本文整理汇总了PHP中makeSafe函数的典型用法代码示例。如果您正苦于以下问题:PHP makeSafe函数的具体用法?PHP makeSafe怎么用?PHP makeSafe使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了makeSafe函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: getLink
function getLink($table = '', $linkField = '', $pk = '', $id = '', $path = '')
{
if (!$id || !$table || !$linkField || !$pk) {
// default link to return
exit;
}
if (preg_match('/^Lookup: (.*?)::(.*?)::(.*?)$/', $path, $m)) {
$linkID = makeSafe(sqlValue("select `{$linkField}` from `{$table}` where `{$pk}`='{$id}'"));
$link = sqlValue("select `{$m[3]}` from `{$m[1]}` where `{$m[2]}`='{$linkID}'");
} else {
$link = sqlValue("select `{$linkField}` from `{$table}` where `{$pk}`='{$id}'");
}
if (!$link) {
exit;
}
if (preg_match('/^(http|ftp)/i', $link)) {
// if the link points to an external url, don't prepend path
$path = '';
} elseif (!is_file(dirname(__FILE__) . "/{$path}{$link}")) {
// if the file doesn't exist in the given path, try to find it without the path
$path = '';
}
@header("Location: {$path}{$link}");
exit;
}示例2: forceDownload
/**
* Return file as response
* @param $filePath path of file to return
* @param $fileName name of file to return
*/
function forceDownload($filePath, $fileName)
{
header("Cache-Control: private");
header("Content-Description: File Transfer");
header("Content-Disposition: attachment; filename=" . makeSafe(transliterate($fileName)));
header("Content-Type: audio/mpeg");
header("Content-length: " . filesize($filePath));
readfile($filePath);
}示例3: delete_file
/**
* Deletes a file
* @param string The relative folder path to the file
*/
function delete_file($listdir)
{
josSpoofCheck(null, null, 'get');
$delFile = makeSafe(mosGetParam($_REQUEST, 'delFile', ''));
$fullPath = COM_MEDIA_BASE . $listdir . DIRECTORY_SEPARATOR . stripslashes($delFile);
if (file_exists($fullPath)) {
unlink($fullPath);
}
}示例4: hate
public function hate()
{
$deal_id = makeSafe($this->input->post('did'));
if ($this->session->userdata('id_user') != "") {
$retData = $this->deal_model->hate($deal_id);
} else {
$retData = array('DEAL_ID' => $deal_id, 'STAT' => false, 'MSG' => 'Login to avail this faility');
}
echo json_encode($retData);
}示例5: login
public function login()
{
$data['msg'] = "";
$user_name = makeSafe($this->input->post('email'));
$user_pass = makeSafe($this->input->post('pass'));
if ($this->user_model->check_user($user_name, $user_pass)) {
echo 1;
} else {
echo 0;
}
}示例6: post_comment
public function post_comment()
{
$data = array('DEAL_ID' => makeSafe($this->input->post('did')), 'USER_ID' => $this->session->userdata('id_user'), 'COMMENT' => makeSafe($this->input->post('cmt')), 'IP' => $this->input->ip_address());
$this->db->insert('deal_comments', $data);
$dataR['comment_id'] = $this->db->insert_id();
$dataR['comment'] = makeSafe($this->input->post('cmt'));
$dataR['user_image'] = $this->session->userdata('user_image_url');
$dataR['full_name'] = $this->session->userdata('full_name');
$dataR['time'] = "Just Now";
return json_encode($dataR);
}示例7: smtp_mail
/**
* This hook function is called when send mail.
* @param $mail_info
* An array contains mail information : to,cc,bcc,subject,message
**/
function smtp_mail($mail_info)
{
/* include phpmailer library */
require dirname(__FILE__) . "/phpmailer/class.phpmailer.php";
require dirname(__FILE__) . "/phpmailer/class.smtp.php";
/* create mail_log table if it doesn't exist */
$database_tabels = str_split(sqlValue("SHOW TABLES"));
$exist = in_array('mail_log', $database_tabels) ? True : False;
if (!$exist) {
$sql = "CREATE TABLE IF NOT EXISTS `mail_log` (\r\n\t\t\t\t\t`mail_id` int(15) NOT NULL AUTO_INCREMENT,\r\n\t\t\t\t\t`to` varchar(225) NOT NULL,\r\n\t\t\t\t\t`cc` varchar(225) NOT NULL,\r\n\t\t\t\t\t`bcc` varchar(225) NOT NULL,\r\n\t\t\t\t\t`subject` varchar(225) NOT NULL,\r\n\t\t\t\t\t`body` text NOT NULL,\r\n\t\t\t\t\t`senttime` int(15) NOT NULL,\r\n\t\t\t\t\tPRIMARY KEY (`mail_id`)\r\n\t\t\t\t ) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;\r\n\t\t\t\t ";
sql($sql, $eo);
}
/* SMTP configuration*/
$mail = new PHPMailer();
$mail->isSMTP();
// telling the class to use SMTP
$mail->SMTPAuth = true;
// Enable SMTP authentication
$mail->isHTML(true);
// Set email format to HTML
$mail->SMTPDebug = 0;
// Enable verbose debug output
$mail->Username = SMTP_USER;
// SMTP username
$mail->Password = SMTP_PASSWORD;
// SMTP password
$mail->SMTPSecure = SMTP_SECURE;
// Enable TLS encryption, `ssl` also accepted
$mail->Port = SMTP_PORT;
// TCP port to connect to
$mail->FromName = SMTP_FROM_NAME;
$mail->From = SMTP_FROM;
$mail->Host = SMTP_SERVER;
// SMTP server
$mail->setFrom(SMTP_FROM, SMTP_FROM_NAME);
/* send to */
$mail->addAddress($mail_info['to']);
$mail->addCC($mail_info['cc']);
$mail->addBCC(SMTP_BCC);
$mail->Subject = $mail_info['subject'];
$mail->Body = $mail_info['message'];
if (!$mail->send()) {
return FALSE;
}
/* protect against malicious SQL injection attacks */
$to = makeSafe($mail_info['to']);
$cc = makeSafe($mail_info['cc']);
$bcc = makeSafe(SMTP_BCC);
$subject = makeSafe($mail_info['subject']);
$message = makeSafe($mail_info['message']);
sql("INSERT INTO `mail_log` (`to`,`cc`,`bcc`,`subject`,`body`,`senttime`) VALUES ('{$to}','{$cc}','{$bcc}','{$subject}','{$message}',unix_timestamp(NOW()))", $eo);
return TRUE;
}示例8: TB_ContactForm
/** Contact Form **/
function TB_ContactForm($emailTo, $emailCC = FALSE, $sentHeading = 'Your message has been successfully submitted..', $sentMessage = 'We will get back to you asap.')
{
if (isset($_POST['contact_submit'])) {
$error = "";
$fullname = makeSafe($_POST['fullname']);
$email = makeSafe($_POST['email']);
$phone = makeSafe($_POST['phone']);
$message = makesafe($_POST['message']);
$subject = "Enquiry from Canareef Resort Maldives";
$from_name = "Canareef";
$from_email = "reservations@canareef.com";
if (empty($fullname)) {
$error['fullname'] = "Your Name";
}
if (empty($email) || !isValidEmail($email)) {
$error['email'] = "Your Email";
}
if (empty($message)) {
$error['message'] = "Your Message";
}
if (!empty($_POST['antispam'])) {
echo '<p>We don’t appreciate spam.</p>';
} elseif (!empty($error)) {
TB_DisplayForm($error);
} else {
$content = __('Name') . ' : ' . $fullname . "\n" . __('Email') . ' : ' . $email . "\n" . __('Phone Number') . ' : ' . $phone . "\n" . __('Message') . " : \n" . $message . "\n\n";
$headers = 'From: =?UTF-8?B?' . base64_encode($fullname) . '?= <' . $email . '>' . "\r\n";
// $headers = 'From: =?UTF-8?B?'.base64_encode($from_name).'?= <'.$from_email.'>'."\r\n";
$emailBCC = '';
if ($emailCC) {
$headers .= 'CC: ' . $emailCC . "\r\n";
}
if ($emailBCC != '') {
$headers .= 'BCC: ' . $emailBCC . "\r\n";
}
$headers .= 'Reply-To: ' . $email . "\r\n";
$headers .= 'Content-type: text/plain; charset=UTF-8';
if (mail($emailTo, $subject, $content, $headers)) {
echo '<a id="contact-status" name="status"></a>' . "\n";
echo '<p class="tbSuccess">' . __($sentHeading) . ' ' . __($sentMessage) . '</p>' . "\n";
$fullname = "";
$email = "";
$phone = "";
$message = "";
} else {
$error['sendemail'] = "Email could not be sent.";
}
TB_DisplayForm($error);
}
} else {
TB_DisplayForm();
}
}示例9: activate
public function activate()
{
$user_id = $this->input->post('actid');
$act_code = makeSafe($this->input->post('user_input'));
$sql = "Select * FROM user_details where md5(USER_ID)='" . makeSafe($user_id) . "' and ACT_CODE='" . $act_code . "'";
$query = $this->db->query($sql);
if ($query->num_rows() > 0) {
$sql = "UPDATE user_details set ACTIVATED='Y' where md5(USER_ID)='" . makeSafe($user_id) . "' and ACT_CODE='" . $act_code . "'";
$query = $this->db->query($sql);
echo "Your account has been activated,Login to your account and post Deals ";
} else {
return "Invalid Activation COde";
}
}示例10: TB_ContactForm
/** Contact Form **/
function TB_ContactForm($emailTo, $emailCC = FALSE, $sentHeading = 'Your message was sent successfully.', $sentMessage = 'We will get back to you soon.')
{
if (isset($_POST['contact_submit'])) {
$error = "";
$fullname = makeSafe($_POST['fullname']);
$email = makeSafe($_POST['email']);
$phone = makeSafe($_POST['phone']);
$message = makesafe($_POST['message']);
$subject = "Enquiry from Estadia by Hatten";
if (empty($fullname)) {
$error['fullname'] = "Your name";
}
if (empty($email) || !isValidEmail($email)) {
$error['email'] = "Email Address";
}
if (empty($message)) {
$error['message'] = "General Enquiry";
}
if (!empty($_POST['antispam'])) {
echo '<p>We don’t appreciate spam.</p>';
} elseif (!empty($error)) {
TB_DisplayForm($error);
} else {
$content = __('Name') . ' : ' . $fullname . "\n\n" . __('Email Address') . ' : ' . $email . "\n\n" . __('Contact No.') . ' : ' . $phone . "\n\n" . __('General Enquiry') . " : \n\n" . $message . "\n\n";
$headers = 'From: =?UTF-8?B?' . base64_encode($fullname) . '?= <' . $email . '>' . "\r\n";
$emailBCC = '';
if ($emailCC) {
$headers .= 'CC: ' . $emailCC . "\r\n";
}
if ($emailBCC != '') {
$headers .= 'BCC: ' . $emailBCC . "\r\n";
}
$headers .= 'Reply-To: ' . $email . "\r\n";
$headers .= 'Content-type: text/plain; charset=UTF-8';
if (mail($emailTo, $subject, $content, $headers)) {
echo '<a id="contact-status" name="status"></a>' . "\n";
echo '<p class="tbSuccess">' . __($sentHeading) . ' ' . __($sentMessage) . '</p>' . "\n";
} else {
$error['sendemail'] = "Email could not be sent.";
}
TB_DisplayForm($error);
}
} else {
TB_DisplayForm();
}
}示例11: dirname
<?php
$d = dirname(__FILE__);
require "{$d}/incCommon.php";
include "{$d}/incHeader.php";
// process search
$memberID = makeSafe(strtolower($_GET['memberID']));
$groupID = intval($_GET['groupID']);
$tableName = makeSafe($_GET['tableName']);
// process sort
$sortDir = $_GET['sortDir'] ? 'desc' : '';
$sort = makeSafe($_GET['sort']);
if ($sort != 'dateAdded' && $sort != 'dateUpdated') {
// default sort is newly created first
$sort = 'dateAdded';
$sortDir = 'desc';
}
if ($sort) {
$sortClause = "order by {$sort} {$sortDir}";
}
if ($memberID != '') {
$where .= ($where ? " and " : "") . "r.memberID like '{$memberID}%'";
}
if ($groupID != '') {
$where .= ($where ? " and " : "") . "g.groupID='{$groupID}'";
}
if ($tableName != '') {
$where .= ($where ? " and " : "") . "r.tableName='{$tableName}'";
}
if ($where) {
$where = "where {$where}";示例12: preg_replace
$permissionsJoin = $permissionsWhere ? ", `membership_userrecords`" : '';
// build the count query
$forcedWhere = $userPCConfig[$ChildTable][$ChildLookupField]['forced-where'];
$query = preg_replace('/^select .* from /i', 'SELECT count(1) FROM ', $userPCConfig[$ChildTable][$ChildLookupField]['query']) . $permissionsJoin . " WHERE " . ($permissionsWhere ? "( {$permissionsWhere} )" : "( 1=1 )") . " AND " . ($forcedWhere ? "( {$forcedWhere} )" : "( 2=2 )") . " AND " . "`{$ChildTable}`.`{$ChildLookupField}`='" . makeSafe($SelectedID) . "'";
$totalMatches = sqlValue($query);
// make sure $Page is <= max pages
$maxPage = ceil($totalMatches / $userPCConfig[$ChildTable][$ChildLookupField]['records-per-page']);
if ($Page > $maxPage) {
$Page = $maxPage;
}
// initiate output data array
$data = array('config' => $userPCConfig[$ChildTable][$ChildLookupField], 'parameters' => array('ChildTable' => $ChildTable, 'ChildLookupField' => $ChildLookupField, 'SelectedID' => $SelectedID, 'Page' => $Page, 'SortBy' => $SortBy, 'SortDirection' => $SortDirection, 'Operation' => 'get-records'), 'records' => array(), 'totalMatches' => $totalMatches);
// build the data query
if ($totalMatches) {
// if we have at least one record, proceed with fetching data
$startRecord = $userPCConfig[$ChildTable][$ChildLookupField]['records-per-page'] * ($Page - 1);
$data['query'] = $userPCConfig[$ChildTable][$ChildLookupField]['query'] . $permissionsJoin . " WHERE " . ($permissionsWhere ? "( {$permissionsWhere} )" : "( 1=1 )") . " AND " . ($forcedWhere ? "( {$forcedWhere} )" : "( 2=2 )") . " AND " . "`{$ChildTable}`.`{$ChildLookupField}`='" . makeSafe($SelectedID) . "'" . ($SortBy !== false && $userPCConfig[$ChildTable][$ChildLookupField]['sortable-fields'][$SortBy] ? " ORDER BY {$userPCConfig[$ChildTable][$ChildLookupField]['sortable-fields'][$SortBy]} {$SortDirection}" : '') . " LIMIT {$startRecord}, {$userPCConfig[$ChildTable][$ChildLookupField]['records-per-page']}";
$res = sql($data['query'], $eo);
while ($row = db_fetch_row($res)) {
$data['records'][$row[$userPCConfig[$ChildTable][$ChildLookupField]['child-primary-key-index']]] = $row;
}
} else {
// if no matching records
$startRecord = 0;
}
$response = loadView($userPCConfig[$ChildTable][$ChildLookupField]['template'], $data);
// change name space to ensure uniqueness
$uniqueNameSpace = $ChildTable . ucfirst($ChildLookupField) . 'GetRecords';
echo str_replace("{$ChildTable}GetChildrenRecordsList", $uniqueNameSpace, $response);
/************************************************/
}示例13: getValueGivenCaption
function getValueGivenCaption($query, $caption)
{
if (!preg_match('/select\\s+(.*?)\\s*,\\s*(.*?)\\s+from\\s+(.*?)\\s+order by.*/i', $query, $m)) {
if (!preg_match('/select\\s+(.*?)\\s*,\\s*(.*?)\\s+from\\s+(.*)/i', $query, $m)) {
return '';
}
}
// get where clause if present
if (preg_match('/\\s+from\\s+(.*?)\\s+where\\s+(.*?)\\s+order by.*/i', $query, $mw)) {
$where = "where ({$mw['2']}) AND";
$m[3] = $mw[1];
} else {
$where = 'where';
}
$caption = makeSafe($caption);
return sqlValue("SELECT {$m['1']} FROM {$m['3']} {$where} {$m['2']}='{$caption}'");
}示例14: dirname
<?php
$currDir = dirname(__FILE__);
require "{$currDir}/incCommon.php";
include "{$currDir}/incHeader.php";
if ($_GET['searchGroups'] != "") {
$searchSQL = makeSafe($_GET['searchGroups']);
$searchHTML = htmlspecialchars($_GET['searchGroups']);
$where = "where name like '%{$searchSQL}%' or description like '%{$searchSQL}%'";
} else {
$searchSQL = '';
$searchHTML = '';
$where = "";
}
$numGroups = sqlValue("select count(1) from membership_groups {$where}");
if (!$numGroups && $searchSQL != '') {
echo "<div class=\"status\">{$Translation['no matching results found']}</div>";
$noResults = true;
$page = 1;
} else {
$noResults = false;
}
$page = intval($_GET['page']);
if ($page < 1) {
$page = 1;
} elseif ($page > ceil($numGroups / $adminConfig['groupsPerPage']) && !$noResults) {
redirect("admin/pageViewGroups.php?page=" . ceil($numGroups / $adminConfig['groupsPerPage']));
}
$start = ($page - 1) * $adminConfig['groupsPerPage'];
?>
<div class="page-header"><h1><?php 示例15: categories_form
function categories_form($selected_id = '', $AllowUpdate = 1, $AllowInsert = 1, $AllowDelete = 1, $ShowCancel = 0)
{
// function to return an editable form for a table records
// and fill it with data of record whose ID is $selected_id. If $selected_id
// is empty, an empty form is shown, with only an 'Add New'
// button displayed.
global $Translation;
// mm: get table permissions
$arrPerm = getTablePermissions('categories');
if (!$arrPerm[1] && $selected_id == '') {
return '';
}
$AllowInsert = $arrPerm[1] ? true : false;
// print preview?
$dvprint = false;
if ($selected_id && $_REQUEST['dvprint_x'] != '') {
$dvprint = true;
}
// populate filterers, starting from children to grand-parents
// unique random identifier
$rnd1 = $dvprint ? rand(1000000, 9999999) : '';
if ($selected_id) {
// mm: check member permissions
if (!$arrPerm[2]) {
return "";
}
// mm: who is the owner?
$ownerGroupID = sqlValue("select groupID from membership_userrecords where tableName='categories' and pkValue='" . makeSafe($selected_id) . "'");
$ownerMemberID = sqlValue("select lcase(memberID) from membership_userrecords where tableName='categories' and pkValue='" . makeSafe($selected_id) . "'");
if ($arrPerm[2] == 1 && getLoggedMemberID() != $ownerMemberID) {
return "";
}
if ($arrPerm[2] == 2 && getLoggedGroupID() != $ownerGroupID) {
return "";
}
// can edit?
if ($arrPerm[3] == 1 && $ownerMemberID == getLoggedMemberID() || $arrPerm[3] == 2 && $ownerGroupID == getLoggedGroupID() || $arrPerm[3] == 3) {
$AllowUpdate = 1;
} else {
$AllowUpdate = 0;
}
$res = sql("select * from `categories` where `CategoryID`='" . makeSafe($selected_id) . "'", $eo);
if (!($row = db_fetch_array($res))) {
return error_message($Translation['No records found']);
}
$urow = $row;
/* unsanitized data */
$hc = new CI_Input();
$row = $hc->xss_clean($row);
/* sanitize data */
} else {
}
ob_start();
?>
<script>
// initial lookup values
jQuery(function() {
});
</script>
<?php
$lookups = str_replace('__RAND__', $rnd1, ob_get_contents());
ob_end_clean();
// code for template based detail view forms
// open the detail view template
if ($dvprint) {
$templateCode = @file_get_contents('./templates/categories_templateDVP.html');
} else {
$templateCode = @file_get_contents('./templates/categories_templateDV.html');
}
// process form title
$templateCode = str_replace('<%%DETAIL_VIEW_TITLE%%>', 'Add/Edit Product Categories', $templateCode);
$templateCode = str_replace('<%%RND1%%>', $rnd1, $templateCode);
$templateCode = str_replace('<%%EMBEDDED%%>', $_REQUEST['Embedded'] ? 'Embedded=1' : '', $templateCode);
// process buttons
if ($arrPerm[1] && !$selected_id) {
// allow insert and no record selected?
if (!$selected_id) {
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-success" id="insert" name="insert_x" value="1" onclick="return categories_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save New'] . '</button>', $templateCode);
}
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="insert" name="insert_x" value="1" onclick="return categories_validateData();"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Save As Copy'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%INSERT_BUTTON%%>', '', $templateCode);
}
// 'Back' button action
if ($_REQUEST['Embedded']) {
$backAction = 'window.parent.jQuery(\'.modal\').modal(\'hide\'); return false;';
} else {
$backAction = '$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;';
}
if ($selected_id) {
if (!$_REQUEST['Embedded']) {
$templateCode = str_replace('<%%DVPRINT_BUTTON%%>', '<button type="submit" class="btn btn-default" id="dvprint" name="dvprint_x" value="1" onclick="$$(\'form\')[0].writeAttribute(\'novalidate\', \'novalidate\'); document.myform.reset(); return true;"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>', $templateCode);
}
if ($AllowUpdate) {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '<button type="submit" class="btn btn-success btn-lg" id="update" name="update_x" value="1" onclick="return categories_validateData();"><i class="glyphicon glyphicon-ok"></i> ' . $Translation['Save Changes'] . '</button>', $templateCode);
} else {
$templateCode = str_replace('<%%UPDATE_BUTTON%%>', '', $templateCode);
}
//.........这里部分代码省略.........