本文整理汇总了PHP中safe_field函数的典型用法代码示例。如果您正苦于以下问题:PHP safe_field函数的具体用法?PHP safe_field怎么用?PHP safe_field使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了safe_field函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: jmd_img_selector
/**
* jmd_img_selector preferences
*
* @param string $event
* @param string $step
*/
function jmd_img_selector($event, $step)
{
global $jmdImgSel, $path_to_site, $prefs;
$out = '<div id="jmd_img_selector" style="width: 500px; margin: 0 auto">';
if ($step === 'update') {
$settings = array('tbWidth' => gps('tbWidth'), 'tbHeight' => gps('tbHeight'), 'imgWidth' => gps('imgWidth'), 'imgHeight' => gps('imgHeight'));
foreach ($settings as $key => $value) {
$jmdImgSel->upsertPref($key, $value);
}
$msg = $jmdImgSel->gTxt('prefs_updated');
}
if ($step === 'css') {
$css = <<<CSS
//inc <img_sel.css>
CSS;
safe_insert("txp_css", "name='jmd_img_selector', css='" . base64_encode($css) . "'");
$msg = $jmdImgSel->gTxt('css_created');
}
pageTop($jmdImgSel->gTxt('prefs'), isset($msg) ? $msg : '');
// Preferences
$out .= form(fieldset(fieldset($jmdImgSel->input('pref_width', 'tbWidth') . $jmdImgSel->input('pref_height', 'tbHeight'), $jmdImgSel->gTxt('tb_legend')) . fieldset($jmdImgSel->input('pref_width', 'imgWidth') . $jmdImgSel->input('pref_height', 'imgHeight'), $jmdImgSel->gTxt('img_legend')) . fInput('submit', 'update', $jmdImgSel->gTxt('update')) . eInput('jmd_img_selector') . sInput('update'), $jmdImgSel->gTxt('prefs_legend')));
// Check if CSS file exists
$rs = safe_field('name', 'txp_css', 'name="jmd_img_selector"');
if (empty($rs)) {
$out .= form(fieldset(fInput('submit', 'submit', $jmdImgSel->gTxt('create_css')) . eInput('jmd_img_selector') . sInput('css'), $jmdImgSel->gTxt('css_legend')));
}
echo $out;
}示例2: page_title
function page_title($atts)
{
global $sitename, $s, $c, $q, $pg, $id, $parentid;
extract(lAtts(array('separator' => ': '), $atts));
$out = $sitename;
if ($pg) {
$out = $sitename . $separator . gTxt('page') . ' ' . $pg;
}
if ($s and $s != 'default') {
$out = $sitename . $separator . fetch_section_title($s);
}
if ($c) {
$out = $sitename . $separator . fetch_category_title($c);
}
if ($q) {
$out = $sitename . $separator . gTxt('search_results') . $separator . ' ' . $q;
}
if ($id) {
$id = (int) $id;
$out = $sitename . $separator . safe_field('Title', 'textpattern', "ID = {$id}");
}
if ($parentid) {
$parent_id = (int) $parent_id;
$out = $sitename . $separator . gTxt('comments_on') . ' ' . safe_field('Title', 'textpattern', "ID = {$parentid}");
}
return escape_title($out);
}示例3: plugin_help
function plugin_help()
{
$name = gps('name');
pagetop(gTxt('plugin_help'));
$help = $name ? safe_field('help', 'txp_plugin', "name = '" . doSlash($name) . "'") : '';
echo startTable('edit') . tr(tda($help, ' width="600"')) . endTable();
}示例4: pagetop
function pagetop($pagetitle, $message = '', $msgclass = '')
{
global $css_mode, $siteurl, $sitename, $txp_user, $event;
$area = gps('area');
$event = !$event ? 'article' : $event;
$bm = gps('bm');
$privs = safe_field('privs', 'txp_users', "name = '" . doSlash($txp_user) . "'");
$GLOBALS['privs'] = $privs;
$areas = areas();
$area = false;
foreach ($areas as $k => $v) {
if (in_array($event, $v)) {
$area = $k;
break;
}
}
if (gps('logout')) {
$body_id = 'page-logout';
} elseif (!$txp_user) {
$body_id = 'page-login';
} else {
$body_id = 'page-' . $event;
}
$theme = 'default';
include txpath . DS . 'theme' . DS . $theme . DS . 'header.php';
}示例5: page_title
function page_title($atts)
{
global $parentid, $thisarticle, $id, $q, $c, $author, $context, $s, $pg, $sitename;
extract(lAtts(array('separator' => ': '), $atts));
$out = txpspecialchars($sitename . $separator);
$parent_id = (int) $parentid;
if ($parent_id) {
$out .= gTxt('comments_on') . ' ' . escape_title(safe_field('Title', 'textpattern', "ID = {$parent_id}"));
} elseif ($thisarticle['title']) {
$out .= escape_title($thisarticle['title']);
} elseif ($q) {
$out .= gTxt('search_results') . txpspecialchars($separator . $q);
} elseif ($c) {
$out .= txpspecialchars(fetch_category_title($c, $context));
} elseif ($s and $s != 'default') {
$out .= txpspecialchars(fetch_section_title($s));
} elseif ($author) {
$out .= txpspecialchars(get_author_name($author));
} elseif ($pg) {
$out .= gTxt('page') . ' ' . $pg;
} else {
$out = txpspecialchars($sitename);
}
return $out;
}示例6: logit
function logit($r = '')
{
global $siteurl, $prefs, $pretext;
$mydomain = str_replace('www.', '', preg_quote($siteurl, "/"));
$out['uri'] = @$pretext['request_uri'];
$out['ref'] = clean_url(str_replace("http://", "", serverSet('HTTP_REFERER')));
$host = $ip = serverSet('REMOTE_ADDR');
if (!empty($prefs['use_dns'])) {
// A crude rDNS cache
if ($h = safe_field('host', 'txp_log', "ip='" . doSlash($ip) . "' limit 1")) {
$host = $h;
} else {
// Double-check the rDNS
$host = @gethostbyaddr(serverSet('REMOTE_ADDR'));
if ($host != $ip and @gethostbyname($host) != $ip) {
$host = $ip;
}
}
}
$out['ip'] = $ip;
$out['host'] = $host;
$out['status'] = 200;
// FIXME
$out['method'] = serverSet('REQUEST_METHOD');
if (preg_match("/^[^\\.]*\\.?{$mydomain}/i", $out['ref'])) {
$out['ref'] = "";
}
if ($r == 'refer') {
if (trim($out['ref']) != "") {
insert_logit($out);
}
} else {
insert_logit($out);
}
}示例7: doTxpValidate
function doTxpValidate()
{
global $logout, $txpcfg;
$p_userid = ps('p_userid');
$p_password = ps('p_password');
$logout = gps('logout');
$stay = ps('stay');
if ($logout) {
setcookie('txp_login', '', time() - 3600);
}
if (!empty($_COOKIE['txp_login']) and !$logout) {
// cookie exists
@(list($c_userid, $cookie_hash) = split(',', $_COOKIE['txp_login']));
$nonce = safe_field('nonce', 'txp_users', "name='{$c_userid}'");
if (md5($c_userid . $nonce) === $cookie_hash && $nonce) {
// check nonce
$GLOBALS['txp_user'] = $c_userid;
// cookie is good, create $txp_user
return '';
} else {
// something's gone wrong
$GLOBALS['txp_user'] = '';
setcookie('txp_login', '', time() - 3600);
return gTxt('bad_cookie');
}
} elseif ($p_userid and $p_password) {
// no cookie, but incoming login vars
sleep(3);
// should grind dictionary attacks to a halt
if (txp_validate($p_userid, $p_password)) {
$nonce = safe_field('nonce', 'txp_users', "name='{$p_userid}'");
if (!$nonce) {
define('TXP_UPDATE', 1);
include_once txpath . '/update/_update.php';
exit(graf('Please reload'));
}
if ($stay) {
// persistent cookie required
setcookie('txp_login', $p_userid . ',' . md5($p_userid . $nonce), time() + 3600 * 24 * 365);
// expires in 1 year
} else {
// session-only cookie required
setcookie('txp_login', $p_userid . ',' . md5($p_userid . $nonce));
setcookie('txp_nostay', '1', time() + 3600 * 24 * 365);
// remember nostay for 1 year
}
$GLOBALS['txp_user'] = $p_userid;
// login is good, create $txp_user
return '';
} else {
$GLOBALS['txp_user'] = '';
return gTxt('could_not_log_in');
}
} else {
$GLOBALS['txp_user'] = '';
return gTxt('login_to_textpattern');
}
}示例8: check_privs
function check_privs()
{
global $txp_user;
$privs = safe_field("privs", "txp_users", "`name`='{$txp_user}'");
$args = func_get_args();
if (!in_array($privs, $args)) {
exit(pageTop('Restricted') . '<p style="margin-top:3em;text-align:center">' . gTxt('restricted_area') . '</p>');
}
}示例9: doTxpValidate
function doTxpValidate()
{
global $logout, $txpcfg;
$p_userid = ps('p_userid');
$p_password = ps('p_password');
$logout = gps('logout');
$stay = ps('stay');
if ($logout) {
setcookie('txp_login', ' ', time() - 3600);
}
if (isset($_COOKIE['txp_login']) and !$logout) {
// cookie exists
list($c_userid, $cookie_hash) = split(',', $_COOKIE['txp_login']);
$nonce = safe_field('nonce', 'txp_users', "name='{$c_userid}'");
if (md5($c_userid . $nonce) == $cookie_hash) {
// check secret word
$GLOBALS['txp_user'] = $c_userid;
// cookie is good, create $txp_user
return '';
} else {
// something's gone wrong
$GLOBALS['txp_user'] = '';
setcookie('txp_login', '', time() - 3600);
return gTxt('bad_cookie');
}
} elseif ($p_userid and $p_password) {
// no cookie, but incoming login vars
sleep(3);
// should grind dictionary attacks to a halt
if (txp_validate($p_userid, $p_password)) {
$nonce = safe_field('nonce', 'txp_users', "name='{$p_userid}'");
if (!$nonce) {
exit(graf('Missing authentication information.
Please run _update.php'));
}
if ($stay) {
// persistent cookie required
setcookie('txp_login', $p_userid . ',' . md5($p_userid . $nonce), time() + 3600 * 24 * 365);
// expires in 1 year
} else {
// session-only cookie required
setcookie('txp_login', $p_userid . ',' . md5($p_userid . $nonce));
}
$GLOBALS['txp_user'] = $p_userid;
// login is good, create $txp_user
return '';
} else {
$GLOBALS['txp_user'] = '';
return gTxt('could_not_log_in');
}
} else {
$GLOBALS['txp_user'] = '';
return gTxt('login_to_textpattern');
}
}示例10: section_save
function section_save()
{
global $txpcfg, $app_mode;
extract(doSlash(psa(array('page', 'css', 'old_name'))));
extract(psa(array('name', 'title')));
$prequel = '';
$sequel = '';
if (empty($title)) {
$title = $name;
}
// Prevent non url chars on section names
include_once txpath . '/lib/classTextile.php';
$textile = new Textile();
$title = doSlash($textile->TextileThis($title, 1));
$name = doSlash(sanitizeForUrl($name));
if ($old_name && strtolower($name) != strtolower($old_name)) {
if (safe_field('name', 'txp_section', "name='{$name}'")) {
$message = array(gTxt('section_name_already_exists', array('{name}' => $name)), E_ERROR);
if ($app_mode == 'async') {
// TODO: Better/themeable popup
send_script_response('window.alert("' . escape_js(strip_tags(gTxt('section_name_already_exists', array('{name}' => $name)))) . '")');
} else {
sec_section_list($message);
return;
}
}
}
if ($name == 'default') {
safe_update('txp_section', "page = '{$page}', css = '{$css}'", "name = 'default'");
update_lastmod();
} else {
extract(array_map('assert_int', psa(array('is_default', 'on_frontpage', 'in_rss', 'searchable'))));
// note this means 'selected by default' not 'default page'
if ($is_default) {
safe_update("txp_section", "is_default = 0", "name != '{$old_name}'");
// switch off $is_default for all sections in async app_mode
if ($app_mode == 'async') {
$prequel = '$("input[name=\\"is_default\\"][value=\\"1\\"]").attr("checked", false);' . '$("input[name=\\"is_default\\"][value=\\"0\\"]").attr("checked", true);';
}
}
safe_update('txp_section', "\n\t\t\t\tname = '{$name}',\n\t\t\t\ttitle = '{$title}',\n\t\t\t\tpage = '{$page}',\n\t\t\t\tcss = '{$css}',\n\t\t\t\tis_default = {$is_default},\n\t\t\t\ton_frontpage = {$on_frontpage},\n\t\t\t\tin_rss = {$in_rss},\n\t\t\t\tsearchable = {$searchable}\n\t\t\t", "name = '{$old_name}'");
safe_update('textpattern', "Section = '{$name}'", "Section = '{$old_name}'");
update_lastmod();
}
$message = gTxt('section_updated', array('{name}' => $name));
if ($app_mode == 'async') {
// Caveat: Use unslashed params for DTO
$s = psa(array('name', 'title', 'page', 'css')) + compact('is_default', 'on_frontpage', 'in_rss', 'searchable');
$s = section_detail_partial($s);
send_script_response($prequel . '$("#section-form-' . $name . '").replaceWith("' . escape_js($s) . '");' . $sequel);
} else {
sec_section_list($message);
}
}示例11: jcp_simple_gravatar
function jcp_simple_gravatar($atts)
{
global $prefs;
global $thiscomment;
global $thisarticle;
$size = !empty($atts['size']) ? $atts['size'] : '80';
$default = !empty($atts['default']) ? $atts['default'] : 'default';
$format = !empty($atts['format']) ? $atts['format'] : 'jpg';
$rating = !empty($atts['rating']) ? $atts['rating'] : 'G';
// TODO: Add support for Gravatar id's
// Comment or article author's email address?
// TODO: Clean up code, make it more DRY or somehthing.
if (empty($atts['user'])) {
if (empty($atts['where'])) {
if (!empty($thiscomment)) {
$email = !empty($atts['email']) ? $atts['email'] : $thiscomment['email'];
} elseif (!empty($thisarticle)) {
$email = safe_field("email", "txp_users", "name='" . $thisarticle['authorid'] . "'");
}
} else {
if ($atts['where'] == "comment") {
$email = !empty($atts['email']) ? $atts['email'] : $thiscomment['email'];
} elseif ($atts['where'] == "article") {
$email = safe_field("email", "txp_users", "name='" . $thisarticle['authorid'] . "'");
}
}
} else {
$email = safe_field("email", "txp_users", "name='" . $atts['user'] . "'");
}
// The Gravatar URL before adding the parameters!
$url = "http://gravatar.com/avatar/" . md5(strtolower($email)) . ".{$format}";
// Parameters
if ($rating != 'G') {
$parameters[] = 'r=' . $rating;
}
$parameters[] = 's=' . $size;
if (!empty($atts['default'])) {
$parameters[] = 'd=' . urlencode($default);
} elseif (!empty($atts['default_local'])) {
// Get the site URL
if (strstr('http://', $prefs['siteurl'])) {
$siteurl = $prefs['siteurl'];
} else {
$siteurl = "http://" . $prefs['siteurl'];
}
$parameters[] = 'd=' . urlencode($siteurl . $atts['default_local']);
}
if (isset($parameters)) {
$par = join("&", $parameters);
$url .= "?" . $par;
}
// We're done, yay!
return $url;
}示例12: doTxpValidate
function doTxpValidate()
{
global $logout, $txpcfg, $txp_user;
$p_userid = ps('p_userid');
$p_password = ps('p_password');
$logout = gps('logout');
$stay = ps('stay');
if ($logout) {
setcookie('txp_login', '', time() - 3600);
}
if (!empty($_COOKIE['txp_login']) and !$logout) {
@(list($c_userid, $cookie_hash) = split(',', cs('txp_login')));
$nonce = safe_field('nonce', 'txp_users', "name='" . doSlash($c_userid) . "'");
if ($nonce && $nonce === md5($c_userid . pack('H*', $cookie_hash))) {
// cookie is good, create $txp_user
$txp_user = $c_userid;
return '';
} else {
// something's gone wrong
$txp_user = '';
setcookie('txp_login', '', time() - 3600);
return gTxt('bad_cookie');
}
} elseif ($p_userid and $p_password) {
sleep(3);
// should grind dictionary attacks to a halt
if (txp_validate($p_userid, $p_password)) {
$cookie_hash = md5(uniqid(rand()));
safe_update('txp_users', "nonce = '" . doSlash(md5($p_userid . pack('H*', $cookie_hash))) . "'", "name = '" . doSlash($p_userid) . "'");
if ($stay) {
setcookie('txp_login', $p_userid . ',' . $cookie_hash, time() + 3600 * 24 * 365);
// expires in 1 year
if (cs('txp_nostay')) {
setcookie('txp_nostay', '', time() - 3600);
}
} else {
setcookie('txp_login', $p_userid . ',' . $cookie_hash);
setcookie('txp_nostay', '1', time() + 3600 * 24 * 365);
// remember nostay for 1 year
}
$txp_user = $p_userid;
// login is good, create $txp_user
return '';
} else {
$txp_user = '';
return gTxt('could_not_log_in');
}
} else {
$txp_user = '';
return gTxt('login_to_textpattern');
}
}示例13: reset_author_pass
function reset_author_pass($name)
{
$email = safe_field('email', 'txp_users', "name = '" . doSlash($name) . "'");
$new_pass = doSlash(generate_password(6));
$rs = safe_update('txp_users', "pass = password(lower('{$new_pass}'))", "name = '" . doSlash($name) . "'");
if ($rs) {
if (send_new_password($new_pass, $email, $name)) {
return gTxt('password_sent_to') . ' ' . $email;
} else {
return gTxt('could_not_mail') . ' ' . $email;
}
} else {
return gTxt('could_not_update_author') . ' ' . htmlspecialchars($name);
}
}示例14: reset_author_pass
function reset_author_pass($name)
{
$email = safe_field('email', 'txp_users', "name = '" . doSlash($name) . "'");
$new_pass = generate_password(PASSWORD_LENGTH);
$hash = doSlash(txp_hash_password($new_pass));
$rs = safe_update('txp_users', "pass = '{$hash}'", "name = '" . doSlash($name) . "'");
if ($rs) {
if (send_new_password($new_pass, $email, $name)) {
return gTxt('password_sent_to') . ' ' . $email;
} else {
return gTxt('could_not_mail') . ' ' . $email;
}
} else {
return gTxt('could_not_update_author') . ' ' . txpspecialchars($name);
}
}示例15: jmd_author
/**
* Provides access to an author's username and email address.
* Replaces the spaces in an author's real name with any character.
*
* @param array $atts
* @param string $atts['display'] 'email', 'name', 'username'
* @param bool $atts['lowercase'] Lowercases $display
* @param string $atts['separator'] Replace spaces in $display with any char.
* @param string $atts['username'] Username to base output on. Default:
* article author
*/
function jmd_author($atts)
{
global $thisarticle;
extract(lAtts(array('display' => 'username', 'lowercase' => 0, 'separator' => ' ', 'username' => $thisarticle['authorid']), $atts));
$out = $username;
switch ($display) {
case 'email':
$out = eE(safe_field("email", "txp_users", "name='{$username}'"));
break;
case 'name':
$out = get_author_name($username);
break;
default:
}
if ($lowercase == 1) {
$out = strtolower($out);
}
return str_replace(' ', $separator, $out);
}