本文整理汇总了PHP中safe_input函数的典型用法代码示例。如果您正苦于以下问题:PHP safe_input函数的具体用法?PHP safe_input怎么用?PHP safe_input使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了safe_input函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: getRequest
public function getRequest($name, $default = null)
{
$return = $default;
if (isset($_POST[$name])) {
$return = safe_input($_POST[$name]);
} else {
if (isset($_GET[$name])) {
$return = safe_input($_GET[$name]);
}
}
return $return;
}示例2: create_lead_tag_with_names
/**
* Assign a tag to a lead.
* This process will delete the lead tags and assign the new.
*
* @param mixed Id (int) or ids (array) of the lead.
* @param mixed Name (string) or names (array) of the tag.
* @param bool Wether html encode the names or not.
*
* @return mixed The number of assigned tags of false (bool) on error.
*/
function create_lead_tag_with_names($lead_id, $tag_name, $encode_names = false)
{
if (empty($lead_id)) {
throw new InvalidArgumentException(__('The lead id cannot be empty'));
}
if (empty($tag_name)) {
throw new InvalidArgumentException(__('The tag name cannot be empty'));
}
if (!is_array($lead_id)) {
$lead_id = array($lead_id);
}
if (!is_array($tag_name)) {
$tag_name = array($tag_name);
}
if ($encode_names) {
$tag_name = safe_input($tag_name);
}
$expected_assingments = count($lead_id) * count($tag_name);
$successfull_assingments = 0;
// Delete the old tags
$delete_res = process_sql_delete(LEADS_TABLE, array(LEADS_TABLE_LEAD_ID_COL => $lead_id));
if ($delete_res !== false) {
foreach ($lead_id as $l_id) {
if (is_numeric($l_id) && $l_id > 0) {
foreach ($tag_name as $t_name) {
if (!empty($t_name)) {
$tag_id = get_db_value(TAGS_TABLE_ID_COL, TAGS_TABLE, TAGS_TABLE_NAME_COL, $t_name);
if (is_numeric($tag_id) && $tag_id > 0) {
$values = array(LEADS_TABLE_LEAD_ID_COL => $l_id, LEADS_TABLE_TAG_ID_COL => $tag_id);
$result = process_sql_insert(LEADS_TABLE, $values);
if ($result !== false) {
$successfull_assingments++;
}
}
}
}
}
}
}
if ($delete_res === false || $expected_assingments > 0 && $successfull_assingments === 0) {
$successfull_assingments = false;
}
return $successfull_assingments;
}示例3: synchronize_pandora_inventory
/**
* This function creates an inventory object for each agent of pandora with name, address, description
* and extra fields if are defined as operating system and url address
*/
function synchronize_pandora_inventory()
{
global $config;
if (!isset($config["pandora_url"])) {
return;
}
if ($config["pandora_url"] == "") {
return;
}
$separator = ':;:';
$url = $config['pandora_url'] . '/include/api.php?op=get&apipass=' . $config['pandora_api_password'] . '&op2=all_agents&return_type=csv&user=' . $config['pandora_user'] . '&pass=' . $config['pandora_pass'];
$return = call_api($url);
$agents_csv = explode("\n", $return);
foreach ($agents_csv as $agent_csv) {
// Avoiding empty csv lines like latest one
if ($agent_csv == '') {
continue;
}
$values = array();
$agent = explode(";", $agent_csv);
$agent_id = $agent[0];
$agent_name = $agent[1];
$agent_name_safe = safe_input($agent_name);
$address = $agent[2];
$description = $agent[3];
$os_name = $agent[4];
$url_address = $agent[5];
// Check if exist to avoid the creation
$inventory_id = get_db_value('id', 'tinventory', 'name', $agent_name_safe);
if ($inventory_id !== false) {
process_sql_delete('tinventory', array('id' => $inventory_id));
process_sql_delete('tobject_field_data', array('id_inventory' => $inventory_id));
}
$id_object_type = get_db_value('id', 'tobject_type', 'name', safe_input('Pandora agents'));
$values['name'] = $agent_name_safe;
$values['description'] = $description;
$values['id_object_type'] = $id_object_type;
$values['id_contract'] = $config['default_contract'];
$id_inventory = process_sql_insert('tinventory', $values);
if ($id_inventory) {
$id_type_field_os = get_db_value_filter('id', 'tobject_type_field', array('id_object_type' => $id_object_type, 'label' => safe_input('OS')));
$id_type_field_ip = get_db_value_filter('id', 'tobject_type_field', array('id_object_type' => $id_object_type, 'label' => safe_input('IP Address')));
if ($id_type_field_ip == false) {
$id_type_field_ip = get_db_value_filter('id', 'tobject_type_field', array('id_object_type' => $id_object_type, 'label' => 'IP Address'));
}
$id_type_field_url = get_db_value_filter('id', 'tobject_type_field', array('id_object_type' => $id_object_type, 'label' => safe_input('URL Address')));
if ($id_type_field_url == false) {
$id_type_field_url = get_db_value_filter('id', 'tobject_type_field', array('id_object_type' => $id_object_type, 'label' => 'URL Address'));
}
$id_type_field_id = get_db_value_filter('id', 'tobject_type_field', array('id_object_type' => $id_object_type, 'label' => safe_input('ID Agent')));
if ($id_type_field_id == false) {
$id_type_field_id = get_db_value_filter('id', 'tobject_type_field', array('id_object_type' => $id_object_type, 'label' => 'ID Agent'));
}
$value_os = array();
$value_os['id_inventory'] = $id_inventory;
$value_os['id_object_type_field'] = $id_type_field_os;
$value_os['data'] = $os_name;
process_sql_insert('tobject_field_data', $value_os);
$value_ip = array();
$value_ip['id_inventory'] = $id_inventory;
$value_ip['id_object_type_field'] = $id_type_field_ip;
$value_ip['data'] = $address;
process_sql_insert('tobject_field_data', $value_ip);
$value_url = array();
$value_url['id_inventory'] = $id_inventory;
$value_url['id_object_type_field'] = $id_type_field_url;
$value_url['data'] = $url_address;
process_sql_insert('tobject_field_data', $value_url);
$value_id = array();
$value_id['id_inventory'] = $id_inventory;
$value_id['id_object_type_field'] = $id_type_field_id;
$value_id['data'] = $agent_id;
process_sql_insert('tobject_field_data', $value_id);
}
}
}示例4: array
$temp = array();
// Check if already exists
/*
* CREATE TABLE `tcompany_contact` (
`id` mediumint(8) unsigned NOT NULL auto_increment,
`id_company` mediumint(8) unsigned NOT NULL,
`fullname` varchar(150) NOT NULL default '',
`email` varchar(100) NULL default NULL,
`phone` varchar(55) NULL default NULL,
`mobile` varchar(55) NULL default NULL,
`position` varchar(150) NULL default NULL,
`description` text NULL DEFAULT NULL,
`disabled` tinyint(1) NULL default 0,
PRIMARY KEY (`id`),
FOREIGN KEY (`id_company`) REFERENCES tcompany(`id`)
ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
* */
$id_contact = get_db_value('id', 'tcompany_contact', 'fullname', safe_input($values["fullname"]));
if ($id_contact == "" and $id_company != "") {
$temp["fullname"] = safe_input(trim($values['fullname']));
$temp["email"] = safe_input(trim($values["email_address"]));
$temp["phone"] = safe_input(trim($values["phone_home"]));
$temp["mobile"] = safe_input(trim($values["phone_mobile"]));
$temp["description"] = safe_input(trim($values["description"]));
$temp["position"] = safe_input(trim($values["title"]));
$temp["id_company"] = $id_company;
process_sql_insert('tcompany_contact', $temp);
}
}
fclose($file);示例5: list_files
$base_dir = 'include/mailtemplates';
$files = list_files($base_dir, ".tpl", 1, 0);
$retval = array();
foreach ($files as $file) {
$retval[$file] = $file;
}
return $retval;
}
$update = get_parameter("upd_button", "none");
$refresh = get_parameter("edit_button", "none");
$template = get_parameter("template", "");
$data = "";
// Load template from disk to textarea
if ($refresh != "none") {
$full_filename = "include/mailtemplates/" . get_parameter("template");
$data = safe_input(file_get_contents($full_filename));
}
// Update configuration
if ($update != "none") {
$data = unsafe_string(str_replace("\r\n", "\n", $_POST["template_content"]));
$file = "include/mailtemplates/" . $template;
$fileh = fopen($file, "wb");
if (fwrite($fileh, $data)) {
echo "<h3 class='suc'>" . lang_string(__('File successfully updated')) . "</h3>";
} else {
echo "<h3 class='error'>" . lang_string(__('Problem updating file')) . " ({$file}) </h3>";
}
fclose($file);
}
$table->width = '99%';
$table->class = 'search-table-button';示例6: get_parameter
}
if ($get_data_child) {
$id_field = get_parameter('id_field', 0);
if ($id_field) {
$label_field = get_db_value_sql("SELECT label FROM tincident_type_field WHERE id=" . $id_field);
} else {
$label_field = get_parameter('label_field');
}
$label_field_enco = get_parameter('label_field_enco', 0);
if ($label_field_enco) {
$label_field_enco = str_replace(""", "", $label_field_enco);
$label_field = base64_decode($label_field_enco);
}
$id_parent = get_parameter('id_parent');
$value_parent = get_parameter('value_parent');
$value_parent = safe_input(safe_output(base64_decode($value_parent)));
$sql = "SELECT linked_value FROM tincident_type_field WHERE parent=" . $id_parent . "\n\t\t\tAND label='" . $label_field . "'";
$field_data = get_db_value_sql($sql);
$result = false;
if ($field_data != "") {
$data = explode(',', $field_data);
foreach ($data as $item) {
if ($value_parent == 'any') {
$pos_pipe = strpos($item, '|') + 1;
$len_item = strlen($item);
$value_aux = substr($item, $pos_pipe, $len_item);
$result[$value_aux] = $value_aux;
} else {
$pattern = "/^" . $value_parent . "\\|/";
if (preg_match($pattern, $item)) {
$value_aux = preg_replace($pattern, "", $item);示例7: array
$user_fields = array();
}
if (isset($_GET["borrar_grupo"])) {
$grupo = get_parameter('borrar_grupo');
enterprise_hook('delete_group');
}
$action = get_parameter("action", "edit");
$alta = get_parameter("alta");
///////////////////////////////
// LOAD USER VALUES
///////////////////////////////
if (($action == 'edit' || $action == 'update') && !$alta) {
$modo = "edicion";
$update_user = safe_output(get_parameter("update_user", ""));
// Read user data to include in form
$sql = "SELECT * FROM tusuario WHERE id_usuario = '" . safe_input($update_user) . "'";
$rowdup = get_db_row_sql($sql);
if ($rowdup === false) {
echo "<h3 class='error'>" . __('There was a problem loading user') . "</h3>";
echo "</table>";
include "general/footer.php";
exit;
} else {
$password = $rowdup["password"];
$comentarios = $rowdup["comentarios"];
$direccion = $rowdup["direccion"];
$telefono = $rowdup["telefono"];
$nivel = $rowdup["nivel"];
$nombre_real = $rowdup["nombre_real"];
$avatar = $rowdup["avatar"];
$lang = $rowdup["lang"];示例8: include_once
include_once('include/functions_crm.php');
include_once('include/functions_incidents.php');
$id = (int) get_parameter ('id');
$contact = get_db_row ('tcompany_contact', 'id', $id);
$read = check_crm_acl ('other', 'cr', $config['id_user'], $contact['id_company']);
if (!$read) {
audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation","Trying to access to contact tickets without permission");
include ("general/noaccess.php");
exit;
}
$email = safe_output($contact["email"]);
$email = trim($email);
$email = safe_input($email);
$incidents = incidents_get_by_notified_email ($email);
if (!$incidents) {
echo ui_print_error_message (__("This contact doesn't have any ticket associated"), '', true, 'h3', true);
} else {
$table->class = "listing";
$table->width = "99%";
$table->head[0] = __("ID");
$table->head[1] = __("Ticket");
$table->head[2] = __("Status");
$table->head[3] = __("Priority");
$table->head[4] = __("Updated");
$table->data = array();示例9: get_db_row
echo "<th>".__('Avg. Scoring');
$min = $offset;
$max = $offset+$config['block_size']-1;
$i = 0;
if (!empty($values)) {
foreach ($values as $key => $value){
if($i < $min || $i > $max) {
$i++;
continue;
}
$i++;
$row0 = get_db_row ("tusuario", "id_usuario", safe_input("$key"));
if ($row0){
$nombre = $row0["id_usuario"];
$avatar = $row0["avatar"];
// Get total hours for this month
$sql= "SELECT SUM(duration) FROM tworkunit WHERE timestamp > '$begin_month' AND timestamp < '$end_month' AND id_user = '$nombre'";
if ($res = mysql_query($sql)) {
$row=mysql_fetch_array($res);
}
echo "<tr><td>";
echo "<a href='index.php?sec=users&sec2=operation/users/user_edit&id=$nombre' class='tip'> <span>";
$usuario = get_db_row ("tusuario", "id_usuario", $nombre);
echo "<b>".$usuario["nombre_real"] . "</b><br>";示例10: save
/**
* Create a zip package with the /tmp files in the user folder on tattachment/file_sharing
* and delete the original files.
* Fill the files with FileSharingFile objects is required. This objects should have filled
* the params 'fullpath' and 'basename'.
*
* @return array The index 'status' shows the result of the operation, the index 'message'
* returns a message and the index 'bad_files' returns an array with the not created files.
*/
public function save()
{
global $config;
$result = array('status' => false, 'message' => '', 'badFiles' => array());
if (isset($this->files) && !empty($this->files) && is_array($this->files)) {
if (isset($this->id)) {
// Do nothing. At this moment the package edition is not supported
$result['message'] = __('At this moment the package edition is not supported');
} else {
// Package creation
if (class_exists("ZipArchive")) {
// The admin can manage the file uploads as any user
$user_is_admin = (bool) dame_admin($config['id_user']);
if ($user_is_admin) {
$id_user = get_parameter("id_user", $config['id_user']);
// If the user doesn't exist get the current user
$user_data = get_user($id_user);
if (empty($user_data)) {
$id_user = $config['id_user'];
}
$this->uploader = $id_user;
} else {
$this->uploader = $config['id_user'];
}
if (!isset($this->filename) || empty($this->filename)) {
$this->filename = 'IntegriaIMS-SharedFile';
}
if (!isset($this->description)) {
$this->description = '';
}
if (!isset($this->created)) {
$this->created = time();
}
$this->filename .= ".zip";
// Insert the package info into the tattachment table
$values = array();
$values['id_usuario'] = safe_input($this->uploader);
$values['filename'] = safe_input($this->filename);
$values['timestamp'] = date("Y-m-d", $this->created);
$values['public_key'] = hash("sha256", $id . $this->uploader . $this->filename . $this->created);
$values['file_sharing'] = 1;
$id = process_sql_insert(FileSharingFile::$dbTable, $values);
if (!empty($id)) {
$this->id = $id;
if (!file_exists(self::$fileSharingDir) && !is_dir(self::$fileSharingDir)) {
mkdir(self::$fileSharingDir);
}
$userDir = self::$fileSharingDir . "/" . $this->uploader;
if (!file_exists($userDir) && !is_dir($userDir)) {
mkdir($userDir);
}
$this->fullpath = $userDir . "/" . $this->id . "_" . $this->filename;
// Zip creation
$zip = new ZipArchive();
$res = $zip->open($this->fullpath, ZipArchive::CREATE);
if ($res === true) {
foreach ($this->files as $file) {
if (is_array($file)) {
$file = new FileSharingFile($file);
}
$fullpath = $file->getFullpath();
$basename = $file->getBasename();
if ($file->isReadable() && !empty($fullpath) && !empty($basename)) {
// Add the file to the package
if (!$zip->addFile($fullpath, $basename)) {
$result['badFiles'][] = $file;
}
} else {
$result['badFiles'][] = $file;
}
}
$zip->close();
$filesCount = count($this->files);
$badFilesCount = count($result['badFiles']);
if ($badFilesCount == 0) {
$result['status'] = true;
} else {
if ($badFilesCount < $filesCount) {
$result['status'] = true;
$result['message'] = __('Not all the files where added to the package');
} else {
$result['message'] = __('An error occurred while building the package');
}
}
// Remove the original files
foreach ($this->files as $file) {
if (is_array($file)) {
$file = new FileSharingFile($file);
}
$file->deleteFromDisk();
}
//.........这里部分代码省略.........
示例11: get_project_access
$project_access = get_project_access ($config["id_user"], $id_project);
if (!$project_access["manage"]) {
audit_db($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation","Trying to create tasks in an unauthorized project");
no_permission ();
}
}
$data_array = preg_split ("/\n/", $tasklist);
foreach ($data_array as $data_item){
$data = trim($data_item);
if ($data != "") {
$sql = sprintf ('INSERT INTO ttask (id_project, name, id_parent_task, start, end)
VALUES (%d, "%s", %d, "%s", "%s")',
$id_project, safe_input ($data), $parent, $start, $end);
$id_task = process_sql ($sql, 'insert_id');
if ($id_task) {
$sql = sprintf("SELECT id_role FROM trole_people_project
WHERE id_project = %d AND id_user = '%s'", $id_project, $owner);
$id_role = process_sql($sql);
$role = $id_role[0]['id_role'];
$sql = sprintf('INSERT INTO trole_people_task (id_user, id_role, id_task)
VALUES ("%s", %d, %d)', $owner, $role, $id_task);
$result2 = process_sql($sql);
if (! $result2) {示例12: save_message_workunit
function save_message_workunit()
{
global $config;
global $dir;
global $id;
include "include/functions_workunits.php";
$return = array('correct' => false);
$file_global_counter_chat = $dir . '/incident.' . $id . '.global_counter.txt';
$log_chat_file = $dir . '/incident.' . $id . '.log.json.txt';
//First lock the file
$fp_global_counter = @fopen($file_global_counter_chat, "a+");
if ($fp_global_counter === false) {
echo json_encode($return);
return;
}
//Try to look MAX_TIMES times
$tries = 0;
while (!flock($fp_global_counter, LOCK_EX)) {
$tries++;
if ($tries > MAX_TIMES) {
echo json_encode($return);
return;
}
sleep(1);
}
$text_encode = @file_get_contents($log_chat_file);
$log = json_decode($text_encode, true);
//debugPrint($log);
$txtChat = __('---------- CHAT -------------');
$txtChat .= "\n";
foreach ($log as $message) {
if ($message['type'] == 'notification') {
//Disabled at the moment
continue;
//$txtChat .= __("<<SYSTEM>>");
} else {
$txtChat .= $message['user_name'];
}
$txtChat .= " :> ";
$txtChat .= $message['text'];
$txtChat .= "\n";
}
create_workunit($id, safe_input($txtChat), $config['id_user']);
fclose($fp_global_counter);
$return['correct'] = true;
echo json_encode($return);
return;
}示例13: get_db_value
if (empty($values['name'])) {
continue;
}
// Check parent
if ($values["account_type"] == "") {
$values["account_type"] = "Other";
}
print $values["name"];
print " - ";
print $values["account_type"];
print "\n";
$id_company_role = get_db_value('id', 'tcompany_role', 'name', safe_input($values["account_type"]));
if ($id_company_role == "") {
$temp = array();
$temp["name"] = safe_input($values["account_type"]);
$id_company_role = process_sql_insert('tcompany_role', $temp);
// Created new company role
print "[*] Created new company role " . $temp["name"] . " with ID {$id_company_role} \n";
}
$temp = array();
// Check if already exists
$id_company = get_db_value('id', 'tcompany', 'name', safe_input($values["name"]));
if ($id_company == "") {
$temp["name"] = safe_input($values["name"]);
$temp["address"] = safe_input($values["billing_address_street"] . "\n" . $values["billing_address_city"] . "\n" . $values["billing_address_state"] . "\n" . $values["billing_address_postalcode"] . "\n" . $values["billing_address_country"]);
$temp["comments"] = safe_input($values["description"] . "\n" . $values["phone_office"] . "\n" . $values["phone_alternate"] . "\n" . $values["website"]);
$temp["id_company_role"] = $id_company_role;
process_sql_insert('tcompany', $temp);
}
}
fclose($file);示例14: get_parameter_post
/**
* Get a parameter from post request array.
*
* @param name Name of the parameter
* @param default Value returned if there were no parameter.
*
* @return Parameter value.
*/
function get_parameter_post($name, $default = "")
{
if (isset($_POST[$name]) && $_POST[$name] != "") {
return safe_input($_POST[$name]);
}
return $default;
}示例15: check_login
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
global $config;
check_login ();
include_once("include/functions_crm.php");
// We need to strip HTML entities if we want to use in a sql search
$search_string = get_parameter ("search_string","");
// Delete spaces from start and end of the search string
$search_string = safe_input(trim(safe_output($search_string)));
if ($search_string == ""){
echo "<h2>";
echo __("Global Search");
echo "</h2>";
echo "<h4>";
echo __("Empty search string");
echo "</h4>";
return;
}
echo "<h2>";
echo __("Global Search");
echo "</h2>";