本文整理汇总了PHP中escape_check函数的典型用法代码示例。如果您正苦于以下问题:PHP escape_check函数的具体用法?PHP escape_check怎么用?PHP escape_check使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了escape_check函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: activate_plugin
/**
* Activate a named plugin.
*
* Parses the plugins directory to look for a pluginname.yaml
* file and adds the plugin to the plugins database, setting
* the inst_version field to the version specified in the yaml file.
*
* @param string $name Name of plugin to be activated.
* @return bool Returns true if plugin directory was found.
* @see deactivate_plugin
*/
function activate_plugin($name)
{
$plugins_dir = dirname(__FILE__) . '/../plugins/';
$plugin_dir = $plugins_dir . $name;
if (file_exists($plugin_dir)) {
$plugin_yaml = get_plugin_yaml("{$plugin_dir}/{$name}.yaml", false);
# If no yaml, or yaml file but no description present, attempt to read an 'about.txt' file
if ($plugin_yaml['desc'] == '') {
$about = $plugins_dir . $name . '/about.txt';
if (file_exists($about)) {
$plugin_yaml['desc'] = substr(file_get_contents($about), 0, 95) . '...';
}
}
# escape the plugin information
$plugin_yaml_esc = array();
foreach (array_keys($plugin_yaml) as $thekey) {
$plugin_yaml_esc[$thekey] = escape_check($plugin_yaml[$thekey]);
}
# Add/Update plugin information.
# Check if the plugin is already in the table.
$c = sql_value("SELECT name as value FROM plugins WHERE name='{$name}'", '');
if ($c == '') {
sql_query("INSERT INTO plugins(name) VALUE ('{$name}')");
}
sql_query("UPDATE plugins SET config_url='{$plugin_yaml_esc['config_url']}', " . "descrip='{$plugin_yaml_esc['desc']}', author='{$plugin_yaml_esc['author']}', " . "inst_version='{$plugin_yaml_esc['version']}', " . "priority='{$plugin_yaml_esc['default_priority']}', " . "update_url='{$plugin_yaml_esc['update_url']}', info_url='{$plugin_yaml_esc['info_url']}' " . "WHERE name='{$plugin_yaml_esc['name']}'");
return true;
} else {
return false;
}
}示例2: save_themename
function save_themename()
{
global $baseurl, $link, $themename, $collection_column;
$sql="update collection set " . $collection_column . "='" . getvalescaped("rename","") . "' where " . $collection_column . "='" . escape_check($themename)."'";
sql_query($sql);
header("location:".$baseurl. "/pages/" . $link);
}示例3: save_themename
function save_themename()
{
global $baseurl, $link, $themename, $collection_column;
$sql = "update collection set\t" . $collection_column . "='" . getvalescaped("rename", "") . "' where " . $collection_column . "='" . escape_check($themename) . "'";
sql_query($sql);
hook("after_save_themename");
redirect("pages/" . $link);
}示例4: get_youtube_access_token
function get_youtube_access_token($refresh = false)
{
global $baseurl, $userref, $youtube_publish_client_id, $youtube_publish_client_secret, $youtube_publish_callback_url, $code;
$url = 'https://accounts.google.com/o/oauth2/token';
if ($refresh) {
$refresh_token = sql_value("select youtube_refresh_token as value from user where ref='{$userref}'", "");
if ($refresh_token == "") {
get_youtube_authorization_code();
exit;
}
$params = array("client_id" => $youtube_publish_client_id, "client_secret" => $youtube_publish_client_secret, "refresh_token" => $refresh_token, "grant_type" => "refresh_token");
} else {
$params = array("code" => $code, "client_id" => $youtube_publish_client_id, "client_secret" => $youtube_publish_client_secret, "redirect_uri" => $baseurl . $youtube_publish_callback_url, "grant_type" => "authorization_code");
}
$curl = curl_init("https://accounts.google.com/o/oauth2/token");
curl_setopt($curl, CURLOPT_HEADER, "Content-Type:application/x-www-form-urlencoded");
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, $params);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 1);
$response = json_decode(curl_exec($curl), true);
curl_close($curl);
//exit (print_r($response));
if (isset($response["error"])) {
sql_query("update user set youtube_access_token='' where ref='{$userref}'");
//exit("ERROR: bad response" . print_r($response));
get_youtube_authorization_code();
exit;
}
if (isset($response["access_token"])) {
$access_token = escape_check($response["access_token"]);
sql_query("update user set youtube_access_token='{$access_token}' where ref='{$userref}'");
if (isset($response["refresh_token"])) {
$refresh_token = escape_check($response["refresh_token"]);
sql_query("update user set youtube_refresh_token='{$refresh_token}' where ref='{$userref}'");
}
debug("YouTube plugin: Access token: " . $access_token);
debug("YouTube plugin: Refresh token: " . $refresh_token);
}
# Get user account details and store these so we can tell which account they will be uploading to
$headers = array("Authorization: Bearer " . $access_token, "GData-Version: 2");
$curl = curl_init("https://gdata.youtube.com/feeds/api/users/default");
curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
curl_setopt($curl, CURLOPT_HTTPGET, 1);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 1);
#$response = json_decode( curl_exec( $curl ), true );
$response = curl_exec($curl);
$userdataxml = new SimpleXmlElement($response, LIBXML_NOCDATA);
//exit(print_r($userdataxml));
$youtube_username = escape_check($userdataxml->title);
sql_query("update user set youtube_username='{$youtube_username}' where ref='{$userref}'");
return $access_token;
}示例5: HookGrant_editEditeditbeforeheader
function HookGrant_editEditeditbeforeheader()
{
global $ref, $baseurl, $usergroup, $grant_edit_groups, $collection;
// Do we have access to do any of this, or is it a template
if (!in_array($usergroup, $grant_edit_groups) || $ref < 0) {
return;
}
// Check for Ajax POST to delete users
$grant_edit_action = getvalescaped("grant_edit_action", "");
if ($grant_edit_action != "") {
if ($grant_edit_action == "delete") {
$remove_user = escape_check(getvalescaped("remove_user", "", TRUE));
if ($remove_user != "") {
sql_query("delete from grant_edit where resource='{$ref}' and user={$remove_user}");
exit("SUCCESS");
}
}
exit("FAILED");
}
# If 'users' is specified (i.e. access is private) then rebuild users list
$users = getvalescaped("users", false);
if ($users != false) {
# Build a new list and insert
$users = resolve_userlist_groups($users);
$ulist = array_unique(trim_array(explode(",", $users)));
$urefs = sql_array("select ref value from user where username in ('" . join("','", $ulist) . "')");
if (count($urefs) > 0) {
$inserttext = array();
$grant_edit_expiry = getvalescaped("grant_edit_expiry", "");
foreach ($urefs as $uref) {
if ($grant_edit_expiry != "") {
$inserttext[] = $uref . ",'" . $grant_edit_expiry . "'";
} else {
$inserttext[] = $uref . ",NULL";
}
}
if ($collection != "") {
global $items;
foreach ($items as $collection_resource) {
sql_query("delete from grant_edit where resource='{$collection_resource}' and user in (" . implode(",", $urefs) . ")");
sql_query("insert into grant_edit(resource,user,expiry) values ({$collection_resource}," . join("),(" . $collection_resource . ",", $inserttext) . ")");
#log this
global $lang;
resource_log($collection_resource, 's', "", "Grant Edit - " . $users . " - " . $lang['expires'] . ": " . ($grant_edit_expiry != "" ? nicedate($grant_edit_expiry) : $lang['never']));
}
} else {
sql_query("delete from grant_edit where resource='{$ref}' and user in (" . implode(",", $urefs) . ")");
sql_query("insert into grant_edit(resource,user,expiry) values ({$ref}," . join("),(" . $ref . ",", $inserttext) . ")");
#log this
global $lang;
resource_log($ref, 's', "", "Grant Edit - " . $users . " - " . $lang['expires'] . ": " . ($grant_edit_expiry != "" ? nicedate($grant_edit_expiry) : $lang['never']));
}
}
}
return true;
}示例6: HookDiscount_codePurchase_callbackPayment_complete
function HookDiscount_codePurchase_callbackPayment_complete()
{
# Find out the discount code applied to this collection.
$code = sql_value("select discount_code value from collection_resource where collection='" . getvalescaped("custom", "") . "' limit 1", "");
# Find out the purchasing user
# As this is a callback script being called by PayPal, there is no login/authentication and we can't therefore simply use $userref.
$user = sql_value("select ref value from user where current_collection='" . getvalescaped("custom", "") . "'", 0);
# Insert used discount code row
sql_query("insert into discount_code_used (code,user) values ('" . escape_check($code) . "','{$user}')");
}示例7: getImageFormat
/**
* Returns the size record from the database specified by its ID.
*/
function getImageFormat($size)
{
if (empty($size)) {
return array('width' => 0, 'height' => 0);
}
$results = sql_query("select * from preview_size where id='" . escape_check($size) . "'");
if (empty($results)) {
die('Unknown size: "' . $size . '"');
}
return $results[0];
}示例8: message_add
function message_add($users, $text, $url = "", $owner = null, $notification_type = MESSAGE_ENUM_NOTIFICATION_TYPE_SCREEN, $ttl_seconds = MESSAGE_DEFAULT_TTL_SECONDS)
{
global $userref;
$text = escape_check($text);
$url = escape_check($url);
if (!is_array($users)) {
$users = array($users);
}
if (is_null($owner)) {
$owner = $userref;
}
sql_query("INSERT INTO `message` (`owner`, `created`, `expires`, `message`, `url`) VALUES ({$owner}, NOW(), DATE_ADD(NOW(), INTERVAL {$ttl_seconds} SECOND), '{$text}', '{$url}')");
$message_ref = sql_insert_id();
foreach ($users as $user) {
sql_query("INSERT INTO `user_message` (`user`, `message`) VALUES ({$user},{$message_ref})");
}
}示例9: getThemeList
function getThemeList($parents = array())
{
if (count($parents) == 0) {
// just retrieve all the top level themes
$sql = "select distinct theme as value from collection where theme is not null and theme <> '' order by theme";
} else {
// we were passed an array of parents, so we need to narrow our search
for ($i = 1; $i < count($parents) + 1; $i++) {
if ($i == 1) {
$searchfield = 'theme';
} else {
$searchfield = "theme{$i}";
}
$whereclause = "{$searchfield} = '" . escape_check($parents[$i - 1]) . "' ";
}
$sql = "select distinct theme{$i} as value from collection where {$whereclause} and theme{$i} is not null and theme{$i} <> '' order by theme{$i}";
//echo $sql;
}
$result = sql_array($sql);
return $result;
}示例10: HookUser_preferencesuser_preferencesSaveadditionaluserpreferences
function HookUser_preferencesuser_preferencesSaveadditionaluserpreferences()
{
global $user_preferences_change_username, $user_preferences_change_email, $user_preferences_change_name, $userref, $useremail, $username, $userfullname, $lang;
$newUsername = trim(safe_file_name(getvalescaped('username', $username)));
$newEmail = getvalescaped('email', $userfullname);
$newFullname = getvalescaped('fullname', $userfullname);
# Check if a user with that username already exists
if ($user_preferences_change_username && $username != $newUsername) {
$existing = sql_query('select ref from user where username=\'' . escape_check($newUsername) . '\'');
if (!empty($existing)) {
$GLOBALS['errorUsername'] = $lang['useralreadyexists'];
return false;
}
}
# Check if a user with that email already exists
if ($user_preferences_change_email && $useremail != $newEmail) {
$existing = sql_query('select ref from user where email=\'' . escape_check($newEmail) . '\'');
if (!empty($existing)) {
$GLOBALS['errorEmail'] = $lang['useremailalreadyexists'];
return false;
}
}
# Store changed values in DB, and update the global variables as header.php is included next
if ($user_preferences_change_username && $username != $newUsername) {
sql_query("update user set username='" . escape_check($newUsername) . "' where ref='" . $userref . "'");
$username = $newUsername;
}
if ($user_preferences_change_email && $useremail != $newEmail) {
sql_query("update user set email='" . escape_check($newEmail) . "' where ref='" . $userref . "'");
$useremail = $newEmail;
}
if ($user_preferences_change_name && $userfullname != $newFullname) {
sql_query("update user set fullname='" . escape_check($newFullname) . "' where ref='" . $userref . "'");
$userfullname = $newFullname;
}
return getvalescaped('currentpassword', '') == '' || getvalescaped('password', '') == '' && getvalescaped('password2', '') == '';
}示例11: ProcessFolder
function ProcessFolder($folder)
{
#echo "<br>processing folder $folder";
global $syncdir, $nogo, $max, $count, $done, $modtimes, $lastsync, $ffmpeg_preview_extension, $staticsync_autotheme, $staticsync_extension_mapping_default, $staticsync_extension_mapping, $staticsync_mapped_category_tree, $staticsync_title_includes_path, $staticsync_ingest, $staticsync_mapfolders, $staticsync_alternatives_suffix, $staticsync_alt_suffixes, $staticsync_alt_suffix_array, $file_minimum_age, $staticsync_run_timestamp;
$collection = 0;
echo "Processing Folder: {$folder}\n";
# List all files in this folder.
$dh = opendir($folder);
echo date('Y-m-d H:i:s ');
echo "Reading from {$folder}\n";
while (($file = readdir($dh)) !== false) {
// because of alternative processing, some files may disappear during the run
// that's ok - just ignore it and move on
if (!file_exists($folder . "/" . $file)) {
echo date('Y-m-d H:i:s ');
echo "File {$file} missing. Moving on.\n";
continue;
}
$filetype = filetype($folder . "/" . $file);
$fullpath = $folder . "/" . $file;
$shortpath = str_replace($syncdir . "/", "", $fullpath);
if ($staticsync_mapped_category_tree) {
$path_parts = explode("/", $shortpath);
array_pop($path_parts);
touch_category_tree_level($path_parts);
}
# -----FOLDERS-------------
if (($filetype == "dir" || $filetype == "link") && $file != "." && $file != ".." && strpos($nogo, "[" . $file . "]") === false && strpos($file, $staticsync_alternatives_suffix) === false) {
# Recurse
#echo "\n$file : " . filemtime($folder . "/" . $file) . " > " . $lastsync;
if (true || strlen($lastsync) == "" || filemtime($folder . "/" . $file) > $lastsync - 26000) {
ProcessFolder($folder . "/" . $file);
}
}
# -------FILES---------------
if ($filetype == "file" && substr($file, 0, 1) != "." && strtolower($file) != "thumbs.db" && !ss_is_alt($file)) {
// we want to make sure we don't touch files that are too new
// so check this
if (time() - filectime($folder . "/" . $file) < $file_minimum_age) {
echo date('Y-m-d H:i:s ');
echo " {$file} too new -- skipping .\n";
//echo filectime($folder . "/" . $file) . " " . time() . "\n";
continue;
}
# Already exists?
if (!in_array($shortpath, $done)) {
$count++;
if ($count > $max) {
return true;
}
echo date('Y-m-d H:i:s ');
echo "Processing file: {$fullpath}\n";
if ($collection == 0 && $staticsync_autotheme) {
# Make a new collection for this folder.
$e = explode("/", $shortpath);
$theme = ucwords($e[0]);
$name = count($e) == 1 ? "" : $e[count($e) - 2];
echo date('Y-m-d H:i:s ');
echo "\nCollection {$name}, theme={$theme}";
$collection = sql_value("select ref value from collection where name='" . escape_check($name) . "' and theme='" . escape_check($theme) . "'", 0);
if ($collection == 0) {
sql_query("insert into collection (name,created,public,theme,allow_changes) values ('" . escape_check($name) . "',now(),1,'" . escape_check($theme) . "',0)");
$collection = sql_insert_id();
}
}
# Work out extension
$extension = explode(".", $file);
$extension = trim(strtolower($extension[count($extension) - 1]));
// if coming from collections or la folders, assume these are the resource types
if (stristr(strtolower($fullpath), 'collection services/curatorial')) {
$type = 5;
} elseif (stristr(strtolower($fullpath), 'collection services/conservation')) {
$type = 5;
} elseif (stristr(strtolower($fullpath), 'collection services/library_archives')) {
$type = 6;
} else {
# Work out a resource type based on the extension.
$type = $staticsync_extension_mapping_default;
reset($staticsync_extension_mapping);
foreach ($staticsync_extension_mapping as $rt => $extensions) {
if ($rt == 5 or $rt == 6) {
continue;
}
// we already eliminated those
if (in_array($extension, $extensions)) {
$type = $rt;
}
}
}
# Formulate a title
if ($staticsync_title_includes_path) {
$title = str_ireplace("." . $extension, "", str_replace("/", " - ", $shortpath));
$title = ucfirst(str_replace("_", " ", $title));
} else {
$title = str_ireplace("." . $extension, "", $file);
}
# Import this file
$r = import_resource($shortpath, $type, $title, $staticsync_ingest);
if ($r !== false) {
# Add to mapped category tree (if configured)
//.........这里部分代码省略.........
示例12: add_alternative_file
$aref = add_alternative_file($alternative, $plfilename);
# Work out the extension
$extension = explode(".", $plfilepath);
$extension = trim(strtolower($extension[count($extension) - 1]));
# Find the path for this resource.
$path = get_resource_path($alternative, true, "", true, $extension, -1, 1, false, "", $aref);
# Move the sent file to the alternative file location
# PLUpload - file was sent chunked and reassembled - use the reassembled file location
$result = rename($plfilepath, $path);
if ($result === false) {
exit("ERROR: File upload error. Please check the size of the file you are trying to upload.");
}
chmod($path, 0777);
$file_size = @filesize_unlimited($path);
# Save alternative file data.
sql_query("update resource_alt_files set file_name='" . escape_check($plfilename) . "',file_extension='" . escape_check($extension) . "',file_size='" . $file_size . "',creation_date=now() where resource='{$alternative}' and ref='{$aref}'");
if ($alternative_file_previews_batch) {
create_previews($alternative, false, $extension, false, false, $aref);
}
echo "SUCCESS";
exit;
}
if ($replace == "" && $replace_resource == "") {
# Standard upload of a new resource
$ref = copy_resource(0 - $userref);
# Copy from user template
# Add to collection?
if ($collection_add != "") {
add_resource_to_collection($ref, $collection_add);
}
# Log this示例13: define
<?php
/***
* plugin.php - Maps requests to plugin pages to requested plugin.
*
* @package ResourceSpace
* @subpackage Plugins
*
***/
# Define this page as an acceptable entry point.
define('RESOURCESPACE', true);
include '../include/db.php';
include '../include/general.php';
$query = explode('&', $_SERVER['QUERY_STRING']);
$plugin_query = explode('/', $query[0]);
if (!is_plugin_activated(escape_check($plugin_query[0]))) {
die('Plugin does not exist or is not enabled');
}
if (isset($plugin_query[1])) {
if (preg_match('/[\\/]/', $plugin_query[1])) {
die('Invalid plugin page.');
}
$page_path = $baseurl_short . "plugins/{$plugin_query[0]}/pages/{$plugin_query[1]}.php";
if (file_exists($page_path)) {
include $page_path;
} else {
die('Plugin page not found.');
}
} else {
if (file_exists("../plugins/{$plugin_query[0]}/pages/index.php")) {
include "../plugins/{$plugin_query[0]}/pages/index.php";示例14: sql_value
<?php
include "../../../include/db.php";
include "../../../include/general.php";
if (array_key_exists("user", $_COOKIE)) {
# Check to see if this user is logged in.
$session_hash = $_COOKIE["user"];
$loggedin = sql_value("select count(*) value from user where session='" . escape_check($session_hash) . "' and approved=1 and timestampdiff(second,last_active,now())<(30*60)", 0);
if ($loggedin > 0 || $session_hash == "|") {
# User is logged in. Proceed to full authentication.
include "../../../include/authenticate.php";
}
}
if (!isset($userref)) {
# User is not logged in. Fetch username from posted form value.
$username = getval("username", "");
$usergroupname = "(Not logged in)";
$userfullname = "";
$anonymous_login = $username;
$pagename = "terms";
$plugins = array();
}
$error = "";
$errorfields = array();
$sent = false;
if (getval("send", "") != "") {
$csvheaders = "\"date\"";
$csvline = "\"" . date("Y-m-d") . "\"";
$message = "Date: " . date("Y-m-d") . "\n";
for ($n = 1; $n <= count($feedback_questions); $n++) {
$type = $feedback_questions[$n]["type"];示例15: getvalescaped
$ref = getvalescaped("ref", "");
$resource = getvalescaped("resource", "");
# Check access
$edit_access = get_edit_access($resource);
if (!$edit_access) {
exit("Access denied");
}
# Should never arrive at this page without edit access
if (getval("submitted", "") != "") {
# Save license data
# Construct expiry date
$expires = getvalescaped("expires_year", "") . "-" . getvalescaped("expires_month", "") . "-" . getvalescaped("expires_day", "");
# Construct usage
$license_usage = "";
if (isset($_POST["license_usage"])) {
$license_usage = escape_check(join(", ", $_POST["license_usage"]));
}
if ($ref == "new") {
# New record
sql_query("insert into resource_license (resource,outbound,holder,license_usage,description,expires) values ('" . getvalescaped("resource", "") . "', '" . getvalescaped("outbound", "") . "', '" . getvalescaped("holder", "") . "', '{$license_usage}', '" . getvalescaped("description", "") . "', '{$expires}')");
$ref = sql_insert_id();
resource_log($resource, "", "", $lang["new_license"] . " " . $ref);
} else {
# Existing record
sql_query("update resource_license set outbound='" . getvalescaped("outbound", "") . "',holder='" . getvalescaped("holder", "") . "', license_usage='{$license_usage}',description='" . getvalescaped("description", "") . "',expires='{$expires}' where ref='{$ref}' and resource='{$resource}'");
resource_log($resource, "", "", $lang["edit_license"] . " " . $ref);
}
redirect("pages/view.php?ref=" . $resource);
}
# Fetch license data
if ($ref == "new") {