PHP is_valid_id函数代码示例

function json_scoreboard($user_type = null)
{
    $values = array();
    if (is_valid_id($user_type)) {
        $values['user_type'] = $user_type;
    }
    $scores = db_query_fetch_all('
        SELECT
           u.id AS user_id,
           u.team_name,
           co.country_code,
           SUM(c.points) AS score,
           MAX(s.added) AS tiebreaker
        FROM users AS u
        LEFT JOIN countries AS co ON co.id = u.country_id
        LEFT JOIN submissions AS s ON u.id = s.user_id AND s.correct = 1
        LEFT JOIN challenges AS c ON c.id = s.challenge
        WHERE
          u.competing = 1
          ' . (is_valid_id($user_type) ? 'AND u.user_type = :user_type' : '') . '
        GROUP BY u.id
        ORDER BY score DESC, tiebreaker ASC', $values);
    $scoreboard = array();
    for ($i = 0; $i < count($scores); $i++) {
        $scoreboard['standings'][$i] = array('pos' => $i + 1, 'team' => $scores[$i]['team_name'], 'score' => array_get($scores[$i], 'score', 0), 'country' => $scores[$i]['country_code']);
    }
    echo json_encode($scoreboard);
}

function update_poll()
{
    global $INSTALLER09, $CURUSER, $mc1, $lang;
    $total_votes = 0;
    if (!isset($_POST['pid']) or !is_valid_id($_POST['pid'])) {
        stderr($lang['poll_up_usr_err'], $lang['poll_up_no_poll']);
    }
    $pid = intval($_POST['pid']);
    if (!isset($_POST['poll_question']) or empty($_POST['poll_question'])) {
        stderr($lang['poll_up_usr_err'], $lang['poll_up_no_title']);
    }
    $poll_title = sqlesc(htmlsafechars(strip_tags($_POST['poll_question']), ENT_QUOTES));
    //get the main crux of the poll data
    $poll_data = makepoll();
    $total_votes = isset($poll_data['total_votes']) ? intval($poll_data['total_votes']) : 0;
    unset($poll_data['total_votes']);
    if (!is_array($poll_data) or !count($poll_data)) {
        stderr($lang['poll_up_sys_err'], $lang['poll_up_no_data']);
    }
    //all ok, serialize
    $poll_data = sqlesc(serialize($poll_data));
    $username = sqlesc($CURUSER['username']);
    sql_query("UPDATE polls SET choices={$poll_data}, starter_id={$CURUSER['id']}, starter_name={$username}, votes={$total_votes}, poll_question={$poll_title} WHERE pid=" . sqlesc($pid)) or sqlerr(__FILE__, __LINE__);
    $mc1->delete_value('poll_data_' . $CURUSER['id']);
    if (-1 == mysqli_affected_rows($GLOBALS["___mysqli_ston"])) {
        $msg = "<h2>{$lang['poll_up_error']}</h2>\n      <a href='javascript:history.back()' title='{$lang['poll_up_fix_it']}' style='color:green;font-weight:bold'><span class='btn' style='padding:3px;'><img style='vertical-align:middle;' src='{$INSTALLER09['pic_base_url']}/polls/p_delete.gif' alt='{$lang['poll_up_back']}' />{$lang['poll_up_back']}</span></a>";
    } else {
        $msg = "<h2>{$lang['poll_up_worked']}</h2>\n      <a href='staffpanel.php?tool=polls_manager&amp;action=polls_manager' title='{$lang['poll_up_return']}' style='color:green;font-weight:bold'><span class='btn' style='padding:3px;'><img style='vertical-align:middle;' src='{$INSTALLER09['pic_base_url']}/polls/p_tick.gif' alt='{$lang['poll_up_success']}' />{$lang['poll_up_success']}</span></a>";
    }
    echo stdhead($lang['poll_up_stdhead']) . $msg . stdfoot();
}

function update_poll()
{
    global $INSTALLER09, $CURUSER, $mc1;
    $total_votes = 0;
    if (!isset($_POST['pid']) or !is_valid_id($_POST['pid'])) {
        stderr('USER ERROR', 'There is no poll with that ID!');
    }
    $pid = intval($_POST['pid']);
    if (!isset($_POST['poll_question']) or empty($_POST['poll_question'])) {
        stderr('USER ERROR', 'There is no title defined!');
    }
    $poll_title = sqlesc(htmlspecialchars(strip_tags($_POST['poll_question']), ENT_QUOTES));
    //get the main crux of the poll data
    $poll_data = makepoll();
    $total_votes = isset($poll_data['total_votes']) ? intval($poll_data['total_votes']) : 0;
    unset($poll_data['total_votes']);
    if (!is_array($poll_data) or !count($poll_data)) {
        stderr('SYSTEM ERROR', 'There was no data sent');
    }
    //all ok, serialize
    $poll_data = sqlesc(serialize($poll_data));
    $username = sqlesc($CURUSER['username']);
    @sql_query("UPDATE polls SET choices={$poll_data}, starter_id={$CURUSER['id']}, starter_name={$username}, votes={$total_votes}, poll_question={$poll_title} WHERE pid={$pid}") or sqlerr(__FILE__, __LINE__);
    $mc1->delete_value('poll_data_' . $CURUSER['id']);
    if (-1 == mysql_affected_rows()) {
        $msg = "<h2>An Error Occured!</h2>\r\n      <a href='javascript:history.back()' title='Go back and fix the error' style='color:green;font-weight:bold'><span class='btn' style='padding:3px;'><img style='vertical-align:middle;' src='{$INSTALLER09['pic_base_url']}/polls/p_delete.gif' alt='Go Back' />Go Back</span></a>";
    } else {
        $msg = "<h2>Groovy, everything went hunky dory!</h2>\r\n      <a href='staffpanel.php?tool=polls_manager&amp;action=polls_manager' title='Return to Polls Manager' style='color:green;font-weight:bold'><span class='btn' style='padding:3px;'><img style='vertical-align:middle;' src='{$INSTALLER09['pic_base_url']}/polls/p_tick.gif' alt='Success' />Success</span></a>";
    }
    echo stdhead('Poll Manager::Add New Poll') . $msg . stdfoot();
}

function check($id)
{
    if (!is_valid_id($id)) {
        return stderr("Error", "Invalid ID");
    } else {
        return true;
    }
}

function validate($id)
{
    global $lang;
    if (!is_valid_id($id)) {
        stderr($lang['failed_sorry'], "{$lang['failed_bad_id']}");
    } else {
        return true;
    }
}

 public function update($data, $id)
 {
     if (empty($data['domain']) || !is_valid_id($id)) {
         return FALSE;
     } else {
         $this->db->where('id', $id);
         $this->db->update('website', $data);
         return TRUE;
     }
 }

function delete_file($id)
{
    if (!is_valid_id($id)) {
        message_error('Invalid ID.');
    }
    db_delete('files', array('id' => $id));
    if (file_exists(CONST_PATH_FILE_UPLOAD . $id)) {
        unlink(CONST_PATH_FILE_UPLOAD . $id);
    }
}

 public function remove($client_id)
 {
     is_valid_id($client_id, 'client') ? '' : show_error($this->lang->line('not_valid_id'));
     $is_remove = $this->relation->remove($client_id);
     if ($is_remove) {
         set_flash($this->lang->line('db_client_removed'));
         redirect('dashboard', 'refresh');
     } else {
         set_flash($this->lang->line('db_client_remove_error'));
         redirect('dashboard', 'refresh');
     }
 }

 public function update()
 {
     $p = $this->input->post('p');
     if (!is_valid_id($p["id"])) {
         echo "COULD NOT UPDATE - MISSING WEBSITE ID";
     } else {
         $id = $p["id"];
     }
     if ($this->Website_model->update($p['update'], $id)) {
         echo "SUCCESS";
     } else {
         echo "UPDATE FAILED";
     }
 }

 public function update_product_types($data, $id)
 {
     if (!is_valid_id($id)) {
         return FALSE;
     } else {
         // Delete all the existing joined product types
         $this->db->where('collectionID', $id);
         $this->db->delete('collectionjoinproducttype');
         if (array_valid($data)) {
             // Insert the new product type associations
             foreach ($data as $ptype_id) {
                 $this->db->insert('collectionjoinproducttype', array('collectionID' => $id, 'productTypeID' => $ptype_id));
             }
         }
         return TRUE;
     }
 }

 public function update()
 {
     $p = $this->input->post('p');
     if (!is_valid_id($p["id"])) {
         echo "COULD NOT UPDATE - MISSING COLLECTION ID";
     } else {
         $id = $p["id"];
     }
     if ($this->Collection_model->update($p['update'], $id)) {
         if ($this->Collection_model->update_product_types($p['product_types'], $id)) {
             echo "SUCCESS";
         } else {
             echo "COULD NOT SETUP PRODUCT TYPE ASSOCIATIONS";
         }
     } else {
         echo "UPDATE FAILED";
     }
 }

 public function update_password($data, $id)
 {
     if (array_valid($data) && is_valid_id($id)) {
         // Ensure no bogus whitespace on any of the information
         array_trim($data);
         // Let's be sure the passwords match
         $new_password = $data['magickey'];
         $match_password = $data['matchkey'];
         if ($new_password === $match_password) {
             $update_data['magickey'] = sha1($new_password);
             $this->db->where('id', $id);
             $this->db->update('user', $update_data);
             return TRUE;
         } else {
             $errors[] = 'The passwords for both fields did not match, please try again';
         }
     } else {
         $errors[] = 'No user information was provided';
     }
     if (array_valid($errors)) {
         return $errors;
     }
 }

 * Project Leaders: Mindless, putyn.
 *
 */
// Achievements mod by MelvinMeow
require_once dirname(__FILE__) . DIRECTORY_SEPARATOR . 'include' . DIRECTORY_SEPARATOR . 'bittorrent.php';
require_once INCL_DIR . 'user_functions.php';
require_once INCL_DIR . 'pager_functions.php';
require_once CLASS_DIR . 'page_verify.php';
dbconn();
loggedinorreturn();
$newpage = new page_verify();
$newpage->create('takecounts');
$lang = array_merge(load_language('global'));
$HTMLOUT = "";
$id = (int) $_GET["id"];
if (!is_valid_id($id)) {
    stderr("Error", "It appears that you have entered an invalid id.");
}
$res = sql_query("SELECT users.id, users.username, usersachiev.achpoints, usersachiev.spentpoints FROM users LEFT JOIN usersachiev ON users.id = usersachiev.id WHERE users.id = " . sqlesc($id)) or sqlerr(__FILE__, __LINE__);
$arr = mysqli_fetch_assoc($res);
if (!$arr) {
    stderr("Error", "It appears that there is no user with that id.");
}
$achpoints = (int) $arr['achpoints'];
$spentpoints = (int) $arr['spentpoints'];
$res = sql_query("SELECT COUNT(*) FROM achievements WHERE userid =" . sqlesc($id)) or sqlerr(__FILE__, __LINE__);
$row = mysqli_fetch_row($res);
$count = $row[0];
$perpage = 15;
if (!$count) {
    stderr("No Achievements", "It appears that <a class='altlink' href='userdetails.php?id=" . (int) $arr['id'] . "'>" . htmlsafechars($arr['username']) . "</a> currently has no achievements.");

    //print_r($input);
    //die;
}
//$input['reputation'] = 'pos';
//$input['reason'] = 'la di da di di la';
///////////////////////////////////////////////
//	Just added to Reputation?
///////////////////////////////////////////////
if (isset($input['done'])) {
    rep_output($lang["info_reputation_added"]);
}
///////////////////////////////////////////////
//	Nope, so do something different, like check stuff
///////////////////////////////////////////////
/// weeeeeeeeee =]
$check = isset($input['pid']) ? is_valid_id($input['pid']) : false;
$locales = array('posts', 'comments', 'torrents', 'users');
$rep_locale = isset($input['locale']) && in_array($input['locale'], $locales) ? $input['locale'] : 'posts';
if (!$check) {
    rep_output('Incorrect Access');
}
if ($rep_locale == 'posts') {
    ///////////////////////////////////////////////
    // check the post actually exists!
    ///////////////////////////////////////////////
    $forum = sql_query("SELECT posts.topicid AS locale, posts.userid, forums.minclassread,\r\nusers.username, users.reputation\r\nFROM posts\r\nLEFT JOIN topics ON topicid = topics.id\r\nLEFT JOIN forums ON topics.forumid = forums.id\r\nLEFT JOIN users ON posts.userid = users.id\r\nWHERE posts.id ={$input['pid']}");
} elseif ($rep_locale == 'comments') {
    ///////////////////////////////////////////////
    // check the comment actually exists!
    ///////////////////////////////////////////////
    //uncomment the following  if use comments.anonymous field

<?php

require_once "../../config/init.php";
$slug = extract_slug_id($_GET["id"]);
if (!is_valid_id($slug['id'])) {
    header('location: /index.php');
    exit;
}
$productID = $slug['id'];
//Information for necklace pages are set in this file
require_once "necklace.inc";
$page->set_all($p);
$page->display();