr($tmp, ':') && $art != 'TID') {
if ($art == "DATO") {
$tmp1 = usdate($tmp1);
$tmp2 = usdate($tmp2);
} elseif ($art == "BELOB") {
$tmp1 = usdecimal($tmp1);
$tmp2 = usdecimal($tmp2);
} elseif ($art == "NR") {
$tmp1 = afrund($tmp1 * 1, 2);
#21050105-2
$tmp2 = afrund($tmp2 * 1, 2);
}
$udvaelg = "and {$key} >= '{$tmp1}' and {$key} <= '{$tmp2}'";
} else {
if ($art == "TID") {
if (!strstr($tmp, ':')) {
$tmp = $tmp * 1;
$tmp = str_replace(".", ":", $tmp);
if (!strstr($tmp, ':')) {
$tmp = $tmp . ":";
}
}
} elseif ($art == "DATO") {
$tmp = usdate($tmp);
}
if (!$art) {
$tmp = str_replace("*", "%", $tmp);
$tmp = db_escape_string($tmp);
$udvaelg = " and lower({$key}) like '{$tmp}'";
} else {
$udvaelg = " and {$key} = '{$tmp}'";
}
}
return $udvaelg;
}