本文整理汇总了PHP中esc函数的典型用法代码示例。如果您正苦于以下问题:PHP esc函数的具体用法?PHP esc怎么用?PHP esc使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了esc函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: content
function content()
{
if (!user_logged_in()) {
return must_log_in();
}
$user = fetch_one_or_none('users', 'id', user_logged_in());
if (!array_key_exists('token', $_GET) || !$_GET['token'] || $_GET['token'] != sha1($user->new_email_address)) {
$errors[] = 'Invalid reset token';
}
# This can happen if two accounts try to change address at similar times.
if (count($errors) == 0 && count(fetch_all('users', 'email_address', $user->new_email_address))) {
$errors[] = "A user with this email address already exists";
}
if (count($errors) == 0) {
update_all('users', array('email_address' => $user->new_email_address, 'new_email_address' => null), 'id', user_logged_in());
?>
<h2>Address changed</h2>
<p>Your email address has been changed to
<tt><?php
esc($user->new_email_address);
?>
</tt>.</p>
<?php
return;
}
page_header('Address verification failed');
show_error_list($errors);
}示例2: esc
/**
* Performs simple auto-escaping of data for security reasons.
* Might consider making this more complex at a later date.
*
* If $data is a string, then it simply escapes and returns it.
* If $data is an array, then it loops over it, escaping each
* 'value' of the key/value pairs.
*
* Valid context values: html, js, css, url, attr, raw, null
*
* @param string|array $data
* @param string $context
* @param string $encoding
*
* @return $data
*/
function esc($data, $context = 'html', $encoding = null)
{
if (is_array($data)) {
foreach ($data as $key => &$value) {
$value = esc($value, $context);
}
}
if (is_string($data)) {
$context = strtolower($context);
// Provide a way to NOT escape data since
// this could be called automatically by
// the View library.
if (empty($context) || $context == 'raw') {
return $data;
}
if (!in_array($context, ['html', 'js', 'css', 'url', 'attr'])) {
throw new \InvalidArgumentException('Invalid escape context provided.');
}
if ($context == 'attr') {
$method = 'escapeHtmlAttr';
} else {
$method = 'escape' . ucfirst($context);
}
$escaper = new \Zend\Escaper\Escaper($encoding);
$data = $escaper->{$method}($data);
}
return $data;
}示例3: navLabel
private function navLabel($node)
{
$nodetype = $node->has('nodetype_name') ? $node->get('nodetype_name') : $node->getNodetype()->displayField();
$icon = $node->has('nodetype_icon') ? $node->get('nodetype_icon') : $node->getNodetype()->getIcon();
$label = '<span class="badge-icon" title="' . esc($nodetype) . '"><i class="' . $icon . '"></i></span>';
return $label . ' <span class="title">' . clean($node->getTitle()) . '</span>';
}示例4: testEsc
public function testEsc()
{
$expectations = [['Strings', "Strings"], ['Stri"ngs', "Stri"ngs"], ['Stri\'ngs', "Stri'ngs"]];
foreach ($expectations as $expect) {
$this->assertEquals($expect[1], esc($expect[0]));
}
}示例5: content
function content()
{
$users = fetch_wol('*', 'users', 'date_verified IS NOT NULL AND date_approved IS NOT NULL', 'name ASC');
?>
<h2>Accounts</h2>
<table>
<?php
foreach ($users as $u) {
?>
<tr>
<td class="name"><a href="<?php
esc($u->id);
?>
"><?php
esc($u->name);
?>
</a></td>
</tr>
<?php
}
?>
</table>
<?php
}示例6: render
public function render($doctype, $environment)
{
$languages = ipContent()->getLanguages();
$answer = '';
foreach ($languages as $language) {
$langValue = '';
$fieldValue = $this->getValue();
if (is_array($fieldValue)) {
if (!empty($fieldValue[$language->getCode()])) {
$langValue = $fieldValue[$language->getCode()];
}
}
if (!is_string($langValue)) {
//just in case we have an array or something else incompatible with below code in the database
$langValue = '';
}
$answer .= '
<div class="input-group">
<span class="input-group-addon">' . esc($language->getAbbreviation()) . '</span>
<input ' . $this->getAttributesStr($doctype) . ' class="form-control ' . implode(' ', $this->getClasses()) . '" name="' . escAttr($this->getName() . '[' . $language->getCode() . ']" ') . $this->getValidationAttributesStr($doctype) . ' type="text" value="' . escAttr($langValue) . '" />
</div>
';
}
return $answer;
}示例7: ipRelativeDir
/**
* @ignore
* @param int $callLevel
* @return string
* @throws \Ip\Exception
*/
public static function ipRelativeDir($callLevel = 0)
{
$backtrace = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS, $callLevel + 1);
if (!isset($backtrace[$callLevel]['file'])) {
throw new \Ip\Exception("Can't find caller");
}
$absoluteFile = $backtrace[$callLevel]['file'];
if (DIRECTORY_SEPARATOR == '\\') {
// Replace windows paths
$absoluteFile = str_replace('\\', '/', $absoluteFile);
}
$overrides = ipConfig()->get('fileOverrides');
if ($overrides) {
foreach ($overrides as $relativePath => $fullPath) {
if (DIRECTORY_SEPARATOR == '\\') {
// Replace windows paths
$fullPath = str_replace('\\', '/', $fullPath);
}
if (strpos($absoluteFile, $fullPath) === 0) {
$relativeFile = substr_replace($absoluteFile, $relativePath, 0, strlen($fullPath));
return substr($relativeFile, 0, strrpos($relativeFile, '/') + 1);
}
}
}
$baseDir = ipConfig()->get('baseDir');
$baseDir = str_replace('\\', '/', $baseDir);
if (strpos($absoluteFile, $baseDir) !== 0) {
throw new \Ip\Exception('Cannot find relative path for file ' . esc($absoluteFile));
}
$relativeFile = substr($absoluteFile, strlen($baseDir) + 1);
return substr($relativeFile, 0, strrpos($relativeFile, '/') + 1);
}示例8: document_save
/**
* Saves a document in the database
*
* @param string $order_id the id of the order
* @param string $location the current location of the file
* @return void
*/
function document_save($order_id, $location)
{
static $count = 0;
$document_id = sprintf('DOC_%d_%d', $order_id, $count);
$query = "INSERT INTO document (DOCUMENT_ID, DOCUMENT_TYPE_ID, DATE_CREATED, COMMENTS, DOCUMENT_LOCATION, CREATED_STAMP, CREATED_TX_STAMP)\n\t\t\t VALUES ('{$document_id}', '" . DOC_REQUISION . "', NOW(), 'Document for order {$order_id}', '" . esc($location) . "', '" . now() . "', NOW())";
db_query($query);
$count++;
}示例9: check_true
public function check_true($value, $field = null)
{
if ($field === null) {
$field = $this->primary_key;
}
$sql = "SELECT * FROM `{$this->table}` WHERE `{$field}` = '" . esc($value) . "' LIMIT 1";
$rows = db_get_all($sql);
return isset($rows[0]) ? true : false;
}示例10: getBy
public function getBy($value, $field = null)
{
if ($field === null) {
$field = $this->primary_key;
}
$sql = "SELECT `{$this->table}`.*,`posts`.`Title` FROM `{$this->table}`,`posts` WHERE `{$this->table}`.`{$field}` = " . esc($value) . " and `{$this->table}`.`{$field}`= `posts`.`post_id`";
$rows = db_get_all($sql);
return isset($rows) ? $rows : false;
}示例11: page_header
function page_header($title)
{
?>
<h2><?php
esc($title);
?>
</h2>
<?php
}示例12: loadHits
public function loadHits()
{
$page = $_SERVER['REQUEST_URI'];
$rowAll = Framework::getDb()->getFirstRow("SELECT SUM(hits) AS hits FROM page_hits WHERE page = '" . esc($page) . "'");
$rowToday = Framework::getDb()->getFirstRow("SELECT SUM(hits) AS hits FROM page_hits WHERE page = '" . esc($page) . "' AND added >= DATE_FORMAT('Y-m-d', NOW())");
$rowMonth = Framework::getDb()->getFirstRow("SELECT SUM(hits) AS hits FROM page_hits WHERE page = '" . esc($page) . "' AND added >= DATE_FORMAT('Y-m', NOW())");
$rowYear = Framework::getDb()->getFirstRow("SELECT SUM(hits) AS hits FROM page_hits WHERE page = '" . esc($page) . "' AND added >= DATE_FORMAT('Y', NOW())");
$this->PageHits = array('all' => $rowAll ? $rowAll['hits'] : 0, 'today' => $rowToday ? $rowToday['hits'] : 0, 'month' => $rowMonth ? $rowMonth['hits'] : 0, 'hits' => $rowYear ? $rowYear['hits'] : 0);
}示例13: content
function content()
{
if (!user_logged_in()) {
return must_log_in();
}
$user = fetch_one_or_none('users', 'id', user_logged_in());
$errors = array();
if (array_key_exists('change', $_POST)) {
if (!isset($_POST['email']) || !$_POST['email']) {
$errors[] = "Please enter an email address";
} else {
$email = $_POST['email'];
if ($email && !validate_email_address($email)) {
$errors[] = "Invalid email address";
}
if (count($errors) == 0 && count(fetch_all('users', 'email_address', $email))) {
$errors[] = "A user with this email address already exists";
}
if (count($errors) == 0) {
update_all('users', array('new_email_address' => $email), 'id', user_logged_in());
send_email_change_email($email, $user->name);
?>
<p>We have sent an email to your new address requesting that you
confirm that change of address.</p>
<?php
return;
}
}
}
$fields = array();
page_header('Change email address');
show_error_list($errors);
?>
<form method="post" action="" accept-charset="UTF-8">
<div class="fieldrow">
<div class="field">
<label>Current address:</label>
<div><tt><?php
esc($user->email_address);
?>
</tt></div>
</div>
</div>
<div class="fieldrow">
<?php
text_field($fields, 'email', 'New address');
?>
</div>
<div class="fieldrow">
<input type="submit" name="change" value="Change"/>
</div>
</form>
<?php
}示例14: content
function content()
{
global $config;
?>
<p>Welcome to <?php
esc($config['title']);
?>
.</p>
<?php
}示例15: preview
/**
* Generate field value preview for table view. HTML is allowed
* @param $recordData
* @internal param array $data current record data
* @return string
*/
public function preview($recordData)
{
if ($this->previewMethod) {
return call_user_func($this->previewMethod, $recordData);
} else {
if (isset($recordData[$this->field])) {
return esc($recordData[$this->field]);
}
}
}