当前位置: 首页>>代码示例>>PHP>>正文


PHP ft_sanitize函数代码示例

本文整理汇总了PHP中ft_sanitize函数的典型用法代码示例。如果您正苦于以下问题:PHP ft_sanitize函数的具体用法?PHP ft_sanitize怎么用?PHP ft_sanitize使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。


在下文中一共展示了ft_sanitize函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: export_manager__install

/**
 * The Export Manager installation function. This is automatically called by the installation script if the
 * module is contained in the zipfile. Otherwise it's called when the user manually installs the module.
 */
function export_manager__install($module_id)
{
    global $g_table_prefix, $g_root_dir, $g_root_url, $LANG;
    $queries = array();
    $word_display = ft_sanitize($LANG["word_display"]);
    $queries[] = "\n    CREATE TABLE {$g_table_prefix}module_export_groups (\n      export_group_id smallint(5) unsigned NOT NULL auto_increment,\n      group_name varchar(255) NOT NULL,\n      access_type enum('admin','public','private') NOT NULL default 'public',\n      form_view_mapping enum('all','except','only') NOT NULL default 'all',\n      forms_and_views mediumtext NULL,\n      visibility enum('show','hide') NOT NULL default 'show',\n      icon varchar(100) NOT NULL,\n      action enum('file','popup','new_window') NOT NULL default 'popup',\n      action_button_text varchar(255) NOT NULL default '{$word_display}',\n      popup_height varchar(5) default NULL,\n      popup_width varchar(5) default NULL,\n      headers text,\n      smarty_template mediumtext NOT NULL,\n      list_order tinyint(4) NOT NULL,\n      PRIMARY KEY  (export_group_id)\n    ) DEFAULT CHARSET=utf8\n      ";
    $queries[] = "\n    CREATE TABLE {$g_table_prefix}module_export_group_clients (\n      export_group_id mediumint(8) unsigned NOT NULL,\n      account_id mediumint(8) unsigned NOT NULL,\n      PRIMARY KEY  (export_group_id, account_id)\n    ) DEFAULT CHARSET=utf8\n      ";
    $queries[] = "\n    CREATE TABLE {$g_table_prefix}module_export_types (\n      export_type_id mediumint(8) unsigned NOT NULL auto_increment,\n      export_type_name varchar(255) NOT NULL,\n      export_type_visibility enum('show','hide') NOT NULL default 'show',\n      filename varchar(255) NOT NULL,\n      export_group_id smallint(6) default NULL,\n      smarty_template text NOT NULL,\n      list_order tinyint(3) unsigned NOT NULL,\n      PRIMARY KEY (export_type_id)\n    ) DEFAULT CHARSET=utf8\n      ";
    foreach ($queries as $query) {
        $result = mysql_query($query);
        if (!$result) {
            exp_remove_tables();
            return array(false, $LANG["export_manager"]["notify_installation_problem_c"] . " <b>" . mysql_error() . "</b>");
        }
    }
    // now populate the tables
    list($success, $message) = exp_insert_default_data();
    if (!$success) {
        exp_remove_tables();
        exp_clear_table_data();
        return array(false, $message);
    }
    ft_register_hook("template", "export_manager", "admin_submission_listings_bottom", "", "exp_display_export_options");
    ft_register_hook("template", "export_manager", "client_submission_listings_bottom", "", "exp_display_export_options");
    return array(true, "");
}
开发者ID:jeffthestampede,项目名称:excelsior,代码行数:30,代码来源:library.php

示例2: ft_add_list_group

/**
 * Inserts a new list group.
 *
 * @param $account_id
 */
function ft_add_list_group($group_type, $group_name, $next_order = "")
{
    global $g_table_prefix;
    $group_name = ft_sanitize($group_name);
    if (empty($next_order)) {
        // get the next list_order for this group
        $query = mysql_query("\n      SELECT list_order\n      FROM   {$g_table_prefix}list_groups\n      WHERE  group_type = '{$group_type}'\n      ORDER BY list_order DESC LIMIT 1\n    ");
        $result = mysql_fetch_assoc($query);
        $next_order = !isset($result["list_order"]) ? 1 : $result["list_order"] + 1;
    }
    $query = mysql_query("\n    INSERT INTO {$g_table_prefix}list_groups (group_type, group_name, custom_data, list_order)\n    VALUES ('{$group_type}', '{$group_name}', '', {$next_order})\n  ");
    $group_id = mysql_insert_id();
    return array("group_id" => $group_id, "group_name" => $group_name);
}
开发者ID:jeffthestampede,项目名称:excelsior,代码行数:19,代码来源:list_groups.php

示例3: ft_register_hook

/**
 * Called by module installation files, and/or whenever needed. This function logs new hooks in the
 * database. This function is called by the module designers WITHIN their own modules.
 *
 * @param string $hook_type "code" or "template"
 * @param string $when when in the functions the hooks should be processed. For code hooks, these are
 *    either "start" or "end"; for template hooks, this is the location attribute of the {template_hook ...}
 *    tag.
 * @param string $function_name the name of the function to which this hook is to be attached
 * @param string $hook_function the name of the hook function, found in the modules library.php file
 * @param integer $priority 1-100 (100 lowest, 1 highest). Optional setting that determines the order
 *    in which this hook gets processed, in relation to OTHER hooks attached to the same event.
 * @param boolean $force_unique if set to true, this will only register hooks that haven't been set
 *    with this module, location, hook and core function.
 */
function ft_register_hook($hook_type, $module_folder, $when, $function_name, $hook_function, $priority = 50, $force_unique = false)
{
    global $g_table_prefix;
    $when = ft_sanitize($when);
    $function_name = ft_sanitize($function_name);
    $hook_function = ft_sanitize($hook_function);
    $may_proceed = true;
    if ($force_unique) {
        $query = mysql_query("\r\n      SELECT count(*) as c\r\n      FROM   {$g_table_prefix}hook_calls\r\n      WHERE  hook_type = '{$hook_type}' AND\r\n             action_location = '{$when}' AND\r\n             module_folder = '{$module_folder}' AND\r\n             function_name = '{$function_name}' AND\r\n             hook_function = '{$hook_function}'\r\n        ");
        $result = mysql_fetch_assoc($query);
        if ($result["c"] > 0) {
            $may_proceed = false;
        }
    }
    $result = mysql_query("\r\n    INSERT INTO {$g_table_prefix}hook_calls (hook_type, action_location, module_folder, function_name, hook_function, priority)\r\n    VALUES ('{$hook_type}', '{$when}', '{$module_folder}', '{$function_name}', '{$hook_function}', {$priority})\r\n      ");
    if ($result) {
        $hook_id = mysql_insert_id();
        return array(true, $hook_id);
    } else {
        return array(false, "");
    }
}
开发者ID:jdearaujo,项目名称:core,代码行数:37,代码来源:hooks.php

示例4: ft_update_field

/**
 * Adds/updates all options for a given field. This is called when the user edits fields from the dialog
 * window on the Fields tab. It updates all information about a field: including the custom settings.
 *
 * @param integer $form_id The unique form ID
 * @param integer $field_id The unique field ID
 * @param integer $info a hash containing tab1 and/or tab2 indexes, containing all the latest values for
 *                the field
 * @param array [0] success/fail (boolean), [1] empty string for success, or error message
 */
function ft_update_field($form_id, $field_id, $tab_info)
{
    global $g_table_prefix, $g_field_sizes, $g_debug, $LANG;
    $tab_info = ft_sanitize($tab_info);
    $existing_form_field_info = ft_get_form_field($field_id);
    // TAB 1: this tab contains the standard settings shared by all fields, regardless of type: display text,
    // form field name, field type, pass on, field size, data type and database col name
    $db_col_name_changes = array();
    if (is_array($tab_info["tab1"])) {
        $info = $tab_info["tab1"];
        $display_name = _ft_extract_array_val($info, "edit_field__display_text");
        // bit weird. this field is a checkbox, so if it's not checked it won't be in the request and
        // _ft_extract_array_val returns an empty string
        $include_on_redirect = _ft_extract_array_val($info, "edit_field__pass_on");
        $include_on_redirect = empty($include_on_redirect) ? "no" : "yes";
        if ($existing_form_field_info["is_system_field"] == "yes") {
            $query = "\n        UPDATE {$g_table_prefix}form_fields\n        SET    field_title = '{$display_name}',\n               include_on_redirect = '{$include_on_redirect}'\n        WHERE  field_id = {$field_id}\n      ";
            $result = mysql_query($query);
            if (!$result) {
                return array(false, $LANG["phrase_query_problem"] . $query);
            }
        } else {
            $field_name = _ft_extract_array_val($info, "edit_field__field_name");
            $field_type_id = _ft_extract_array_val($info, "edit_field__field_type");
            $field_size = _ft_extract_array_val($info, "edit_field__field_size");
            $data_type = _ft_extract_array_val($info, "edit_field__data_type");
            $col_name = _ft_extract_array_val($info, "edit_field__db_column");
            $query = mysql_query("\n        UPDATE {$g_table_prefix}form_fields\n        SET    field_name = '{$field_name}',\n               field_type_id = '{$field_type_id}',\n               field_size = '{$field_size}',\n               field_title = '{$display_name}',\n               data_type = '{$data_type}',\n               include_on_redirect = '{$include_on_redirect}',\n               col_name = '{$col_name}'\n        WHERE  field_id = {$field_id}\n          ");
            // if the column name or field size just changed, we need to "physically" update the form's database table
            // If this fails, we rollback both the field TYPE and the field size.
            // BUG The *one* potential issue here is if the user just deleted a field type, then updated a field which - for
            // whatever reason - fails. But this is very much a fringe case
            $old_field_size = $existing_form_field_info["field_size"];
            $old_col_name = $existing_form_field_info["col_name"];
            $old_field_type_id = $existing_form_field_info["field_type_id"];
            if ($old_field_size != $field_size || $old_col_name != $col_name) {
                $new_field_size_sql = $g_field_sizes[$field_size]["sql"];
                $table_name = "{$g_table_prefix}form_{$form_id}";
                list($is_success, $err_message) = _ft_alter_table_column($table_name, $old_col_name, $col_name, $new_field_size_sql);
                if ($is_success) {
                    if ($old_col_name != $col_name) {
                        $db_col_name_changes[] = $field_id;
                    }
                } else {
                    $query = mysql_query("\n            UPDATE {$g_table_prefix}form_fields\n            SET    field_type_id = '{$old_field_type_id}',\n                   field_size    = '{$old_field_size}',\n                   col_name      = '{$old_col_name}'\n            WHERE  field_id = {$field_id}\n              ");
                    return array(false, $LANG["phrase_query_problem"] . $err_message);
                }
            }
            // if the field type just changed, the field-specific settings are orphaned. Drop them. In this instance, the
            // client-side code ensures that the contents of the second tab are always passed so the code below will add
            // any default values that are needed
            if ($old_field_type_id != $field_type_id) {
                ft_delete_extended_field_settings($field_id);
            }
        }
    }
    // if any of the database column names just changed we need to update any View filters that relied on them
    if (!empty($db_col_name_changes)) {
        foreach ($db_col_name_changes as $field_id) {
            ft_update_field_filters($field_id);
        }
    }
    // TAB 2: update the custom field settings for this field type. tab2 can be any of these values:
    //  1. a string "null": indicating that the user didn't change anything on the tab)
    //  2. the empty string: indicating that things DID change, but nothing is being passed on. This can happen
    //                      when the user checked the "Use Default Value" for all fields on the tab & the tab
    //                      doesn't contain an option list or form field
    //  3. an array of values
    if (isset($tab_info["tab2"]) && $tab_info["tab2"] != "null") {
        $info = is_array($tab_info["tab2"]) ? $tab_info["tab2"] : array();
        // since the second tab is being updated, we can rely on all the latest & greatest values being passed
        // in the request, so clean out all old values
        ft_delete_extended_field_settings($field_id);
        // convert the $info (which is an array of hashes) into a friendlier hash. This makes detecting for Option
        // List fields much easier
        $setting_hash = array();
        for ($i = 0; $i < count($info); $i++) {
            $setting_hash[$info[$i]["name"]] = $info[$i]["value"];
        }
        $new_settings = array();
        while (list($setting_name, $setting_value) = each($setting_hash)) {
            // ignore the additional field ID and field order rows that are custom to Option List / Form Field types. They'll
            // be handled below
            if (preg_match("/edit_field__setting_(\\d)+_field_id/", $setting_name) || preg_match("/edit_field__setting_(\\d)+_field_order/", $setting_name)) {
                continue;
            }
            // TODO BUG. newlines aren't surviving this... why was it added? double quotes? single quotes?
            $setting_value = ft_sanitize(stripslashes($setting_value));
            $setting_id = preg_replace("/edit_field__setting_/", "", $setting_name);
            // if this field is being mapped to a form field, we serialize the form ID, field ID and order into a single var and
//.........这里部分代码省略.........
开发者ID:jdearaujo,项目名称:core,代码行数:101,代码来源:fields.php

示例5: ft_update_client_menu

/**
 * Updates a client menu.
 *
 * @param array $info
 */
function ft_update_client_menu($info)
{
    global $g_table_prefix, $g_pages, $g_root_url, $LANG;
    $info = ft_sanitize($info);
    $menu_id = $info["menu_id"];
    $menu = trim($info["menu"]);
    $sortable_id = $info["sortable_id"];
    mysql_query("\r\n    UPDATE {$g_table_prefix}menus\r\n    SET    menu    = '{$menu}'\r\n    WHERE  menu_id = {$menu_id}\r\n      ");
    $sortable_rows = explode(",", $info["{$sortable_id}_sortable__rows"]);
    $sortable_new_groups = explode(",", $info["{$sortable_id}_sortable__new_groups"]);
    $menu_items = array();
    foreach ($sortable_rows as $i) {
        // if this row doesn't have a page identifier, just ignore it
        if (!isset($info["page_identifier_{$i}"]) || empty($info["page_identifier_{$i}"])) {
            continue;
        }
        $page_identifier = $info["page_identifier_{$i}"];
        $display_text = ft_sanitize($info["display_text_{$i}"]);
        $custom_options = isset($info["custom_options_{$i}"]) ? ft_sanitize($info["custom_options_{$i}"]) : "";
        $is_submenu = isset($info["submenu_{$i}"]) ? "yes" : "no";
        // construct the URL for this menu item
        $url = ft_construct_page_url($page_identifier, $custom_options);
        $menu_items[] = array("url" => $url, "page_identifier" => $page_identifier, "display_text" => $display_text, "custom_options" => $custom_options, "is_submenu" => $is_submenu, "is_new_sort_group" => in_array($i, $sortable_new_groups) ? "yes" : "no");
    }
    ksort($menu_items);
    mysql_query("DELETE FROM {$g_table_prefix}menu_items WHERE menu_id = {$menu_id}");
    $order = 1;
    foreach ($menu_items as $hash) {
        $url = $hash["url"];
        $page_identifier = $hash["page_identifier"];
        $display_text = $hash["display_text"];
        $custom_options = $hash["custom_options"];
        $is_submenu = $hash["is_submenu"];
        $is_new_sort_group = $hash["is_new_sort_group"];
        mysql_query("\r\n      INSERT INTO {$g_table_prefix}menu_items (menu_id, display_text, page_identifier, custom_options, url, is_submenu,\r\n        list_order, is_new_sort_group)\r\n      VALUES ({$menu_id}, '{$display_text}', '{$page_identifier}', '{$custom_options}', '{$url}', '{$is_submenu}',\r\n        {$order}, '{$is_new_sort_group}')\r\n        ");
        $order++;
    }
    $success = true;
    $message = $LANG["notify_client_menu_updated"];
    extract(ft_process_hook_calls("end", compact("info"), array("success", "message")), EXTR_OVERWRITE);
    return array($success, $message);
}
开发者ID:jdearaujo,项目名称:core,代码行数:47,代码来源:menus.php

示例6: ft_init_module_page

<?php

require_once "../../global/library.php";
ft_init_module_page();
if (isset($_GET["repair"])) {
    $module_ids = explode(",", $_GET["repair"]);
    list($g_success, $g_message) = sc_reset_module_hook_calls($module_ids);
}
// example
//sc_generate_module_hook_array("module_hooks_manager_rules", "1.1.4");
//exit;
$word_testing_uc = mb_strtoupper($L["word_untested"]);
$word_passed_uc = mb_strtoupper($L["word_passed"]);
$word_failed_uc = mb_strtoupper($L["word_failed"]);
$notify_hook_verification_complete_problems = ft_sanitize($L["notify_hook_verification_complete_problems"]);
$page_vars = array();
$page_vars["module_list"] = sc_get_compatible_modules("hooks");
//print_r($page_vars["module_list"]);
$page_vars["head_string"] = <<<EOF
<script src="{$g_root_url}/modules/system_check/global/scripts/tests.js"></script>
<link type="text/css" rel="stylesheet" href="{$g_root_url}/modules/system_check/global/css/styles.css">
<script>
g.messages = [];
g.messages["word_testing_c"] = "{$L["word_testing_c"]}";
g.messages["word_untested"] = "{$word_testing_uc}";
g.messages["word_passed"] = "{$word_passed_uc}";
g.messages["word_failed"] = "{$word_failed_uc}";
g.messages["phrase_missing_table_c"] = "{$L["phrase_missing_table_c"]}";
g.messages["phrase_missing_column_c"] = "{$L["phrase_missing_column_c"]}";
g.messages["phrase_table_looks_good_c"] = "{$L["phrase_table_looks_good_c"]}";
g.messages["phrase_invalid_column_c"] = "{$L["phrase_invalid_column_c"]}";
开发者ID:jeffthestampede,项目名称:excelsior,代码行数:31,代码来源:hooks.php

示例7: list

        $force_delete = $request["force_delete"] == "true" ? true : false;
        // TODO beef up the security here. Check that the person logged in is permitted to see this submission & field...
        list($success, $message) = ft_file_delete_file_submission($form_id, $submission_id, $field_id, $force_delete);
        $success = $success ? 1 : 0;
        $message = ft_sanitize($message);
        $message = preg_replace("/\\\\'/", "'", $message);
        echo "{ \"success\": \"{$success}\", \"message\": \"{$message}\" {$return_str} }";
        break;
        // this is called when the field type is being used in the Form Builder. This is just slightly more restrictive than
        // the logged-in context: it pulls the form ID and submission ID from sessions instead of from the page (which could
        // be hacked)
    // this is called when the field type is being used in the Form Builder. This is just slightly more restrictive than
    // the logged-in context: it pulls the form ID and submission ID from sessions instead of from the page (which could
    // be hacked)
    case "delete_submission_file_standalone":
        $published_form_id = isset($request["published_form_id"]) ? $request["published_form_id"] : "";
        if (empty($published_form_id)) {
            echo "{ \"success\": \"0\", \"message\": \"Your form is missing the form_tools_published_form_id ID field.\" {$return_str} }";
            exit;
        }
        $form_id = $_SESSION["form_builder_{$published_form_id}"]["form_tools_form_id"];
        $submission_id = $_SESSION["form_builder_{$published_form_id}"]["form_tools_submission_id"];
        $field_id = $request["field_id"];
        $force_delete = $request["force_delete"] == "true" ? true : false;
        list($success, $message) = ft_file_delete_file_submission($form_id, $submission_id, $field_id, $force_delete);
        $success = $success ? 1 : 0;
        $message = ft_sanitize($message);
        $message = preg_replace("/\\\\'/", "'", $message);
        echo "{ \"success\": \"{$success}\", \"message\": \"{$message}\" {$return_str} }";
        break;
}
开发者ID:jeffthestampede,项目名称:excelsior,代码行数:31,代码来源:actions.php

示例8: ft_duplicate_option_list

/**
 * Creates an identical copy of an existing Option List, or creates a new blank one. This can be handy if
 * the user was using a single group for multiple fields, but one of the form fields changed. They can just
 * create a new copy, tweak it and re-assign the field.
 *
 * If no Option List ID is passed in the first param, it creates a new blank Option List (sorry for the crappy
 * function name).
 *
 * @param integer $list_id
 * @param integer $field_id if this parameter is set, the new Option List will be assigned to whatever
 *   field IDs are specified. Note: this only works for Field Types that have a single
 * @return mixed the list ID if successful, false if not
 */
function ft_duplicate_option_list($list_id = "", $field_ids = array())
{
    global $g_table_prefix, $LANG;
    // to ensure that all new field option groups have unique names, query the database and find the next free
    // group name of the form "New Option List (X)" (where "New Option List" is in the language of the current user)
    $lists = ft_get_option_lists("all");
    $list_names = array();
    foreach ($lists["results"] as $list_info) {
        $list_names[] = $list_info["option_list_name"];
    }
    $base_new_option_list = $LANG["phrase_new_option_list"];
    $new_option_list_name = $base_new_option_list;
    if (in_array($new_option_list_name, $list_names)) {
        $count = 2;
        $new_option_list_name = "{$base_new_option_list} ({$count})";
        while (in_array($new_option_list_name, $list_names)) {
            $count++;
            $new_option_list_name = "{$base_new_option_list} ({$count})";
        }
    }
    if (empty($list_id)) {
        $query = mysql_query("\n      INSERT INTO {$g_table_prefix}option_lists (option_list_name, is_grouped)\n      VALUES ('{$new_option_list_name}', 'no')\n    ");
        if (!$query) {
            return false;
        }
        $new_list_id = mysql_insert_id();
    } else {
        $option_list_info = ft_get_option_list($list_id);
        $is_grouped = $option_list_info["is_grouped"];
        $query = mysql_query("\n      INSERT INTO {$g_table_prefix}option_lists (option_list_name, is_grouped)\n      VALUES ('{$new_option_list_name}', '{$is_grouped}')\n    ");
        if (!$query) {
            return false;
        }
        $new_list_id = mysql_insert_id();
        // add add the option groups and their field options
        foreach ($option_list_info["options"] as $grouped_option_info) {
            $group_info = $grouped_option_info["group_info"];
            $options = $grouped_option_info["options"];
            $group_type = "option_list_{$new_list_id}";
            $group_name = $group_info["group_name"];
            $list_order = $group_info["list_order"];
            $new_list_group_info = ft_add_list_group($group_type, $group_name, $list_order);
            $new_list_group_id = $new_list_group_info["group_id"];
            foreach ($options as $option_info) {
                $option_info = ft_sanitize($option_info);
                $order = $option_info["option_order"];
                $value = $option_info["option_value"];
                $name = $option_info["option_name"];
                $is_new_sort_group = $option_info["is_new_sort_group"];
                mysql_query("\n          INSERT INTO {$g_table_prefix}field_options (list_id, list_group_id, option_order,\n            option_value, option_name, is_new_sort_group)\n          VALUES ({$new_list_id}, {$new_list_group_id}, '{$order}', '{$value}', '{$name}', '{$is_new_sort_group}')\n            ") or die(mysql_error());
            }
        }
    }
    // if we need to map this new option list to a field - or fields, loop through them and add them
    // one by one. Note: field types may use multiple Option Lists, which makes this extremely difficult. But
    // to make it as generic as possible, this code picks the first Option List field for the field type (as determined
    // by the setting list order)
    if (!empty($field_ids)) {
        foreach ($field_ids as $field_id) {
            $field_type_id = ft_get_field_type_id_by_field_id($field_id);
            $field_settings = ft_get_field_type_settings($field_type_id);
            $option_list_setting_id = "";
            foreach ($field_settings as $field_setting_info) {
                if ($field_setting_info["field_type"] == "option_list_or_form_field") {
                    $option_list_setting_id = $field_setting_info["setting_id"];
                    break;
                }
            }
            // this should ALWAYS have found a setting, but just in case...
            if (!empty($option_list_setting_id)) {
                mysql_query("DELETE FROM {$g_table_prefix}field_settings WHERE field_id = {$field_id} AND setting_id = {$option_list_setting_id}");
                @mysql_query("\n          INSERT INTO {$g_table_prefix}field_settings (field_id, setting_id, setting_value)\n          VALUES ({$field_id}, {$option_list_setting_id}, {$new_list_id})\n           ");
            }
        }
    }
    return $new_list_id;
}
开发者ID:jeffthestampede,项目名称:excelsior,代码行数:90,代码来源:option_lists.php

示例9: exp_update_export_type

/**
 * Updates an export type.
 *
 * @param integer $export_type_id
 * @param array
 */
function exp_update_export_type($info)
{
    global $g_table_prefix, $L;
    $info = ft_sanitize($info);
    $export_type_id = $info["export_type_id"];
    $export_type_name = $info["export_type_name"];
    $visibility = $info["visibility"];
    $filename = $info["filename"];
    $export_group_id = $info["export_group_id"];
    $smarty_template = $info["smarty_template"];
    mysql_query("\n    UPDATE {$g_table_prefix}module_export_types\n    SET    export_type_name = '{$export_type_name}',\n           export_type_visibility = '{$visibility}',\n           filename = '{$filename}',\n           export_group_id = {$export_group_id},\n           smarty_template = '{$smarty_template}'\n    WHERE  export_type_id = {$export_type_id}\n      ");
    return array(true, $L["notify_export_type_updated"]);
}
开发者ID:jeffthestampede,项目名称:excelsior,代码行数:19,代码来源:export_types.php

示例10: exp_insert_default_data

/**
 * Called by the installation script and on the Reset to Defaults page. This cleans out any data already in the
 * tables and inserts the default values.
 */
function exp_insert_default_data()
{
    global $g_table_prefix, $g_root_dir, $g_root_url, $LANG;
    exp_clear_table_data();
    $queries = array();
    // add Export Groups
    $phrase_html_printer = ft_sanitize($LANG["export_manager"]["phrase_html_printer_friendly"]);
    $word_excel = ft_sanitize($LANG["export_manager"]["word_excel"]);
    $word_xml = ft_sanitize($LANG["export_manager"]["word_xml"]);
    $word_csv = ft_sanitize($LANG["export_manager"]["word_csv"]);
    $word_display = ft_sanitize($LANG["word_display"]);
    $word_generate = ft_sanitize($LANG["export_manager"]["word_generate"]);
    $queries[] = "INSERT INTO {$g_table_prefix}module_export_groups VALUES (1, '{$phrase_html_printer}', 'public', 'all', NULL, 'show', 'printer.png', 'popup', '{$word_display}', '600', '800', '', '<html>\r\n<head>\r\n  <title>{\$export_group_name}</title>\r\n\r\n  {* escape the CSS so it doesn''t confuse Smarty *}\r\n  {literal}\r\n  <style type=\"text/css\">\r\n  body { margin: 0px; }\r\n  table, td, tr, div, span { \r\n    font-family: verdana; font-size: 8pt;\r\n  }\r\n  table { empty-cells: show }\r\n  #nav_row { background-color: #efefef; padding: 10px; }\r\n  #export_group_name { color: #336699; font-weight:bold }\r\n  .print_table { border: 1px solid #dddddd; }\r\n  .print_table th { \r\n    border: 1px solid #cccccc; \r\n    background-color: #efefef;\r\n    text-align: left;\r\n  }\r\n  .print_table td { border: 1px solid #cccccc; }\r\n  .one_item { margin-bottom: 15px; }\r\n  .page_break { page-break-after: always; }\r\n  </style>\r\n\r\n  <style type=\"text/css\" media=\"print\">\r\n  .no_print { display: none }\r\n  </style>\r\n  {/literal}\r\n\r\n</head>\r\n<body>\r\n\r\n<div id=\"nav_row\" class=\"no_print\">\r\n\r\n  <span style=\"float:right\">{if \$page_type != \"file\"}\r\n    {* if there''s more than one export type in this group, display the types in a dropdown *}\r\n    {if \$export_types|@count > 1}\r\n      <select name=\"export_type_id\" onchange=\"window.location=''{\$same_page}?export_group_id={\$export_group_id}&export_group_{\$export_group_id}_results={\$export_group_results}&export_type_id='' + this.value\">\r\n      {foreach from=\$export_types item=export_type}\r\n        <option value=\"{\$export_type.export_type_id}\" {if \$export_type.export_type_id == \$export_type_id}selected{/if}>{eval var=\$export_type.export_type_name}</option>\r\n      {/foreach}\r\n      </select>\r\n    {/if}\r\n    {/if}\r\n    <input type=\"button\" onclick=\"window.close()\" value=\"{\$LANG.word_close}\" />\r\n    <input type=\"button\" onclick=\"window.print()\" value=\"{\$LANG.word_print}\" />\r\n  </span>\r\n\r\n  <span id=\"export_group_name\">{eval var=\$export_group_name}</span>\r\n</div>\r\n\r\n<div style=\"padding: 15px\">\r\n  {\$export_type_smarty_template}\r\n</div>\r\n\r\n</body>\r\n</html>', 1)";
    $queries[] = "INSERT INTO {$g_table_prefix}module_export_groups VALUES (2, '{$word_excel}', 'public', 'all', NULL, 'show', 'xls.gif', 'new_window', '{$word_generate}', '', '', 'Pragma: public\nCache-Control: max-age=0\nContent-Type: application/vnd.ms-excel; charset=utf-8\nContent-Disposition: attachment; filename={\$filename}', '<html>\r\n<head>\r\n</head>\r\n<body>\r\n\r\n{\$export_type_smarty_template}\r\n\r\n</body>\r\n</html>', 2)";
    $queries[] = "INSERT INTO {$g_table_prefix}module_export_groups VALUES (3, '{$word_xml}', 'public', 'all', NULL, 'hide', 'xml.jpg', 'new_window', '{$word_generate}', '', '', '', '<?xml version=\"1.0\" encoding=\"utf-8\" ?>\r\n\r\n{\$export_type_smarty_template}', 4)";
    $queries[] = "INSERT INTO {$g_table_prefix}module_export_groups VALUES (4, '{$word_csv}', 'public', 'all', NULL, 'hide', 'csv.gif', 'new_window', '{$word_generate}', '', '', 'Content-type: application/xml; charset=\"octet-stream\"\r\nContent-Disposition: attachment; filename={\$filename}', '{\$export_type_smarty_template}', 3)";
    // add Export Types
    $table_format = ft_sanitize($LANG["export_manager"]["phrase_table_format"]);
    $one_by_one = ft_sanitize($LANG["export_manager"]["phrase_one_by_one"]);
    $one_submission_per_page = ft_sanitize($LANG["export_manager"]["phrase_one_submission_per_page"]);
    $all_submissions = ft_sanitize($LANG["phrase_all_submissions"]);
    $queries[] = "INSERT INTO {$g_table_prefix}module_export_types VALUES (1, '{$table_format}', 'show', 'submissions-{\$M}.{\$j}.html', 1, '<h1>{\$form_name} - {\$view_name}</h1>\r\n\r\n<table cellpadding=\"2\" cellspacing=\"0\" width=\"100%\" class=\"print_table\">\r\n<tr>\r\n  {foreach from=\$display_fields item=column}\r\n    <th>{\$column.field_title}</th>\r\n  {/foreach}\r\n</tr>\r\n{strip}\r\n{foreach from=\$submissions item=submission}\r\n  {assign var=submission_id value=\$submission.submission_id}\r\n  <tr>\r\n    {foreach from=\$display_fields item=field_info}\r\n      {assign var=col_name value=\$field_info.col_name}\r\n      {assign var=value value=\$submission.\$col_name}\r\n      <td>\r\n        {smart_display_field form_id=\$form_id view_id=\$view_id\r\n          submission_id=\$submission_id field_info=\$field_info\r\n          field_types=\$field_types settings=\$settings value=\$value}\r\n      </td>\r\n    {/foreach}\r\n  </tr>\r\n{/foreach}\r\n{/strip}\r\n</table>', 1)";
    $queries[] = "INSERT INTO {$g_table_prefix}module_export_types VALUES (2, '{$one_by_one}', 'show', 'submissions-{\$M}.{\$j}.html', 1, '<h1>{\$form_name} - {\$view_name}</h1>\r\n\r\n{strip}\r\n{foreach from=\$submissions item=submission}\r\n  {assign var=submission_id value=\$submission.submission_id}\r\n  <table cellpadding=\"2\" cellspacing=\"0\" width=\"100%\" \r\n    class=\"print_table one_item\">\r\n    {foreach from=\$display_fields item=field_info}\r\n      {assign var=col_name value=\$field_info.col_name}\r\n      {assign var=value value=\$submission.\$col_name}\r\n      <tr>\r\n        <th width=\"140\">{\$field_info.field_title}</th>\r\n        <td>\r\n          {smart_display_field form_id=\$form_id view_id=\$view_id\r\n            submission_id=\$submission_id field_info=\$field_info\r\n            field_types=\$field_types settings=\$settings value=\$value}\r\n        </td>\r\n      </tr>\r\n    {/foreach}\r\n  </table>\r\n{/foreach}\r\n{/strip}', 2)";
    $queries[] = "INSERT INTO {$g_table_prefix}module_export_types VALUES (3, '{$one_submission_per_page}', 'show', 'submissions-{\$M}.{\$j}.html', 1, '<h1>{\$form_name} - {\$view_name}</h1>\r\n\r\n{foreach from=\$submissions item=submission name=row}\r\n  {assign var=submission_id value=\$submission.submission_id}\r\n  <table cellpadding=\"2\" cellspacing=\"0\" width=\"100%\" \r\n    class=\"print_table one_item\">\r\n    {foreach from=\$display_fields item=field_info}\r\n      {assign var=col_name value=\$field_info.col_name}\r\n      {assign var=value value=\$submission.\$col_name}\r\n      <tr>\r\n        <th width=\"140\">{\$field_info.field_title}</th>\r\n        <td>\r\n          {smart_display_field form_id=\$form_id view_id=\$view_id\r\n            submission_id=\$submission_id field_info=\$field_info\r\n            field_types=\$field_types settings=\$settings value=\$value}\r\n        </td>\r\n      </tr>\r\n    {/foreach}\r\n  </table>\r\n\r\n  {if !\$smarty.foreach.row.last}\r\n    <div class=\"no_print\"><i>- {\$LANG.phrase_new_page} -</i></div>\r\n    <br class=\"page_break\" />\r\n  {/if}\r\n \r\n{/foreach}\r\n', 3)";
    $queries[] = "INSERT INTO {$g_table_prefix}module_export_types VALUES (4, '{$table_format}', 'show', 'submissions-{\$M}.{\$j}.xls', 2, '<h1>{\$form_name} - {\$view_name}</h1>\r\n\r\n<table cellpadding=\"2\" cellspacing=\"0\" width=\"100%\" class=\"print_table\">\r\n<tr>\r\n  {foreach from=\$display_fields item=column}\r\n    <th>{\$column.field_title}</th>\r\n  {/foreach}\r\n</tr>\r\n{strip}\r\n{foreach from=\$submissions item=submission}\r\n  {assign var=submission_id value=\$submission.submission_id}\r\n  <tr>\r\n    {foreach from=\$display_fields item=field_info}\r\n      {assign var=col_name value=\$field_info.col_name}\r\n      {assign var=value value=\$submission.\$col_name}\r\n      <td>\r\n        {smart_display_field form_id=\$form_id view_id=\$view_id\r\n          submission_id=\$submission_id field_info=\$field_info\r\n          field_types=\$field_types settings=\$settings value=\$value\r\n          escape=\"excel\"}\r\n      </td>\r\n    {/foreach}\r\n  </tr>\r\n{/foreach}\r\n{/strip}\r\n</table>', 1)";
    $queries[] = "INSERT INTO {$g_table_prefix}module_export_types VALUES (5, '{$all_submissions}', 'show', 'form{\$form_id}_{\$datetime}.csv', 4, '{strip}\r\n  {foreach from=\$display_fields item=column name=row}\r\n    {* workaround for absurd Microsoft Excel problem, in which the first\r\n       two characters of a file cannot be ID; see:\r\n       http://support.microsoft.com /kb/323626 *}\r\n    {if \$smarty.foreach.row.first && \$column.field_title == \"ID\"}\r\n      .ID\r\n    {else}\r\n      {\$column.field_title|escape:''csv''}\r\n    {/if}\r\n    {if !\$smarty.foreach.row.last},{/if}\r\n  {/foreach}\r\n{/strip}\r\n{foreach from=\$submissions item=submission name=row}{strip}\r\n  {foreach from=\$display_fields item=field_info name=col_row}\r\n    {assign var=col_name value=\$field_info.col_name}\r\n    {assign var=value value=\$submission.\$col_name}\r\n    {smart_display_field form_id=\$form_id view_id=\$view_id\r\n      submission_id=\$submission.submission_id field_info=\$field_info\r\n      field_types=\$field_types settings=\$settings value=\$value\r\n      escape=\"csv\"}\r\n    {* if this wasn''t the last row, output a comma *}\r\n    {if !\$smarty.foreach.col_row.last},{/if}\r\n  {/foreach}\r\n{/strip}\r\n{if !\$smarty.foreach.row.last}\r\n{/if}\r\n{/foreach}', 1)";
    $queries[] = "INSERT INTO {$g_table_prefix}module_export_types VALUES (6, '{$all_submissions}', 'show', 'form{\$form_id}_{\$datetime}.xml', 3, '<export>\r\n  <export_datetime>{\$datetime}</export_datetime>\r\n  <export_unixtime>{\$U}</export_unixtime>\r\n  <form_info>\r\n    <form_id>{\$form_id}</form_id>\r\n    <form_name><![CDATA[{\$form_name}]]></form_name>\r\n    <form_url>{\$form_url}</form_url>\r\n  </form_info>\r\n  <view_info>\r\n    <view_id>{\$view_id}</view_id>\r\n    <view_name><![CDATA[{\$view_name}]]></view_name>\r\n  </view_info>\r\n  <submissions>\r\n    {foreach from=\$submissions item=submission name=row}      \r\n      <submission>\r\n       {foreach from=\$display_fields item=field_info name=col_row}\r\n         {assign var=col_name value=\$field_info.col_name}\r\n         {assign var=value value=\$submission.\$col_name}\r\n       <{\$col_name}><![CDATA[{smart_display_field form_id=\$form_id \r\n      view_id=\$view_id submission_id=\$submission.submission_id\r\n      field_info=\$field_info field_types=\$field_types \r\n      settings=\$settings value=\$value}]]></{\$col_name}>\r\n        {/foreach}\r\n       </submission>\r\n    {/foreach}\r\n  </submissions>\r\n</export>', 1)";
    // add the module settings
    $upload_dir = str_replace("\\", "\\\\", $g_root_dir);
    $separator = "/";
    if (strtoupper(substr(PHP_OS, 0, 3) == 'WIN')) {
        $separator = "\\\\";
    }
    $upload_dir .= "{$separator}upload";
    $queries[] = "INSERT INTO {$g_table_prefix}settings (setting_name, setting_value, module) VALUES ('file_upload_dir', '{$upload_dir}', 'export_manager')";
    $queries[] = "INSERT INTO {$g_table_prefix}settings (setting_name, setting_value, module) VALUES ('file_upload_url', '{$g_root_url}/upload', 'export_manager')";
    foreach ($queries as $query) {
        $result = mysql_query($query);
        if (!$result) {
            return array(false, $LANG["export_manager"]["notify_installation_problem_c"] . " <b>" . mysql_error() . "</b>");
        }
    }
    return array(true, $LANG["export_manager"]["notify_reset_to_default"]);
}
开发者ID:jeffthestampede,项目名称:excelsior,代码行数:48,代码来源:general.php

示例11: _ft_get_search_form_sql_clauses

/**
 * Used in ft_search_forms and ft_get_form_prev_next_links, this function looks at the
 * current search and figures out the WHERE and ORDER BY clauses so that the calling function
 * can retrieve the appropriate form results in the appropriate order.
 *
 * @param array $search_criteria
 * @return array $clauses
 */
function _ft_get_search_form_sql_clauses($search_criteria)
{
    global $g_table_prefix;
    if (!isset($search_criteria["order"])) {
        $search_criteria["order"] = "form_id-DESC";
    }
    // verbose, but at least it prevents any invalid sorting...
    $order_clause = "";
    switch ($search_criteria["order"]) {
        case "form_id-DESC":
            $order_clause = "form_id DESC";
            break;
        case "form_id-ASC":
            $order_clause = "form_id ASC";
            break;
        case "form_name-ASC":
            $order_clause = "form_name ASC";
            break;
        case "form_name-DESC":
            $order_clause = "form_name DESC";
            break;
        case "form_type-ASC":
            $order_clause = "form_type ASC";
            break;
        case "form_type-DESC":
            $order_clause = "form_type DESC";
            break;
        case "status-DESC":
            $order_clause = "(is_initialized = 'no' AND is_complete = 'no'), is_active = 'no', is_active = 'yes'";
            break;
        case "status-ASC":
            $order_clause = "is_active = 'yes', is_active = 'no', (is_initialized = 'no' AND is_complete = 'no')";
            break;
        default:
            $order_clause = "form_id DESC";
            break;
    }
    $order_clause = "ORDER BY {$order_clause}";
    $status_clause = "";
    if (isset($search_criteria["status"])) {
        switch ($search_criteria["status"]) {
            case "online":
                $status_clause = "is_active = 'yes' ";
                break;
            case "offline":
                $status_clause = "(is_active = 'no' AND is_complete = 'yes')";
                break;
            case "incomplete":
                $status_clause = "(is_initialized = 'no' OR is_complete = 'no')";
                break;
            default:
                $status_clause = "";
                break;
        }
    }
    $keyword_clause = "";
    if (isset($search_criteria["keyword"]) && !empty($search_criteria["keyword"])) {
        $search_criteria["keyword"] = trim($search_criteria["keyword"]);
        $string = ft_sanitize($search_criteria["keyword"]);
        $fields = array("form_name", "form_url", "redirect_url", "form_id");
        $clauses = array();
        foreach ($fields as $field) {
            $clauses[] = "{$field} LIKE '%{$string}%'";
        }
        $keyword_clause = join(" OR ", $clauses);
    }
    // if a user ID has been specified, find out which forms have been assigned to this client
    // so we can limit our query
    $form_clause = "";
    // this var is populated ONLY for searches on a particular client account. It stores those public forms on
    // which the client is on the Omit List. This value is used at the end of this function to trim the results
    // returned to NOT include those forms
    $client_omitted_from_public_forms = array();
    if (!empty($search_criteria["account_id"])) {
        $account_id = $search_criteria["account_id"];
        // a bit weird, but necessary. This adds a special clause to the query so that when it searches for a
        // particular account, it also (a) returns all public forms and (b) only returns those forms that are
        // completed. This is because incomplete forms are still set to access_type = "public".
        // Note: this does NOT take into account the public_form_omit_list - that's handled afterwards, to
        // keep the SQL as simple as possible
        $is_public_clause = "(access_type = 'public')";
        $is_setup_clause = "is_complete = 'yes' AND is_initialized = 'yes'";
        // first, grab all those forms that are explicitly associated with this client
        $query = mysql_query("\n      SELECT *\n      FROM   {$g_table_prefix}client_forms\n      WHERE  account_id = {$account_id}\n        ");
        $form_clauses = array();
        while ($result = mysql_fetch_assoc($query)) {
            $form_clauses[] = "form_id = {$result['form_id']}";
        }
        if (count($form_clauses) > 1) {
            $form_clause = "(((" . join(" OR ", $form_clauses) . ") OR {$is_public_clause}) AND ({$is_setup_clause}))";
        } else {
            $form_clause = isset($form_clauses[0]) ? "(({$form_clauses[0]} OR {$is_public_clause}) AND ({$is_setup_clause}))" : "({$is_public_clause} AND ({$is_setup_clause}))";
//.........这里部分代码省略.........
开发者ID:jeffthestampede,项目名称:excelsior,代码行数:101,代码来源:forms.php

示例12: ft_update_admin_account

/**
 * Updates the administrator account. With the addition of the "UI Language" option, this action
 * gets a little more complicated. The problem is that we can't just update the UI language in
 * sessions *within* this function, because by the time this function is called, the appropriate
 * language file is already in memory and being used. So, to get around this problem, the login
 * information form now passes along both the new and old UI languages. If it's different, AFTER
 * this function is called, you need to reset sessions and refresh the page. So be aware that
 * this problem is NOT handled by this function, see:
 *     /admin/accounts/index.php to see how it's solved.
 *
 * @param array $infohash This parameter should be a hash (e.g. $_POST or $_GET) containing the
 *               following keys: first_name, last_name, user_name, password.
 * @param integer $user_id the administrator's user ID
 * @return array [0]: true/false (success / failure)
 *               [1]: message string
 */
function ft_update_admin_account($infohash, $account_id)
{
    global $g_table_prefix, $g_root_url, $LANG;
    $success = true;
    $message = $LANG["notify_account_updated"];
    $infohash = ft_sanitize($infohash);
    extract(ft_process_hook_calls("start", compact("infohash", "account_id"), array("infohash")), EXTR_OVERWRITE);
    $rules = array();
    $rules[] = "required,first_name,{$LANG["validation_no_first_name"]}";
    $rules[] = "required,last_name,{$LANG["validation_no_last_name"]}";
    $rules[] = "required,email,{$LANG["validation_no_email"]}";
    $rules[] = "required,theme,{$LANG["validation_no_theme"]}";
    $rules[] = "required,login_page,{$LANG["validation_no_login_page"]}";
    $rules[] = "required,logout_url,{$LANG["validation_no_account_logout_url"]}";
    $rules[] = "required,ui_language,{$LANG["validation_no_ui_language"]}";
    $rules[] = "required,sessions_timeout,{$LANG["validation_no_sessions_timeout"]}";
    $rules[] = "required,date_format,{$LANG["validation_no_date_format"]}";
    $rules[] = "required,username,{$LANG["validation_no_username"]}";
    $rules[] = "if:password!=,required,password_2,{$LANG["validation_no_account_password_confirmed"]}";
    $rules[] = "if:password!=,same_as,password,password_2,{$LANG["validation_passwords_different"]}";
    $errors = validate_fields($infohash, $rules);
    if (!empty($errors)) {
        $success = false;
        array_walk($errors, create_function('&$el', '$el = "&bull;&nbsp; " . $el;'));
        $message = implode("<br />", $errors);
        return array($success, $message);
    }
    $first_name = $infohash["first_name"];
    $last_name = $infohash["last_name"];
    $email = $infohash["email"];
    $theme = $infohash["theme"];
    $login_page = $infohash["login_page"];
    $logout_url = $infohash["logout_url"];
    $ui_language = $infohash["ui_language"];
    $timezone_offset = $infohash["timezone_offset"];
    $sessions_timeout = $infohash["sessions_timeout"];
    $date_format = $infohash["date_format"];
    $username = $infohash["username"];
    $password = $infohash["password"];
    $swatch = "";
    if (isset($infohash["{$theme}_theme_swatches"])) {
        $swatch = $infohash["{$theme}_theme_swatches"];
    }
    // if the password is defined, md5 it
    $password_sql = !empty($password) ? "password = '" . md5(md5($password)) . "', " : "";
    // check to see if username is already taken
    list($valid_username, $problem) = _ft_is_valid_username($username, $account_id);
    if (!$valid_username) {
        return array(false, $problem);
    }
    $query = "\n      UPDATE  {$g_table_prefix}accounts\n      SET     {$password_sql}\n              first_name = '{$first_name}',\n              last_name = '{$last_name}',\n              email = '{$email}',\n              theme = '{$theme}',\n              swatch = '{$swatch}',\n              login_page = '{$login_page}',\n              logout_url = '{$logout_url}',\n              ui_language = '{$ui_language}',\n              timezone_offset = '{$timezone_offset}',\n              sessions_timeout = '{$sessions_timeout}',\n              date_format = '{$date_format}',\n              username = '{$username}'\n      WHERE   account_id = {$account_id}\n           ";
    mysql_query($query) or ft_handle_error("Failed query in <b>" . __FUNCTION__ . "</b>: <i>{$query}</i>", mysql_error());
    // update the settings
    $_SESSION["ft"]["settings"] = ft_get_settings();
    $_SESSION["ft"]["account"] = ft_get_account_info($account_id);
    $_SESSION["ft"]["account"]["is_logged_in"] = true;
    // if the password just changed, update sessions and empty any temporary password that happens to have been
    // stored
    if (!empty($password)) {
        $_SESSION["ft"]["account"] = ft_get_account_info($account_id);
        $_SESSION["ft"]["account"]["is_logged_in"] = true;
        $_SESSION["ft"]["account"]["password"] = md5(md5($password));
        mysql_query("UPDATE {$g_table_prefix}accounts SET temp_reset_password = NULL where account_id = {$account_id}");
    }
    extract(ft_process_hook_calls("end", compact("infohash", "account_id"), array("success", "message")), EXTR_OVERWRITE);
    return array($success, $message);
}
开发者ID:jeffthestampede,项目名称:excelsior,代码行数:83,代码来源:administrator.php

示例13: pg_update_page

/**
 * Updates a page.
 *
 * @param integer $page_id
 * @param array
 */
function pg_update_page($page_id, $info)
{
    global $g_table_prefix, $LANG;
    $info = ft_sanitize($info);
    $page_name = $info["page_name"];
    $heading = $info["heading"];
    $access_type = $info["access_type"];
    $content_type = $info["content_type"];
    $use_wysiwyg = $info["use_wysiwyg_hidden"];
    $content = $info["codemirror_content"];
    if ($content_type == "html" && $use_wysiwyg == "yes") {
        $content = $info["wysiwyg_content"];
    }
    mysql_query("\n    UPDATE {$g_table_prefix}module_pages\n    SET    page_name = '{$page_name}',\n           content_type = '{$content_type}',\n           access_type = '{$access_type}',\n           use_wysiwyg = '{$use_wysiwyg}',\n           heading = '{$heading}',\n           content = '{$content}'\n    WHERE  page_id = {$page_id}\n      ");
    @mysql_query("DELETE FROM {$g_table_prefix}module_pages_clients WHERE page_id = {$page_id}");
    if ($access_type == "private") {
        foreach ($info["selected_client_ids"] as $client_id) {
            mysql_query("INSERT INTO {$g_table_prefix}module_pages_clients (page_id, client_id) VALUES ({$page_id}, {$client_id})");
        }
    }
    return array(true, $LANG["notify_page_updated"]);
}
开发者ID:jeffthestampede,项目名称:excelsior,代码行数:28,代码来源:library.php

示例14: ft_sanitize

/**
 * Helper function which should be used on all submitted data to properly escape user-inputted
 * values for inserting into a database. This replaces the former ft_clean_hash function and
 * can be used on any variable.
 *
 * @param mixed
 * @return array The "clean" (escaped) hash.
 */
function ft_sanitize($input)
{
    if (is_array($input)) {
        $output = array();
        foreach ($input as $k => $i) {
            $output[$k] = ft_sanitize($i);
        }
    } else {
        if (get_magic_quotes_gpc()) {
            $input = stripslashes($input);
        }
        $output = mysql_real_escape_string($input);
    }
    return $output;
}
开发者ID:jeffthestampede,项目名称:excelsior,代码行数:23,代码来源:general.php

示例15: ft_get_client_prev_next_links

/**
 * This returns the IDs of the previous and next client accounts, as determined by the administrators current
 * search and sort.
 *
 * Not happy with this function! Getting this info is surprisingly tricky, once you throw in the sort clause.
 * Still, the number of client accounts are liable to be quite small, so it's not such a sin.
 *
 * @param integer $account_id
 * @param array $search_criteria
 * @return hash prev_account_id => the previous account ID (or empty string)
 *              next_account_id => the next account ID (or empty string)
 */
function ft_get_client_prev_next_links($account_id, $search_criteria = array())
{
    global $g_table_prefix;
    $keyword_clause = "";
    if (isset($search_criteria["keyword"]) && !empty($search_criteria["keyword"])) {
        $string = ft_sanitize($search_criteria["keyword"]);
        $fields = array("last_name", "first_name", "email", "account_id");
        $clauses = array();
        foreach ($fields as $field) {
            $clauses[] = "{$field} LIKE '%{$string}%'";
        }
        $keyword_clause = implode(" OR ", $clauses);
    }
    // add up the where clauses
    $where_clauses = array("account_type = 'client'");
    if (!empty($status_clause)) {
        $where_clauses[] = "({$status_clause})";
    }
    if (!empty($keyword_clause)) {
        $where_clauses[] = "({$keyword_clause})";
    }
    $where_clause = "WHERE " . implode(" AND ", $where_clauses);
    $order_clause = _ft_get_client_order_clause($search_criteria["order"]);
    // get the clients
    $client_query_result = mysql_query("\n    SELECT account_id\n    FROM   {$g_table_prefix}accounts\n    {$where_clause}\n    {$order_clause}\n           ");
    $sorted_account_ids = array();
    while ($row = mysql_fetch_assoc($client_query_result)) {
        $sorted_account_ids[] = $row["account_id"];
    }
    $current_index = array_search($account_id, $sorted_account_ids);
    $return_info = array("prev_account_id" => "", "next_account_id" => "");
    if ($current_index === 0) {
        if (count($sorted_account_ids) > 1) {
            $return_info["next_account_id"] = $sorted_account_ids[$current_index + 1];
        }
    } else {
        if ($current_index === count($sorted_account_ids) - 1) {
            if (count($sorted_account_ids) > 1) {
                $return_info["prev_account_id"] = $sorted_account_ids[$current_index - 1];
            }
        } else {
            $return_info["prev_account_id"] = $sorted_account_ids[$current_index - 1];
            $return_info["next_account_id"] = $sorted_account_ids[$current_index + 1];
        }
    }
    return $return_info;
}
开发者ID:jeffthestampede,项目名称:excelsior,代码行数:59,代码来源:clients.php


注:本文中的ft_sanitize函数示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。