本文整理汇总了PHP中jb_escape_sql函数的典型用法代码示例。如果您正苦于以下问题:PHP jb_escape_sql函数的具体用法?PHP jb_escape_sql怎么用?PHP jb_escape_sql使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了jb_escape_sql函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: showAllCat
function showAllCat($child, $cols)
{
global $connection;
global $catName;
global $form_id;
# initialise the global subcat flag
# query to get all the nodes that are the
# children of child id
$sql = "SELECT categories.*, categories.category_id as CID, cat_name_translations.category_name AS NAME FROM categories LEFT JOIN cat_name_translations ON categories.category_id=cat_name_translations.category_id WHERE parent_category_id='" . jb_escape_sql($child) . "' AND form_id=1 AND (lang='" . jb_escape_sql($_SESSION['LANG']) . "') ORDER BY list_order, category_name ";
$x = 0;
# do the query
$result = jb_mysql_query($sql) or die($query . mysql_error());
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
$cats[] = $row;
$x++;
if ($x == $cols) {
showRow($cats);
unset($cats);
# clear array
$x = 0;
}
}
# show the remaining cats
showRow($cats);
}示例2: does_field_exist
function does_field_exist($table, $field)
{
global $jb_mysql_link;
$result = jb_mysql_query("show columns from `" . jb_escape_sql($table) . "`");
while ($row = @mysql_fetch_row($result)) {
//echo $row[0]." ";
if ($row[0] == $field) {
return true;
}
}
return false;
}示例3: correct_default_lang
function correct_default_lang()
{
$sql = "SELECT * FROM `lang` WHERE is_active='Y' AND is_default='Y' ";
$result = jb_mysql_query($sql);
if (mysql_num_rows($result) == 0) {
// nothing active and default?
// reset default
$sql = "UPDATE lang SET is_default='N' ";
JB_mysql_query($sql);
$sql = "SELECT * FROM `lang` WHERE is_active='Y' LIMIT 1 ";
$result = jb_mysql_query($sql);
$row = mysql_fetch_array($result, MYSQL_ASSOC);
$sql = "UPDATE lang set is_default='Y' where lang_code='" . jb_escape_sql($row['lang_code']) . "' ";
JB_mysql_query($sql);
}
}示例4: JB_load_motd
function JB_load_motd($type)
{
if ($type != 'E' && $type != 'U') {
return false;
}
$data = array();
$sql = "SELECT * FROM `motd` where `motd_type` = '" . jb_escape_sql($type) . "' AND `motd_lang`='" . jb_escape_sql($_SESSION['LANG']) . "' ";
$result = @JB_mysql_query($sql) or $DB_ERROR = mysql_error();
$row = @mysql_fetch_array($result, MYSQL_ASSOC);
$data['title'] = $row['motd_title'];
$data['message'] = $row['motd_message'];
$data['updated'] = $row['motd_date_updated'];
$sql = "SELECT * FROM `jb_variables` where `key` = 'MOTD_" . jb_escape_sql($type) . "_DISPLAY' ";
$result = @JB_mysql_query($sql) or $DB_ERROR = mysql_error();
$row = @mysql_fetch_array($result, MYSQL_ASSOC);
$data['display'] = $row['val'];
return $data;
}示例5: JB_schema_get_static_fields
function &JB_schema_get_fields($form_id, $result_type = JB_FIELD_LIST)
{
$form_id = (int) $form_id;
$fields = JB_schema_get_static_fields($form_id, $result_type);
if ($result_type == JB_DB_MAP) {
$sql_exclude = " AND field_type != 'BLANK' AND field_type !='SEPERATOR' AND field_type !='NOTE' ";
}
$sql = "SELECT t1.*, t2.field_label AS NAME FROM `form_fields` as t1, form_field_translations as t2 where t1.field_id = t2.field_id AND t2.lang='" . jb_escape_sql($_SESSION['LANG']) . "' AND form_id='" . jb_escape_sql($form_id) . "' {$sql_exclude} ORDER BY field_sort ";
$result = JB_mysql_query($sql);
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
$fields[$row['field_id']]['field_id'] = $row['field_id'];
$fields[$row['field_id']]['field_type'] = $row['field_type'];
$fields[$row['field_id']]['field_label'] = $row['NAME'];
$fields[$row['field_id']]['template_tag'] = $row['template_tag'];
$fields[$row['field_id']]['is_hidden'] = $row['is_hidden'];
// Is hidden from website. Only visibile on the editing form.
// sometimes, template tag can be blank
if ($fields[$row['field_id']]['template_tag'] == '') {
$fields[$row['field_id']]['template_tag'] = $form_id . '_' . $row['field_id'];
}
switch ($form_id) {
case 1:
$fields[$row['field_id']]['is_member'] = $row['is_member'];
break;
case 2:
$fields[$row['field_id']]['is_anon'] = $row['is_anon'];
// resumes can have anonymous fiields
$fields[$row['field_id']]['is_blocked'] = $row['is_blocked'];
$fields[$row['field_id']]['is_member'] = $row['is_member'];
break;
case 3:
$fields[$row['field_id']]['is_member'] = $row['is_member'];
break;
case 4:
break;
case 5:
break;
default:
break;
}
}
JBPLUG_do_callback('schema_get_fields', $fields, $form_id, $result_type);
return $fields;
}示例6: JB_seed_mod_rewrite_for_categories
function JB_seed_mod_rewrite_for_categories()
{
$sql = "SELECT * FROM `categories` WHERE `categories`.`form_id`=1 ";
$result = jb_mysql_query($sql);
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
if (!trim($row['seo_fname'])) {
$fname = JB_utf8_to_html(urldecode(jb_format_url_string($row['category_name'])));
$i = 0;
$postfix = '';
$sql = "SELECT category_id FROM `categories` WHERE `seo_fname` = '" . jb_escape_sql($fname . $postfix . '.html') . "' ";
$result2 = jb_mysql_query($sql);
while (mysql_num_rows($result2) > 0) {
$i++;
$postfix = '-' . $i;
$sql = "SELECT category_id FROM `categories` WHERE `seo_fname` = '" . jb_escape_sql($fname . $postfix . '.html') . "' ";
$result2 = jb_mysql_query($sql);
}
$fname .= $postfix . '.html';
$sql = "update `categories` set `seo_fname`='" . jb_escape_sql($fname) . "' where category_id='" . $row['category_id'] . "' ";
jb_mysql_query($sql);
}
}
}示例7: JB_load_help
function JB_load_help($type)
{
if ($type != 'E' && $type != 'U') {
return false;
}
$data = array();
$sql = "SELECT * FROM `help_pages` where `help_type` = '{$type}' AND `help_lang`='" . jb_escape_sql($_SESSION['LANG']) . "' ";
$result = @JB_mysql_query($sql) or $DB_ERROR = mysql_error();
$row = @mysql_fetch_array($result, MYSQL_ASSOC);
$data['title'] = $row['help_title'];
$data['message'] = $row['help_message'];
$data['updated'] = $row['help_date_updated'];
/*$sql = "SELECT * FROM `jb_variables` where `key` = 'HELP_$type"."_DISPLAY' ";
$result = @JB_mysql_query($sql) or $DB_ERROR = mysql_error();
$row = @mysql_fetch_array($result, MYSQL_ASSOC);
$data['display']=$row['val'];
*/
if ($data['message'] == '') {
$data['message'] = jb_extract_old_help_file($type);
global $label;
$data['title'] = $label['c_help_heading'];
}
return $data;
}示例8: JBXM_display_xml_feed_form
$JBMarkup->error_msg("Cannot save the feed due to the following errors:");
echo $error;
JBXM_display_xml_feed_form();
} else {
JBXM_save_xml_feed_input();
$JBMarkup->ok_msg('Changes Saved.');
}
}
if ($_REQUEST['clear'] != '') {
$cache_dir = JB_get_cache_dir();
$filename = $cache_dir . 'feed_' . md5($_REQUEST['clear'] . $_REQUEST['feed_key']) . ".xml";
@unlink($filename);
$JBMarkup->ok_msg('Cache Cleared.');
}
if ($_REQUEST['delfeed'] != '') {
$sql = "DELETE FROM xml_export_feeds WHERE feed_id='" . jb_escape_sql($_REQUEST['feed_id']) . "' ";
JB_mysql_query($sql) or die(mysql_error());
$JBMarkup->ok_msg('Feed Deleted.');
}
if ($_REQUEST['new'] == 'yes') {
if ($_REQUEST['schema_id'] == '') {
echo '<p>';
echo 'Please select what type of feed you would like to create (Schema):<br>';
?>
<form method='post' action="<?php
echo htmlentities($_SERVER['PHP_SELF']);
?>
">
<input type="hidden" name='new' value='yes'>
<select name='schema_id'>
<option value=''>[Select]</option>示例9: JB_validate_field_form
$error = JB_validate_field_form();
if ($error == '') {
$id = JB_save_field($error, $NEW_FIELD);
JB_format_field_translation_table(4);
JB_cache_del_keys_for_form(4);
$JBMarkup->ok_msg('Changes Saved.');
$NEW_FIELD = "NO";
$_REQUEST['field_id'] = $id;
} else {
$JBMarkup->error_msg('<b>ERROR!</b>');
echo $error;
}
}
if ($_REQUEST['delete'] != '') {
echo "Deleting...";
$sql = "SELECT * FROM form_fields WHERE form_id=4 and field_id='" . jb_escape_sql($_REQUEST['field_id']) . "'";
$result = JB_mysql_query($sql);
$row = mysql_fetch_array($result, MYSQL_ASSOC) or die(mysql_error());
if (JB_is_reserved_template_tag($row['template_tag'])) {
$JBMarkup->error_msg("<b>Cannot Delete:</b> This field contains a reserved 'Template Tag' and is needed by the system. Click on the 'R' icon next to the field for more information. Instead of deleting, please rename this field / change the type / move up or down. ");
} else {
echo "Deleting...";
JB_cache_del_keys_for_form(4);
JB_delete_field($_REQUEST['field_id']);
echo "OK!";
$_REQUEST['field_id'] = "";
}
}
if (JB_is_table_unsaved("employers")) {
require dirname(__FILE__) . '/build_employers_table.php';
JB_cache_del_keys_for_form(4);示例10: htmlentities
<input type="button" value="Send Emails" onClick="window.location='<?php
echo htmlentities($_SERVER['PHP_SELF']);
?>
?action=send&letter_id=<?php
echo $row['letter_id'];
?>
'">
<?php
}
// end if action
if ($action == "edit" || $action == "new" && $unsent_newsletters == 0) {
if ($action == 'edit') {
echo "Note: Editing a mailing list will not reset the recipient list.";
}
if ($_REQUEST['letter_id'] != '') {
$sql = "SELECT * from `newsletters` WHERE `letter_id`='" . jb_escape_sql($_REQUEST['letter_id']) . "' ";
$result = JB_mysql_query($sql) or die($sql . mysql_error());
$row = mysql_fetch_array($result, MYSQL_ASSOC);
$to = $row['to'];
$message = $row['message'];
$subject = $row['subject'];
} else {
$subject = stripslashes($subject);
$message = stripslashes($message);
}
?>
<h2>Newsletter Editor</h2>
<form method="post" action="<?php
echo htmlentities($_SERVER['PHP_SELF']);
?>示例11: dirname
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this file,
# You can obtain one at http://mozilla.org/MPL/2.0/.
###########################################################################
require '../config.php';
require_once '../include/skill_matrix_functions.php';
require_once dirname(__FILE__) . "/admin_common.php";
JB_admin_header('Admin -> Build Matrix');
?>
<form method="post">
<?php
if ($_REQUEST['submit'] != '') {
$sql = "REPLACE INTO skill_matrix (matrix_id, field_id, row_count) VALUES ('" . jb_escape_sql($_REQUEST['field_id']) . "', '" . jb_escape_sql($_REQUEST['field_id']) . "', '" . jb_escape_sql($_REQUEST['row_count']) . "') ";
JB_mysql_query($sql) or die(mysql_error());
}
$sql = "Select * from skill_matrix WHERE field_id='" . jb_escape_sql($_REQUEST['field_id']) . "' ";
$result = JB_mysql_query($sql) or die(mysql_error());
$row = mysql_fetch_array($result, MYSQL_ASSOC);
?>
<b>Number of rows:</b> <input type="text" size="3" name="row_count" value="<?php
echo $row['row_count'];
?>
">
<input type="hidden" name="matrix_id" value="<?php
echo jb_escape_html($row['matrix_id']);
?>
">
<input type="hidden" name="field_id" value="<?php
echo jb_escape_html($_REQUEST['field_id']);
?>示例12: JB_process_login
###########################################################################
# Copyright Jamit Software 2012, http://www.jamit.com
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this file,
# You can obtain one at http://mozilla.org/MPL/2.0/.
###########################################################################
require "../config.php";
include 'login_functions.php';
JB_process_login();
JBPLUG_do_callback('emp_logout', $A = false);
$now = gmdate("Y-m-d H:i:s");
$sql = "UPDATE `employers` SET `logout_date`='{$now}' WHERE `Username`='" . jb_escape_sql($_SESSION['JB_Username']) . "'";
//echo $sql;
JB_mysql_query($sql);
// clear the session table
$sql = "DELETE FROM `jb_sessions` WHERE session_id='" . jb_escape_sql(session_id()) . "' ";
JB_mysql_query($sql) or die($sql . mysql_error());
unset($_SESSION['JB_ID']);
unset($_SESSION['JB_Domain']);
unset($_SESSION['JB_FirstName']);
unset($_SESSION['JB_LastName']);
unset($_SESSION['JB_Username']);
unset($_SESSION['Rank']);
unset($_SESSION['JB_Base']);
$page_title = JB_SITE_NAME;
JB_template_employers_outside_header($page_title);
?>
<h3 style="text-align: center;"><?php
echo $label['employer_logout_ok'];
?>
</h3> 示例13: JB_is_privileged_user
function JB_is_privileged_user($employer_id, $type)
{
$row = false;
if (JB_SUBSCRIPTION_FEE_ENABLED == 'YES') {
// check subscription quotas
$row = jb_get_active_subscription_invoice($employer_id);
// This user is subscribed
// Therefore cannot be privileged... return false
if ($row) {
return false;
}
}
$sql = "SELECT * FROM `employers` WHERE ID='" . jb_escape_sql($employer_id) . "'";
$result = JB_mysql_query($sql) or die(mysql_error());
$row = mysql_fetch_array($result, MYSQL_ASSOC);
if ($type == 'resume') {
if ($row['subscription_can_view_resume'] == 'Y') {
// subscribed to view resumes posts
$PRIVILEGED = true;
}
} elseif ($type == 'premium') {
// premium
if ($row['subscription_can_premium_post'] == 'Y') {
// subscribed to view resumes posts
$PRIVILEGED = true;
}
} elseif (JB_POSTING_FEE_ENABLED == 'YES') {
// standard posts
if ($row['subscription_can_post'] == 'Y') {
// subscribed to view resumes posts
$PRIVILEGED = true;
}
}
return $PRIVILEGED;
}示例14: JB_do_upgrade
//.........这里部分代码省略.........
JB_mysql_query($sql) or die($sql . mysql_error());
}
// change post_id to be auto-increment
$sql = " ALTER TABLE `profiles_table` CHANGE `profile_id` `profile_id` INT( 11 ) NOT NULL AUTO_INCREMENT ";
if ($flag) {
JB_mysql_query($sql) or die($sql . mysql_error());
}
// fix template tag for the logo field in profiles_table
$sql = "UPDATE form_fields SET template_tag='IMAGE' WHERE field_id=66 AND template_tag = '' ";
if ($flag) {
JB_mysql_query($sql) or die($sql . mysql_error());
}
$upgrade_needed = true;
}
if (!does_field_exist('xml_export_feeds', 'include_imported')) {
$sql = "ALTER TABLE `xml_export_feeds` ADD `include_imported` SET( 'Y', 'N' ) NOT NULL default 'N'";
if ($flag) {
JB_mysql_query($sql) or die($sql . mysql_error());
}
$upgrade_needed = true;
}
if (!does_field_exist("saved_resumes", "resume_id")) {
$sql = "CREATE TABLE `saved_resumes` (\n\t\t\t\t `resume_id` int(11) NOT NULL default '0',\n\t\t\t\t `user_id` int(11) NOT NULL default '0',\n\t\t\t\t `save_date` datetime NOT NULL default '0000-00-00 00:00:00',\n\t\t\t\t PRIMARY KEY (`resume_id`,`user_id`),\n\t\t\t\t KEY `composite` (`user_id`,`save_date`)\n\t\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=latin1;";
if ($flag) {
JB_mysql_query($sql) or die($sql . mysql_error());
}
$upgrade_needed = true;
}
if (1 == 1) {
// check to make sure that all form fields have a template_tag, if not generate one
$sql = "SELECT * FROM `form_fields` ";
$result = mysql_query($sql);
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
if ($row['field_type'] == 'BLANK' || $row['field_type'] == 'SEPERATOR' || $row['field_type'] == 'NOTE') {
continue;
}
if (trim($row['template_tag'] == '')) {
// create a new name for it
$template_tag = strtoupper(preg_replace('/[^a-z^0-9]+/i', '_', $row['field_label']));
$template_tag = preg_replace('/_$/', '', $template_tag);
$template_tag = preg_replace('/$_/', '', $template_tag);
$base_template_tag = $template_tag;
// check to see if it exists?
$i = 1;
do {
$sql = "SELECT * FROM `form_fields` WHERE `form_id`='" . jb_escape_sql($row['form_id']) . "' AND `template_tag`='" . jb_escape_sql($template_tag) . "' ";
$result2 = mysql_query($sql);
if (mysql_num_rows($result2) == 0) {
$sql = "UPDATE `form_fields` SET `template_tag`='" . jb_escape_sql($template_tag) . "' WHERE `field_id`='" . jb_escape_sql($row['field_id']) . "' ";
jb_mysql_query($sql);
//echo "$sql<br>";
break;
} else {
$i++;
$template_tag = $base_template_tag . $i;
if ($i > 10) {
break;
}
}
} while (0);
}
}
}
/*
MySQL 5 only.
// convert categories to UTF-8
$sql = "ALTER TABLE `categories` CHANGE `category_name` `category_name` VARCHAR( 255 ) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL";
JB_mysql_query($sql);
// now convert data:
$sql = "SELECT category_name, category_id FROM categories ";
$result = JB_mysql_query($sql);
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
$sql = "UPDATE categories SET category_name = '".jb_escape_sql(addslashes(JB_html_ent_to_utf8($row['category_name'])))."' WHERE category_id='".$row['category_id']."' ";
JB_mysql_query($sql);
}
$sql = "ALTER TABLE `cat_name_translations` CHANGE `category_name` `category_name` TEXT CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL ";
JB_mysql_query($sql);
// now convert data:
$sql = "SELECT category_name, category_id FROM cat_name_translations ";
$result = JB_mysql_query($sql);
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
$sql = "UPDATE categories SET category_name = '".jb_escape_sql(addslashes(JB_html_ent_to_utf8($row['category_name'])))."' WHERE category_id='".$row['category_id']."' ";
JB_mysql_query($sql);
}
*/
// THIS CODE BLOCK SHOULD ALWAYS BE AT THE END
// Update the cache
if ($flag && does_field_exist("categories", "seo_fname")) {
JB_cache_flush();
}
if ($upgrade_needed == false && defined('JB_VERSION')) {
$sql = "REPLACE INTO `jb_variables` VALUES ('JB_VERSION', '" . JB_VERSION . "')";
JB_mysql_query($sql);
$JBMarkup->ok_msg('- Job Board version changed to ' . JB_VERSION . '. Please log out form Admin and log in again for the version number to change.');
}
}
return $upgrade_needed;
}示例15: jb_escape_sql
$from_date = "CONVERT_TZ('".$_REQUEST['from_year']."-".$_REQUEST['from_month']."-".$_REQUEST['from_day']." 00:00:00', '".$plus.JB_GMT_DIF.":00', '+00:00')" ;
$to_date = "CONVERT_TZ('".$_REQUEST['to_year']."-".$_REQUEST['to_month']."-".$_REQUEST['to_day']." 23:59:59', '".$plus.JB_GMT_DIF.":00', '+00:00')" ;
*/
$where_date = "WHERE (invoice_date >= {$from_date} AND invoice_date <= {$to_date} ) ";
if ($_REQUEST['status'] != '' && $_REQUEST['status'] != 'all') {
$where_status = " AND status='" . $_REQUEST['status'] . "' ";
}
if ($_REQUEST['search_it'] != '') {
$sql = "select ID from employers WHERE Username ='" . jb_escape_sql($_REQUEST['search_str']) . "' ";
$result = JB_mysql_query($sql);
if (mysql_num_rows($result) > 0) {
$row = mysql_fetch_array($result, MYSQL_ASSOC);
$sql = "select * FROM package_invoices WHERE employer_id='" . jb_escape_sql($row['ID']) . "' ORDER BY invoice_date DESC";
} else {
$_REQUEST['search_str'] = preg_replace('/[^0-9]/', '', $_REQUEST['search_str']);
$sql = "select * FROM package_invoices WHERE invoice_id='" . jb_escape_sql($_REQUEST['search_str']) . "' ORDER BY invoice_date DESC";
}
} else {
$sql = "select * FROM package_invoices {$where_date} {$where_status} ORDER BY invoice_date DESC";
}
$result = JB_mysql_query($sql) or die(mysql_error());
if (mysql_num_rows($result) > 0) {
?>
<table cellSpacing="1" cellPadding="3" style="margin: 0 auto; background-color: #d9d9d9; width:100%; border:0px" >
<tr bgColor="#eaeaea">
<td><b><font face="Arial" size="2">Order Date</font></b></td>
<td><b><font face="Arial" size="2">Order ID</font></b></td>
<td><b><font face="Arial" size="2">Client Name</font></b></td>
<td><b><font face="Arial" size="2">Item Name</font></b></td>