本文整理汇总了PHP中escape_data函数的典型用法代码示例。如果您正苦于以下问题:PHP escape_data函数的具体用法?PHP escape_data怎么用?PHP escape_data使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了escape_data函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: ping
function ping($params)
{
global $dbc;
if (!isset($_SESSION['server_id'])) {
redirect('/');
}
$q = 'UPDATE servers SET last_used=NOW() WHERE id=' . (int) $_SESSION['server_id'] . ' AND session_id=\'' . escape_data(session_id()) . '\'';
$r = mysqli_query($dbc, $q);
if (mysqli_affected_rows($dbc) == 1) {
return ajax_response('Success');
} else {
$_SESSION['server_id'] = -1;
return ajax_response('Failure', TRUE);
}
}示例2: escape_data
if (!empty($_POST['title'])) {
$t = escape_data($_POST['title']);
} else {
$t = FALSE;
echo "<p class=\"error\">Please enter a title.</p>";
}
// Check the number
if (is_numeric($_POST['articlenumber'])) {
$n = escape_data($_POST['articlenumber']);
} else {
$n = FALSE;
echo "<p class=\"error\">Please number this article correctly. (e.g. 80)</p>";
}
// Clean the recommendation data
if (!empty($_POST['recommendation'])) {
$r = escape_data($_POST['recommendation']);
}
// Set the date
$d = $_POST['year'] . '-' . $_POST['month'] . '-' . $_POST['day'];
// Check if we've got everything
if ($a && $t && $n) {
// Let's go!
// Handle the file upload
$filename = "upload";
if (isset($_FILES[$filename]) && $_FILES[$filename]['error'] != 4) {
// Add the record to the database
$query = "INSERT INTO uploads (file_name, file_size, file_type) VALUES ('{$_FILES[$filename]['name']}', '{$_FILES[$filename]['size']}', '{$_FILES[$filename]['type']}')";
$result = mysqli_query($dbc, $query);
if ($result) {
// Return the upload id from the database
$upload_id = mysqli_insert_id($dbc);示例3: array
require './includes/config.inc.php';
// The config file also starts the session.
// Require the database connection:
require MYSQL;
// Include the header file:
$page_title = 'Forgot Your Password?';
include './includes/header.html';
// For storing errors:
$pass_errors = array();
// If it's a POST request, handle the form submission:
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
// Validate the email address:
if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
$email = $_POST['email'];
// Check for the existence of that email address...
$q = 'SELECT id FROM users WHERE email="' . escape_data($email, $dbc) . '"';
$r = mysqli_query($dbc, $q);
if (mysqli_num_rows($r) === 1) {
// Retrieve the user ID:
list($uid) = mysqli_fetch_array($r, MYSQLI_NUM);
} else {
// No database match made.
$pass_errors['email'] = 'The submitted email address does not match those on file!';
}
} else {
// No valid address submitted.
$pass_errors['email'] = 'Please enter a valid email address!';
}
// End of $_POST['email'] IF.
if (empty($pass_errors)) {
// If everything's OK.示例4: escape_data
<?php
//Connect to the database
require_once '../mysqli_connect.php';
require_once 'User.php';
require_once 'Cart.php';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
//Check Email
if (preg_match('%^[A-Za-z0-9._\\%-]+@[A-Za-z0-9.-]+\\.[A-Za-z]{2,4}$%', stripslashes(trim($_POST['email'])))) {
$email = escape_data($_POST['email']);
} else {
$email = FALSE;
echo '<p><font color="red" size="+1">Please enter a valid email address!</font></p>';
}
if (preg_match('%^[A-za-z0-9]{4,20}$%', stripslashes(trim($_POST['password'])))) {
$password = escape_data($_POST['password']);
} else {
$password = FALSE;
echo '<p><font color="red" size="+1">Please enter a valid password!</font></p>';
}
// Load User
$newUser = User::loadUser($dbc, $email, $password);
//Load Cart
$cart = $newUser->loadCart($dbc);
//Save em to session
session_start();
$_SESSION["user"] = serialize($newUser);
$_SESSION["cart"] = serialize($cart);
header('Location: WelcomePage.php');
mysqli_close($dbc);
}示例5: stripslashes
if (ini_get('magic_quotes_grc')) {
$data = stripslashes($data);
}
if (!is_numeric($data)) {
$data = mysql_real_escape_string($data);
}
return $data;
}
$id = $_GET['id'];
$cat_array = array('Appetizers', 'Salads', 'Sandwiches', 'Entrees', 'Sides', 'Desserts');
echo "<section id='edit-dish'><h2>Edit Dish</h2>";
if ($_GET['confirm'] == 'yes') {
$name = escape_data($_POST['name']);
$price = escape_data($_POST['price']);
$desc = escape_data($_POST['desc']);
$category = escape_data($_POST['category']);
$sql = "UPDATE `scargo cafe menu` SET name='{$name}', `desc`='{$desc}', category='{$category}', price='{$price}' WHERE id='{$id}' LIMIT 1";
$result = mysql_query($sql);
if ($result) {
?>
<div class="notification">
<p>Item successfully updated</p>
</div>
<?php
} else {
?>
<div class="notification">
<p>Unable to update item</p>
<p>Error: <?php
echo mysql_error();
?>示例6: escape_data
$message = NULL;
// Create an empty new variable.
// Check for an existing password.
if (empty($_POST['password'])) {
$p = FALSE;
$message .= '<br>You forgot to enter your existing password!</br>';
} else {
$p = escape_data($_POST['password']);
}
// Check for a password and match against the confirmed password.
if (empty($_POST['password1'])) {
$np = FALSE;
$message .= '<br>You forgot to enter your new password!</br>';
} else {
if ($_POST['password1'] == $_POST['password2']) {
$np = escape_data($_POST['password1']);
} else {
$np = FALSE;
$message .= '<br>Your new password did not match the confirmed new password!</br>';
}
}
if ($p && $np) {
// If everything's OK.
$query = "SELECT username FROM users WHERE (username='{$username}' AND password=PASSWORD('{$p}') )";
$result = @mysql_query($query);
$num = mysql_num_rows($result);
if ($num == 1) {
$row = mysql_fetch_array($result, MYSQL_NUM);
// Make the query.
$query = "UPDATE users SET password=PASSWORD('{$np}') WHERE username='{$row['0']}'";
$result = @mysql_query($query);示例7: escape_data
if (!empty($_POST['firstname'])) {
$f = escape_data($_POST['firstname']);
} else {
$f = FALSE;
echo '<p><font color="red">Please enter a first name.</font></p>';
}
// Check the second name
if (!empty($_POST['lastname'])) {
$l = escape_data($_POST['lastname']);
} else {
$l = FALSE;
echo '<p><font color="red">Please enter a last name.</font></p>';
}
// Check the email address
if (!empty($_POST['email'])) {
$e = escape_data($_POST['email']);
// Check there is an @ sign and at least one dot
if (strpos($e, "@") === FALSE || strpos($e, ".") === FALSE || strpos($e, " ") != FALSE || strpos($e, "@") > strrpos($e, ".")) {
$e = FALSE;
echo "<p class=\"error\">Email address was invalid and disregarded.</p>";
}
} else {
$e = FALSE;
}
// Check if we've got everything
if ($f && $l) {
// Let's go!
// Add to the authors table
$query = "INSERT INTO authors (firstname, lastname, email) VALUES ('{$f}', '{$l}', '{$e}')";
// Create the query
$result = mysqli_query($dbc, $query);示例8: escape_data
}
// Check for a last name:
if (preg_match('/^[A-Z \'.-]{2,45}$/i', $_POST['last_name'])) {
$ln = escape_data($_POST['last_name'], $dbc);
} else {
$reg_errors['last_name'] = 'Please enter your last name!';
}
// Check for a username:
if (preg_match('/^[A-Z0-9]{2,45}$/i', $_POST['username'])) {
$u = escape_data($_POST['username'], $dbc);
} else {
$reg_errors['username'] = 'Please enter a desired name using only letters and numbers!';
}
// Check for an email address:
if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === $_POST['email']) {
$e = escape_data($_POST['email'], $dbc);
} else {
$reg_errors['email'] = 'Please enter a valid email address!';
}
// Check for a password and match against the confirmed password:
if (preg_match('/^(\\w*(?=\\w*\\d)(?=\\w*[a-z])(?=\\w*[A-Z])\\w*){6,}$/', $_POST['pass1'])) {
if ($_POST['pass1'] === $_POST['pass2']) {
$p = $_POST['pass1'];
} else {
$reg_errors['pass2'] = 'Your password did not match the confirmed password!';
}
} else {
$reg_errors['pass1'] = 'Please enter a valid password!';
}
if (empty($reg_errors)) {
// If everything's OK...示例9: escape_data
if (getFleetStat($str, $sid, $d) != 0) {
$go = false;
break;
}
}
if ($go) {
$query = "DELETE FROM fleet{$sid} WHERE id={$d}";
$result = @mysql_query($query);
echo 'Your fleet has been deleted.<br><br>';
} else {
echo 'The fleet must be empty to delete it.<br><br>';
}
}
//reset the probes
if (isset($_GET[p])) {
$p = (int) escape_data($_GET[p]);
//Check if you own the fleet
if (getFleetStat(ownerid, $sid, $p) != $id) {
echo 'err';
exit;
}
setFleetStat(probes, 0, $sid, $p);
setFleetStat(probetime, 0, $sid, $p);
setFleetStat(report, " ", $id, $p);
}
/***********
JAVASCRIPT AND MENU
**********/
echo '
<script language="Javascript">
var change = function(x){示例10: escape_data
<?php
/**/
include './header.php';
if (isset($_GET['id'])) {
$oid = (int) escape_data($_GET['id']);
if (isset($_GET['type'])) {
$type = (int) escape_data($_GET['type']);
if ($type != 1 && $type != 2) {
$type = 1;
}
} else {
$type = 1;
}
} else {
echo 'err';
exit;
}
/***********
TYPES
1 = Building
2 = Ship
***********/
echo '<table align="center" cellspacing=10>';
if ($type == 1) {
echo '<tr>
<td><b>Name</b></td>
<td><b>Civs Cost</b></td>
<td><b>Elinarium Cost</b></td>
<td><b>Cylite Cost</b></td>
<td><b>Plexi Cost</b></td>示例11: escape_data
<?php
require_once 'configmsgbrd.php';
$u = escape_data($_POST["user_id"]);
$tid = escape_data($_POST["topic_id"]);
$mt = escape_data($_POST["comment"]);
$pid = escape_data($_POST["parent_id"]);
$mb = escape_data($_POST["mess_block"]);
$token = escape_data($_POST["token_id"]);
$query1 = "SELECT user_id, tokenid FROM users WHERE (user_id='{$u}') AND (tokenid='{$token}')";
$result2 = mysql_query($query1) or trigger_error("An Error Occurred");
if (mysql_affected_rows() == 1) {
$query2 = "INSERT INTO message (user_id, topic_id, message_txt, date, parent_id, mess_block) VALUES ('{$u}', '{$tid}', '{$mt}', NOW(), '{$pid}', '{$mb}')";
$result2 = mysql_query($query2) or trigger_error("An Error Occurred");
echo "Comment Has Been Submitted";
exit;
mysql_close();
} else {
echo "Comment Has Been Declined";
exit;
mysql_close();
}示例12: destroy_session
function destroy_session($sid)
{
global $dbc;
// Delete from the database.
$q = sprintf('DELETE FROM sessions WHERE id="%s"', escape_data($sid));
$r = mysqli_query($dbc, $q);
// Clear the $_SESSION array:
$_SESSION = array();
return mysqli_affected_rows($dbc);
}示例13: escape_data
<?php
/**/
include './header.php';
//Check to see if you are already logged into a server
if (isset($sid)) {
echo 'Error';
exit;
}
//Check to see if the user is trying to join a server or enter a server
if (isset($_GET['s'])) {
$sid = escape_data($_GET['s']);
if (isOnServer($sid, $id)) {
//Log into server
$_SESSION['sid'] = $sid;
changePage('./galaxy.php');
} else {
//Enter the server
if (getServerStat(users, $sid) < getServerStat(maxusers, $sid)) {
$users = getServerStat(users, $sid);
$users++;
$query = "UPDATE serverlist SET users={$users} WHERE id={$sid}";
$result = @mysql_query($query);
if ($result) {
$bool = false;
for ($x = 1; $x < 3; $x++) {
$string = "s" . $x;
$serverid = getUserStat($string, $id);
if ($serverid == 0) {
$query = "UPDATE users SET {$string}={$sid} WHERE id={$id}";
$result = @mysql_query($query);示例14: escape_data
}
}
$action = $_GET['action'];
if($action == 'changepass'){
include("functions/escape_data.php");
$HostAccount = $_GET['HostAccount'];
$cPW1 = $HTTP_POST_VARS[ "password1" ];
$cPW2 = $HTTP_POST_VARS[ "password2" ];
if(empty($_POST['password1'])) {
$HostPassword = FALSE;
$message2 .= '<br>You forgot to enter a password';
} else {
if($_POST['password1'] == $_POST['password2']) {
$HostPassword = escape_data($_POST['password1']);
if(strlen($HostPassword) < 6){
$message2 .= "<br>Your password $HostPassword must be 6 characters";
$HostPassword = FALSE;
} else {
if (!preg_match("/^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])/", $HostPassword)) {
$message2 .= "<br>Your password does not meet complexity requirements";
$HostPassword = FALSE;
}
}
} else {
$HostPassword = FALSE;
$message2 .= '<br>Your passwords do not match';
}
if($HostPassword){示例15: escape_data
require '../dbconnect.php';
function escape_data($data)
{
if (ini_get('magic_quotes_gpc')) {
$data = stripslashes($data);
}
if (!is_numeric($data)) {
$data = mysql_real_escape_string($data);
}
return $data;
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
//run all of the form data through the escape_data function
$name = escape_data($_POST['name']);
$review = escape_data($_POST['review']);
$rating = escape_data($_POST['rating']);
$cat_id = $_POST['cat_id'];
$returnMsg = array();
$returnMsg['submittedData'] = "<p>Name: {$name} rating: {$rating} email: {$email} review: {$review}</p>";
//this code asses a new review to the reviews table
$sql = "INSERT INTO reviews (id, name, review, rating, cat_id, date)\n\t\tVALUES ('', '{$name}', '{$review}', '{$rating}', '{$cat_id}', NOW() )";
$result = mysql_query($sql);
$returnmsg['insertReviewInfo'] = "<p>Info:" . mysql_info() . "</p>";
$returnmsg['insertReviewError'] = "<p>Error:" . mysql_error() . "</p>";
//set up SQL query to get all of the reviews for this product.
$sql = "SELECT * FROM reviews WHERE cat_id = '{$cat_id}'";
$result = mysql_query($sql);
//Count and average all the ratings taken from all reviews of this product.
$count = 0;
$average_rating = 0;
$total_rating = 0;