本文整理汇总了PHP中mysql_real_escape_string函数的典型用法代码示例。如果您正苦于以下问题:PHP mysql_real_escape_string函数的具体用法?PHP mysql_real_escape_string怎么用?PHP mysql_real_escape_string使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了mysql_real_escape_string函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: dbkit_run_query_with_array
function dbkit_run_query_with_array($sql, $args)
{
foreach ($args as &$arg) {
if (is_array($arg)) {
if (count($arg) == 0) {
$arg = array(-1);
}
$parts = array();
foreach ($arg as $part) {
$parts[] = "'" . mysql_real_escape_string("{$part}") . "'";
}
$arg = "(" . implode(",", $parts) . ")";
} else {
$arg = "'" . mysql_real_escape_string("{$arg}") . "'";
}
}
$sql = str_replace("?", "%s", $sql);
array_unshift($args, $sql);
$sql = call_user_func_array('sprintf', $args);
dbkit_log_query($sql);
$res = mysql_query($sql);
if (!$res) {
die("database query failed: " . mysql_error());
}
return $res;
}示例2: query_operon_gene_percentage
function query_operon_gene_percentage($species_id)
{
$spe = array();
$spe['name'] = '';
$spe['ncs'] = array();
$spe['total_gene'] = 0;
$spe['in_operon'] = 0;
$species_id = mysql_real_escape_string($species_id);
$sql = "SELECT id, name FROM Species WHERE id={$species_id}";
$result = mysql_query($sql) or die("Invalid query: " . mysql_error());
$row = mysql_fetch_array($result);
$spe['name'] = $row['name'];
unset($result);
$sql = "SELECT id,NC_id,protein_gene_number,rna_gene_number,operon_number FROM NC WHERE species_id={$species_id}";
$result = mysql_query($sql) or die("Invalid query: " . mysql_error());
$n = mysql_num_rows($result);
for ($i = 0; $i < $n; $i++) {
$row = mysql_fetch_array($result);
$NC_id = $row['id'];
$row['total_gene_num'] = $row['protein_gene_number'] + $row['rna_gene_number'];
$sql2 = "SELECT sum(size) as total_genes FROM Operon WHERE size>=2 AND NC_id={$NC_id} ORDER BY id";
$result2 = mysql_query($sql2) or die("Invalid query: " . mysql_error());
$row2 = mysql_fetch_array($result2);
$row['gene_in_operon'] = $row2['total_genes'];
#$row['percent'] = round($row['gene_in_operon'] / $row['total_gene_num'],2);
array_push($spe['ncs'], $row);
$spe['total_gene'] += $row['total_gene_num'];
$spe['in_operon'] += $row['gene_in_operon'];
}
$spe['percent'] = round(100 * $spe['in_operon'] / $spe['total_gene'], 2);
return $spe;
}示例3: toRegularString
public static function toRegularString($string)
{
if (!is_string($string)) {
return null;
}
return mysql_real_escape_string($string);
}示例4: formatField
function formatField($input)
{
$input = strip_tags($input);
$input = str_replace(";", ":", $input);
$input = mysql_real_escape_string($input);
return trim($input);
}示例5: get_all_promo_events
function get_all_promo_events()
{
connect_and_select_db(DB_SERVER, DB_UN, DB_PWD, DB_NAME);
$startDate = mysql_real_escape_string($_POST['startDate']);
$endDate = mysql_real_escape_string($_POST['endDate']);
//Retrieve all events that occur during the time period including the outer bounds
if ($startDate == null || $startDate == "") {
$startDate = "0000-00-00";
}
if ($endDate == null || $endDate == "") {
$endDate = "9999-99-99";
}
//$startDate = str_replace("-", "", $startDate);
//$endDate = str_replace("-", "", $endDate);
$sql = "SELECT * FROM AdEvent WHERE " . "(StartDate >= '{$startDate}' " . "AND StartDate <= '{$endDate}') " . "OR (EndDate >= '{$startDate}' " . "AND EndDate <= '{$endDate}') " . "ORDER BY AdEvent.StartDate ASC;";
//$sql = "SELECT * FROM AdEvent ORDER BY AdEvent.StartDate ASC"; --older, incorrect version
$error_message = "Could not successfully run query ({$sql}) from DB: ";
$search_events_result = get_result_set_from_select_query($sql, $error_message);
//$result is non-empty. So count the rows
$numrows = mysql_num_rows($search_events_result);
//Create an appropriate message
$message = "";
if ($numrows == 0) {
$message = "No events found in database";
}
ui_show_events_retrieved($message, $search_events_result);
}示例6: index
public function index()
{
$email = "";
if ($this->post and !$this->csrf) {
global $site;
$site['flash']['error'] = "Invalid form submission";
} elseif ($this->post) {
$email = mysql_real_escape_string($_POST['email']);
$user = User::find("users.email = '{$email}' AND users.suspended = 0 AND users.activated = 1", null, false, 1);
if ($user) {
// Disable any active lost password requests
$lost_passwords = $user->get_lost_passwords();
if (count($lost_passwords) > 0) {
foreach ($lost_passwords as $lost_password) {
$lost_password->used = true;
$lost_password->save();
}
}
// Make a new lost password request
$lost_password = new LostPassword($user);
if ($lost_password->save()) {
Email::send_lost_password($lost_password);
Site::flash("notice", "Instructions on how to reset your password have been sent to {$user->email}");
Redirect("resetpassword");
} else {
$this->site['flash']['error'] = "Unable to send password reset instructions";
}
} else {
$this->site['flash']['error'] = "Unable to find a user with that email address";
}
}
$this->assign("email", $email);
$this->title = "Lost Password";
$this->render("lost_password/index.tpl");
}示例7: createForum
public function createForum($name, $category, $subcategory)
{
if (isset($this->authIdentity)) {
$insert_data = array('creator' => $this->authIdentity->userid, 'category' => $category, 'subcategory' => $subcategory, 'name' => mysql_real_escape_string($name), 'vote' => 'a:0:{}');
$forumid = $this->insert($insert_data);
}
}示例8: handleRegister
function handleRegister()
{
//showLog("handleLogin");
//
$ret = array('op' => 'register', 'msg' => 'Registration Successful', 'error_code' => '0');
$username = $_POST["username"];
$email = $_POST["email"];
$password = $_POST["password"];
$upass = md5(mysql_real_escape_string($_POST['password']));
$dao = new DAOuser();
// ensure that user with same email does not exist in database
$user = $dao->getByEmail($email);
// user already exists for give email
if ($user != NULL) {
$ret["error_code"] = "1";
$ret["msg"] = "Email '" . $email . "' already exists";
echo json_encode($ret);
return;
}
// ensure that user with same username does not exist in database
$user = $dao->getByUsername($username);
// user already exists for give username
if ($user != NULL) {
$ret["error_code"] = "1";
$ret["msg"] = "Username '" . $username . "' already exists";
echo json_encode($ret);
return;
}
$user = new user($_POST['username'], $upass, $_POST['email']);
$dao->save($user);
echo json_encode($ret);
}示例9: forSql
public function forSql($value, $maxLength = 0)
{
if ($maxLength > 0) {
$value = substr($value, 0, $maxLength);
}
return mysql_real_escape_string($value, $this->dbConnection->getResource());
}示例10: addm
function addm($char, $mes, $priv)
{
setlocale(LC_ALL, "ru_RU.CP1251");
if (!isset($char['sex']) || $char['sex'] == "male") {
$mes = preg_replace("/\\{([\\d\\w\\s]*?)\\|([\\d\\w\\s]*?)\\}/i", "\\1", $mes);
} else {
$mes = preg_replace("/\\{([\\d\\w\\s]*?)\\|([\\d\\w\\s]*?)\\}/i", "\\2", $mes);
}
$mes = '<span style="color:#FF2828;font-size:12px;">' . iconv("Windows-1251", "UTF-8//IGNORE", $mes) . '</style>';
$message = $mes;
$message = mysql_real_escape_string($message);
$sel = myquery("SELECT `count` FROM `game_bot_chat_resp` WHERE `id` = '" . $char['name'] . "';");
$n = mysql_fetch_array($sel);
if ($n['count'] <= 4) {
myquery("INSERT INTO `game_bot_chat_resp` (`id`,`count`) VALUES ('" . $char['name'] . "','1') ON DUPLICATE KEY UPDATE `count` = `count` + 1;");
$update_chat = myquery("insert into game_log (town,fromm,too,message,date,ptype) values (0,'-1','" . $char['user_id'] . "','" . $message . "','" . time() . "'," . $priv . ")");
} else {
$sel = myquery("SELECT `text` FROM `game_bot_chat_annoy` ORDER BY RAND() ASC LIMIT 1");
$mes = mysql_fetch_array($sel);
if (!isset($char['sex']) || $char['sex'] == "male") {
$mes = preg_replace("/\\{([\\d\\w\\s]*?)\\|([\\d\\w\\s]*?)\\}/i", "\\1", $mes);
} else {
$mes = preg_replace("/\\{([\\d\\w\\s]*?)\\|([\\d\\w\\s]*?)\\}/i", "\\2", $mes);
}
$message = mysql_real_escape_string('<span style="color:#FF2828;font-size:12px;">' . iconv("Windows-1251", "UTF-8//IGNORE", $mes['text']) . '</style>');
$update_chat = myquery("insert into game_log (town,fromm,too,message,date,ptype) values (0,'-1','" . $char['user_id'] . "','" . $message . "','" . time() . "'," . $priv . ")");
}
}示例11: _wobi_addWebseedfiles
function _wobi_addWebseedfiles($torrent_file_path, $relative_path, $httplocation, $hash)
{
$prefix = WOBI_PREFIX;
$fd = fopen($torrent_file_path, "rb") or die(errorMessage() . "File upload error 1</p>");
$alltorrent = fread($fd, filesize($torrent_file_path));
fclose($fd);
$array = BDecode($alltorrent);
// Add in Bittornado HTTP seeding spec
//
//add information into database
$info = $array["info"] or die("Invalid torrent file.");
$fsbase = $relative_path;
// We need single file only!
mysql_query("INSERT INTO " . $prefix . "webseedfiles (info_hash,filename,startpiece,endpiece,startpieceoffset,fileorder) values (\"{$hash}\", \"" . mysql_real_escape_string($fsbase) . "\", 0, " . (strlen($array["info"]["pieces"]) / 20 - 1) . ", 0, 0)");
// Edit torrent file
//
$data_array = $array;
$data_array["httpseeds"][0] = WOBI_URL . "/seed.php";
//$data_array["url-list"][0] = $httplocation;
$to_write = BEncode($data_array);
//write torrent file
$write_httpseed = fopen($torrent_file_path, "wb");
fwrite($write_httpseed, $to_write);
fclose($write_httpseed);
//add in piecelength and number of pieces
$query = "UPDATE " . $prefix . "summary SET piecelength=\"" . $info["piece length"] . "\", numpieces=\"" . strlen($array["info"]["pieces"]) / 20 . "\" WHERE info_hash=\"" . $hash . "\"";
quickQuery($query);
}示例12: authentication
public static function authentication()
{
// print_r($_SERVER);
// exit();
if (!isset($_SERVER['PHP_AUTH_USER'])) {
header('WWW-Authenticate: Basic realm="My Realm"');
header('HTTP/1.0 401 Unauthorized');
echo 'Text to send if user hits Cancel button';
exit;
} else {
$db = new DB();
$username = mysql_real_escape_string($_SERVER['PHP_AUTH_USER']);
$password = mysql_real_escape_string($_SERVER['PHP_AUTH_PW']);
$domain = 'nebula.com';
$hash = md5($username . ':' . $domain . ':' . $password);
$sql = "SELECT id from n_nebulauser WHERE username='{$username}' AND ha1='{$hash}'";
$q = $db->query($sql);
if (mysql_num_rows($q)) {
$fetch = mysql_fetch_assoc($q);
return $fetch['id'];
} else {
return null;
}
}
return false;
}示例13: prepare
function prepare($id, $data = false, $period_sec = false)
{
//Если задана очистка подготовленного сохранения
if ($id == 'clear') {
$this->temp = false;
return true;
}
//Если не передано что готовить
if (!$data) {
return false;
}
$t = mktime();
if (!$period_sec) {
$period_sec = 86400;
}
//+20дней=86400
if (!is_string($data)) {
$serr = serialize($data);
} else {
$serr = $data;
}
$serr = mysql_real_escape_string($serr);
/*
if(1==3 && unserialize($serr) != $data ){
$this->temp=false;
return false;
}
*/
$this->temp = "REPLACE INTO z_fs_queries SET fq_id='{$id}', fq_content='{$serr}', fq_create=" . $t . ", fq_dead=" . ($t + $period_sec);
$this->last_id = $id;
return true;
}示例14: getAreaList
public function getAreaList($stfips, $areatype)
{
$link = getDatabaseConnection();
$query = sprintf("select * from wid.geog " . "where stfips = '%s' and areatype = '%s' order by stfips, areatype, area", mysql_real_escape_string($stfips), mysql_real_escape_string($areatype));
$arealist = $this->getJSONResult($query, $link);
return $arealist;
}示例15: loadData
private function loadData()
{
$title = mysql_real_escape_string($this->title);
$text = mysql_real_escape_string($this->text);
$data = array("title" => "'{$title}'", "type" => "'{$this->type}'", "text" => "'{$text}'");
return $data;
}