本文整理汇总了PHP中safeEscape函数的典型用法代码示例。如果您正苦于以下问题:PHP safeEscape函数的具体用法?PHP safeEscape怎么用?PHP safeEscape使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了safeEscape函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: OS_UpdateScoresTable
function OS_UpdateScoresTable($name = "")
{
$db = new db("mysql:host=" . OSDB_SERVER . ";dbname=" . OSDB_DATABASE . "", OSDB_USERNAME, OSDB_PASSWORD);
$name = safeEscape(trim($name));
if (!empty($name)) {
$sth = $db->prepare("SELECT * FROM scores WHERE (name) = ('" . $name . "')");
$result = $sth->execute();
if ($limit = $sth->rowCount() <= 0) {
$sth = $db->prepare("INSERT INTO scores(category, name)VALUES('dota_elo','" . $name . "')");
$result = $sth->execute();
}
//Get updated result
$resultScore = $db->prepare("SELECT player,score FROM " . OSDB_STATS . " WHERE (player) = ('" . $name . "')");
$result = $resultScore->execute();
$rScore = $resultScore->fetch(PDO::FETCH_ASSOC);
//update "scores" table
$UpdateScoreTable = $db->prepare("UPDATE `scores` SET `score` = '" . $rScore["score"] . "' \n\tWHERE (name) = ('" . $rScore["player"] . "') ");
$result = $UpdateScoreTable->execute();
}
}示例2: OS_CheckCaptcha
function OS_CheckCaptcha()
{
if (isset($_POST["post_comment"])) {
if (isset($_GET["post_id"]) and is_numeric($_GET["post_id"])) {
$backTo = OS_HOME . '?post_id=' . safeEscape($_GET["post_id"]) . "&" . generate_hash(12) . "#SubmitComment";
} else {
$backTo = '';
}
$CaptchaError = '<h2>Invalid captcha</h2><div><a href="' . $backTo . '">« Back</a></div>';
if (!isset($_POST["c_code"]) or !isset($_SESSION["c_code"])) {
os_trigger_error($CaptchaError);
}
if ($_POST["c_code"] != $_SESSION["c_code"]) {
os_trigger_error($CaptchaError . " ");
} else {
$code = generate_hash(5);
$code = str_replace(array("o", "0"), array("x", "x"), $code);
$_SESSION["c_code"] = $code;
}
}
}示例3: array
$errors .= "<div>" . $lang["error_no_player"] . "</div>";
}
if (empty($errors)) {
$row = $sth->fetch(PDO::FETCH_ASSOC);
$PID = $row["id"];
$db->insert(OSDB_APPEALS, array("player_id" => (int) $PID, "player_name" => $player, "user_id" => (int) $_SESSION["user_id"], "reason" => $reason, "game_url" => $game_url, "replay_url" => $replay_url, "added" => (int) time(), "status" => 0, "user_ip" => $_SERVER["REMOTE_ADDR"]));
$_SESSION["last_report"] = time();
require_once 'plugins/index.php';
os_init();
header('location: ' . OS_HOME . '?ban_appeal&success');
die;
}
}
}
if (isset($_SESSION["bnet_username"])) {
$BanAppeal = safeEscape(trim($_SESSION["bnet_username"]));
if (empty($BanAppeal)) {
$BanAppeal = ",./,./";
}
$sth = $db->prepare("SELECT * FROM " . OSDB_BANS . " WHERE name=:player LIMIT 1");
$sth->bindValue(':player', $BanAppeal, PDO::PARAM_STR);
$result = $sth->execute();
if ($sth->rowCount() >= 1) {
$row = $sth->fetch(PDO::FETCH_ASSOC);
$BanAppealName = $row["name"];
$BanAppealDate = $row["date"];
$BanAppealGamename = $row["gamename"];
$BanAppealAdmin = $row["admin"];
$BanAppealReason = $row["reason"];
$BanAppealServer = $row["server"];
}示例4: OS_CheckFacebookLogin
function OS_CheckFacebookLogin()
{
if (isset($_POST["fb_name"]) and isset($_POST["fb_email"]) and isset($_POST["fb_id"])) {
global $db;
$errors = '';
$FBID = trim($_POST["fb_id"]);
$gender = safeEscape(trim($_POST["fb_gender"]));
$name = strip_tags(trim($_POST["fb_name"]));
$email = safeEscape(trim($_POST["fb_email"]));
$IP = safeEscape($_SERVER["REMOTE_ADDR"]);
$avatar = 'https://graph.facebook.com/' . $FBID . '/picture/?type=large';
$www = 'http://www.facebook.com/profile.php?id=' . $FBID . '';
$pass = generate_hash(5);
$hash = generate_hash(12);
$password_db = generate_password($pass, $hash);
if (empty($FBID) or strlen($FBID) <= 6) {
$errors = '1';
}
if (strlen($name) <= 3) {
$errors = '2';
}
if (strlen($email) <= 6) {
$errors = '3';
}
if (!empty($errors)) {
header('location:' . OS_HOME . '?action=facebook&error=' . $errors);
die;
}
if ($gender == "male") {
$gen = 1;
} else {
if ($gender == "female") {
$gen = 2;
} else {
$gen = 0;
}
}
$sth = $db->prepare("SELECT * FROM " . OSDB_USERS . " WHERE user_fbid =:FBID AND user_email =:email");
$sth->bindValue(':FBID', $FBID, PDO::PARAM_STR);
$sth->bindValue(':email', $email, PDO::PARAM_STR);
$result = $sth->execute();
//echo $FBID ;
//echo $db->num_rows($result);
//NEW USER
if ($sth->rowCount() <= 0) {
//Check if username already exists
$sth = $db->prepare("SELECT * FROM " . OSDB_USERS . " WHERE LOWER(user_name) =:name ");
$sth->bindValue(':name', strtolower($name), PDO::PARAM_STR);
if ($sth->rowCount() >= 1) {
$name .= " " . rand(100, 1000);
}
$db->insert(OSDB_USERS, array("user_name" => $name, "user_fbid" => $FBID, "user_password" => $password_db, "password_hash" => $hash, "user_email" => $email, "user_joined" => (int) time(), "user_level" => 0, "user_last_login" => (int) time(), "user_ip" => $IP, "user_avatar" => $avatar, "user_website" => $www, "user_gender" => $gen));
$id = $db->lastInsertId();
$_SESSION["user_id"] = $id;
$_SESSION["username"] = $name;
$_SESSION["email"] = $email;
$_SESSION["level"] = 0;
$_SESSION["can_comment"] = 1;
$_SESSION["logged"] = time();
$_SESSION["fb"] = $FBID;
$_SESSION["bnet"] = "";
$_SESSION["bnet_username"] = "";
header("location: " . OS_HOME . "");
die;
} else {
//UPDATE USER DATA
if ($gen >= 1) {
$sql_update = ", user_gender = '" . (int) $gen . "'";
} else {
$sql_update = "";
}
$update = $db->prepare("UPDATE " . OSDB_USERS . " SET user_last_login = '" . time() . "',user_avatar = '" . strip_tags($avatar) . "', user_website = '" . strip_tags($www) . "' {$sql_update} \n\t\tWHERE user_email = '" . $email . "' AND user_fbid = '" . $FBID . "' LIMIT 1");
$result = $update->execute();
$row = $sth->fetch(PDO::FETCH_ASSOC);
$id = $row["user_id"];
$_SESSION["user_id"] = $id;
$_SESSION["username"] = $row["user_name"];
$_SESSION["email"] = $row["user_email"];
$_SESSION["level"] = $row["user_level"];
$_SESSION["can_comment"] = $row["can_comment"];
$_SESSION["logged"] = time();
$_SESSION["fb"] = $FBID;
$_SESSION["bnet"] = $row["user_bnet"];
$_SESSION["bnet_username"] = $row["bnet_username"];
header("location: " . OS_HOME . "");
die;
}
}
}示例5: header
<?php
if (!isset($website)) {
header('HTTP/1.1 404 Not Found');
die;
}
if (!empty($_GET["common_games"]) and isset($_SESSION["bnet_username"])) {
$HomeTitle = "Common Games";
$HomeDesc = os_strip_quotes($lang["game_archive"]);
$HomeKeywords = strtolower(os_strip_quotes($lang["game_archive"])) . ',' . $HomeKeywords;
$MenuClass["games"] = "active";
$User1 = strip_tags(trim($_SESSION["bnet_username"]));
$User2 = safeEscape(trim($_GET["common_games"]));
$sth = $db->prepare("SELECT COUNT(*) FROM " . OSDB_GAMES . " as g\n\tLEFT JOIN " . OSDB_GP . " as gp ON gp.gameid = g.id AND gp.name=:user1 \n\tLEFT JOIN " . OSDB_GP . " as gp2 ON gp2.gameid = gp.gameid AND gp2.name=:user2\n\tWHERE gp.name =:user1 AND gp2.name =:user2\n\tLIMIT 1");
$sth->bindValue(':user1', $User1, PDO::PARAM_STR);
$sth->bindValue(':user2', $User2, PDO::PARAM_STR);
$result = $sth->execute();
$r = $sth->fetch(PDO::FETCH_NUM);
$numrows = $r[0];
$result_per_page = $GamesPerPage;
$draw_pagination = 0;
include 'inc/pagination.php';
$draw_pagination = 1;
$sth = $db->prepare("SELECT g.gamename, g.id, g.map, g.datetime, g.duration, g.gamestate, dg.winner\n\tFROM " . OSDB_GAMES . " as g\n\tLEFT JOIN " . OSDB_GP . " as gp ON gp.gameid = g.id AND gp.name=:user1 \n\tLEFT JOIN " . OSDB_GP . " as gp2 ON gp2.gameid = gp.gameid AND gp2.name=:user2\n\tLEFT JOIN " . OSDB_DG . " as dg ON dg.gameid = g.id\n\tWHERE gp.name =:user1 AND gp2.name =:user2\n\tORDER BY g.id DESC\n\tLIMIT {$offset}, {$rowsperpage}");
$sth->bindValue(':user1', $User1, PDO::PARAM_STR);
$sth->bindValue(':user2', $User2, PDO::PARAM_STR);
$result = $sth->execute();
$CommonGames = array();
$c = 0;
while ($row = $sth->fetch(PDO::FETCH_ASSOC)) {
$CommonGames[$c]["gamename"] = $row["gamename"];示例6: header
<?php
if (!isset($website)) {
header('HTTP/1.1 404 Not Found');
die;
}
$userID = safeEscape((int) $_GET["member"]);
$MenuClass["members"] = "active";
$sth = $db->prepare("SELECT u.*, COUNT(c.user_id) as total_comments \r\n\tFROM " . OSDB_USERS . " as u \r\n\tLEFT JOIN " . OSDB_COMMENTS . " as c ON c.user_id = u.user_id\r\n\tWHERE u.user_id = :userID LIMIT 1");
$sth->bindValue(':userID', $userID, PDO::PARAM_INT);
$result = $sth->execute();
$c = 0;
$MemberData = array();
if (file_exists("inc/geoip/geoip.inc")) {
include "inc/geoip/geoip.inc";
$GeoIPDatabase = geoip_open("inc/geoip/GeoIP.dat", GEOIP_STANDARD);
$GeoIP = 1;
}
if ($sth->rowCount() >= 1) {
while ($row = $sth->fetch(PDO::FETCH_ASSOC)) {
//USER REGISTERED/CONFIRMED BNET ACCOUNT
if ($row["user_bnet"] >= 1) {
$sth2 = $db->prepare("SELECT * FROM " . OSDB_STATS . " \r\n\t WHERE player = '" . $row["user_name"] . "' \r\n\t ORDER BY id DESC \r\n\t LIMIT 1 ");
$result = $sth2->execute();
$row2 = $sth2->fetch(PDO::FETCH_ASSOC);
$MemberData[$c]["points"] = number_format($row2["points"]);
$MemberData[$c]["games"] = $row2["games"];
$MemberData[$c]["score"] = $row2["score"];
$MemberData[$c]["wins"] = $row2["wins"];
$MemberData[$c]["losses"] = $row2["losses"];
$MemberData[$c]["uid"] = $row2["id"];示例7: getUserGames
}
$draw_pagination = 0;
include 'inc/pagination.php';
$draw_pagination = 1;
$sqlFilter .= "ORDER BY g.datetime DESC";
$sql = getUserGames($id, $MinDuration, $offset, $rowsperpage, $sqlFilter);
} else {
//FILTER
$filter = "";
unset($sth);
if (isset($_GET["m"]) and is_numeric($_GET["m"]) and $_GET["m"] <= 12 and $_GET["m"] >= 1) {
$m = safeEscape((int) $_GET["m"]);
$filter .= "AND MONTH(g.datetime) = '" . (int) $m . "'";
}
if (isset($_GET["y"]) and is_numeric($_GET["y"]) and $_GET["y"] <= date("Y") and $_GET["y"] >= 1998) {
$y = safeEscape((int) $_GET["y"]);
$filter .= "AND YEAR(g.datetime) = '" . (int) $y . "'";
}
if (isset($_GET["game_type"]) and is_numeric($_GET["game_type"])) {
$filter .= " AND g.alias_id = '" . (int) $_GET["game_type"] . "' ";
}
$sth = $db->prepare("SELECT COUNT(*) FROM " . OSDB_GAMES . " as g\n WHERE (g.map) LIKE ('%" . OS_DEFAULT_MAP . "%') AND g.duration>='" . $MinDuration . "' " . $filter . " LIMIT 1");
$result = $sth->execute();
$r = $sth->fetch(PDO::FETCH_NUM);
$numrows = $r[0];
$result_per_page = $GamesPerPage;
$draw_pagination = 0;
include 'inc/pagination.php';
$draw_pagination = 1;
$sql = getAllGames($MinDuration, $offset, $rowsperpage, $filter, "datetime DESC");
}示例8: write_value_of
$PluginDesc = "";
if ($PluginFile != "." and $PluginFile != "index.php" and $PluginFile != ".." and strstr($PluginFile, ".php") == true) {
//enable/disable
if (isset($_GET["disable"]) and file_exists($plugins_dir . safeEscape($_GET["disable"])) and $PluginFile == $_GET["disable"] and OS_IsRoot()) {
$PluginEnabled = 1;
write_value_of('$PluginEnabled', "{$PluginEnabled}", 0, $plugins_dir . safeEscape($_GET["disable"]));
echo $PluginFile . ' - disabled <a href="' . OS_HOME . 'adm/?plugins">« Back</a>';
} else {
if (isset($_GET["enable"]) and file_exists($plugins_dir . safeEscape($_GET["enable"])) and $PluginFile == $_GET["enable"] and OS_IsRoot()) {
$PluginEnabled = 0;
write_value_of('$PluginEnabled', "{$PluginEnabled}", 1, $plugins_dir . safeEscape($_GET["enable"]));
echo $PluginFile . ' - enabled <a href="' . OS_HOME . 'adm/?plugins">« Back</a>';
} else {
if (isset($_GET["delete"]) and file_exists($plugins_dir . safeEscape($_GET["delete"])) and OS_IsRoot()) {
$PluginEnabled = 0;
unlink($plugins_dir . safeEscape($_GET["delete"]));
}
}
}
if (file_exists($plugins_dir . $PluginFile)) {
$PluginName = trim(str_replace("//Plugin:", "", OS_ReadLine($plugins_dir . $PluginFile, 2)));
$PluginAuthor = trim(str_replace("//Author:", "", OS_ReadLine($plugins_dir . $PluginFile, 3)));
$PluginDesc = trim(str_replace("//", "", OS_ReadLine($plugins_dir . $PluginFile, 4)));
if (!empty($PluginName) and !empty($PluginAuthor)) {
include $plugins_dir . $PluginFile;
if (isset($PluginOptions) and $PluginOptions == 1 and $PluginEnabled == 1) {
$PluginEdit = '<a href="' . OS_HOME . 'adm/?plugins&edit=' . $PluginFile . '#' . $PluginFile . '"><img src="' . OS_HOME . 'adm/edit.png" alt="edit" width="16" height="16" /> Edit</a>';
if (isset($_GET["edit"]) and $_GET["edit"] == $PluginFile) {
$PluginEdit = '<a href="' . OS_HOME . 'adm/?plugins#' . $PluginFile . '"><img src="' . OS_HOME . 'adm/edit.png" alt="edit" width="16" height="16" /> « Edit</a>';
}
} else {示例9: os_commentForm
echo os_commentForm();
?>
</td>
</tr>
<tr>
<td class="padLeft padTop padBottom">
<input <?php
if (!os_canComment()) {
?>
disabled<?php
}
?>
class="menuButtons" type="submit" value="<?php
echo $lang["add_comment_button"];
?>
" name="add_comment" />
</td>
</tr>
</table>
<input type="hidden" value="<?php
echo (int) safeEscape($_GET["post_id"]);
?>
" name="pid" />
<input type="hidden" value="<?php
echo $code;
?>
" name="code" />
</form>
<?php
}示例10: safeEscape
<a href="javascript:;" class="menuButtons" onclick="SetDateField('tban', 'sl')" >Tban</a>
<a href="javascript:;" class="menuButtons" onclick="SetDateField('ban', 'sl')" >Ban</a>
<a href="javascript:;" class="menuButtons" onclick="SetDateField('kick', 'sl')" >Kick</a>
<a href="javascript:;" class="menuButtons" onclick="SetDateField('rcon', 'sl')" >Rcon</a>
</form>
<?php
$sql = "";
if (isset($_GET["search_logs"]) and strlen($_GET["search_logs"]) >= 2) {
$search_logs = safeEscape($_GET["search_logs"]);
$sql .= " AND LOWER(log_data) LIKE LOWER('%" . $search_logs . "%') ";
} else {
//$sql = "";
$search_logs = "";
}
if (isset($_GET["log_admin"]) and strlen($_GET["log_admin"]) >= 2) {
$search_admin = safeEscape(trim($_GET["log_admin"]));
$sql .= " AND log_admin = '" . $search_admin . "' ";
}
$sth = $db->prepare("SELECT COUNT(*) FROM " . OSDB_ADMIN_LOG . " WHERE id>=1 {$sql} LIMIT 1");
$result = $sth->execute();
$r = $sth->fetch(PDO::FETCH_NUM);
$numrows = $r[0];
$result_per_page = 30;
?>
<div align="center">
<h4>
<a class="menuButtons" href="javascript:;" onclick="if (confirm('Delete all logs?') ) {location.href='<?php
echo OS_HOME;
?>
adm/?admin_logs&purge_admin_logs'} " >Purge logs (<?php
echo $numrows;示例11: geoip_open
<?php
if (file_exists("../inc/geoip/geoip.inc")) {
if (!isset($_GET["city"])) {
include "../inc/geoip/geoip.inc";
}
$GeoIPDatabase = geoip_open("../inc/geoip/GeoIP.dat", GEOIP_STANDARD);
$GeoIP = 1;
}
$p = '';
if (isset($_GET["page"]) and is_numeric($_GET["page"])) {
$p = '&page=' . safeEscape($_GET["page"]);
} else {
$p = '';
}
if (isset($_GET["sort"])) {
$p .= '&sort=' . safeEscape($_GET["sort"]);
}
//LOOP
while ($row = $sth->fetch(PDO::FETCH_ASSOC)) {
if ($GeoIP == 1) {
$Letter = geoip_country_code_by_addr($GeoIPDatabase, $row["ip"]);
$Country = geoip_country_name_by_addr($GeoIPDatabase, $row["ip"]);
}
if ($GeoIP == 1 and empty($Letter)) {
$Letter = "blank";
$Country = "Reserved";
}
$exp = calculateXP($row["exp"]);
if ($exp["level"] <= 0) {
$exp["level"] = 1;
}示例12: BY
$result = $sth->execute();
$numrows = $sth->rowCount();
$result_per_page = 30;
$draw_pagination = 1;
$sql = "WHERE item_info!='' GROUP BY (shortname)";
}
$SHOW_TOTALS = 1;
include 'pagination.php';
$sth = $db->prepare("SELECT * FROM " . OSDB_ITEMS . " {$sql} \n ORDER BY (shortname) ASC \n LIMIT {$offset}, {$rowsperpage}");
$result = $sth->execute();
$add = "";
if (isset($_GET["show_all"])) {
$add .= "&show_all";
}
if (isset($_GET["page"])) {
$add .= "&page=" . safeEscape((int) $_GET["page"]);
}
?>
<table>
<tr>
<th width="74" class="padLeft">Item</th>
<th width="220">Item name</th>
<th>Description</th>
</tr>
<?php
while ($row = $sth->fetch(PDO::FETCH_ASSOC)) {
if (isset($_GET["edit"]) and $_GET["edit"] == $row["itemid"]) {
$border = 'style="border:6px solid #FCC200;"';
} else {
$border = "";
}示例13: header
<?php
if (!isset($website)) {
header('HTTP/1.1 404 Not Found');
die;
}
$HomeTitle = $lang["heroes"];
$HomeDesc = $lang["heroes"];
$HomeKeywords = strtolower(os_strip_quotes($lang["heroes"])) . ',' . $HomeKeywords;
$MenuClass["misc"] = "active";
if (isset($_GET["search_heroes"]) and strlen($_GET["search_heroes"]) >= 2) {
$search_heroes = safeEscape(trim($_GET["search_heroes"]));
$sql = "AND (description) LIKE ? ";
} else {
$sql = "";
}
$HeroesData = array();
$HeroesData[0] = "Heroes";
/*
$sth = $db->prepare("SELECT COUNT(*) FROM ".OSDB_HEROES." WHERE summary!= '-' $sql LIMIT 1");
if ( !empty($sql) ) $sth->bindValue(1, "%".strtolower($search_heroes)."%", PDO::PARAM_STR);
$result = $sth->execute();
$r = $sth->fetch(PDO::FETCH_NUM);
$numrows = $r[0];
$result_per_page = $HeroesPerPage;
$result_per_page = $HeroesPerPage;
$draw_pagination = 0;
$total_comments = $numrows;
include('inc/pagination.php');
$draw_pagination = 1;示例14: generate_hash
?>
?vote"><?php
echo $lang["vote_back"];
?>
</a></div>
</div>
<?php
} else {
if (isset($_POST["vote_hero"]) and isset($_SESSION["code"]) and isset($_POST["code"]) and $_POST["code"] == $_SESSION["code"]) {
$code = generate_hash(14);
$_SESSION["code"] = $code;
if (isset($_POST["h1"])) {
$h1 = safeEscape($_POST["h1"]);
$h1check = safeEscape($_POST["hero_1"]);
$h2check = safeEscape($_POST["hero_2"]);
if ($h1check == $h1) {
$votedown = $h2check;
}
if ($h2check == $h1) {
$votedown = $h1check;
}
//echo "<b>$h1</b> ($h1check -- $h2check ) <--> $votedown";
$sth = $db->prepare("UPDATE heroes SET `voteup` = `voteup`+1 WHERE `heroid` = :h1 ");
$sth->bindValue(':h1', $h1, PDO::PARAM_STR);
$result = $sth->execute();
$sth = $db->prepare("UPDATE heroes SET `votedown` = `votedown`+1 WHERE `heroid` = '" . $votedown . "' ");
$sth->bindValue(':votedown', $votedown, PDO::PARAM_STR);
$result = $sth->execute();
//GET VOTE RESULTS
$sth = $db->prepare("SELECT * FROM heroes WHERE summary!= '-' AND `heroid` = :h1check LIMIT 1");示例15: OS_MostPlayedHero
function OS_MostPlayedHero($username)
{
$sql = "SELECT SUM(`left`) AS timeplayed, original, description, \n\tCOUNT(*) AS played \n\tFROM " . OSDB_GP . " as gp \n\tLEFT JOIN " . OSDB_GAMES . " as g ON g.id=gp.gameid \n\tLEFT JOIN " . OSDB_DP . " as dp ON dp.gameid=g.id \n\tAND dp.colour=gp.colour \n\tLEFT JOIN " . OSDB_DG . " as dg ON g.id=dg.gameid \n JOIN " . OSDB_HEROES . " on hero = heroid \n\tWHERE (name)=('" . safeEscape($username) . "')\n\tGROUP BY original \n\tORDER BY played DESC LIMIT 1";
return $sql;
}