本文整理汇总了PHP中safeget函数的典型用法代码示例。如果您正苦于以下问题:PHP safeget函数的具体用法?PHP safeget怎么用?PHP safeget使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了safeget函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: db_query
$r = db_query("SELECT * FROM {$table_domain} WHERE domain = 'ALL'");
if ($r['rows'] == 0) {
db_insert('domain', array('domain' => 'ALL', 'description' => '', 'transport' => ''));
// all other fields should default through the schema.
}
$values = array('username' => safepost('username'), 'password' => safepost('password'), 'password2' => safepost('password2'), 'superadmin' => 1, 'domains' => array(), 'active' => 1);
list($error, $setupMessage, $errormsg) = create_admin($values);
if ($error != 0) {
$tUsername = htmlentities($values['username']);
} else {
$setupMessage .= "<p>You are done with your basic setup. ";
$setupMessage .= "<p><b>You can now <a href='login.php'>login to PostfixAdmin</a> using the account you just created.</b>";
}
}
}
if ($setuppw == "" || $setuppw == "changeme" || safeget("lostpw") == 1 || $lostpw_error != 0) {
# show "create setup password" form
?>
<div class="standout"><?php
print $setupMessage;
?>
</div>
<div id="edit_form">
<form name="setuppw" method="post" action="setup.php">
<input type="hidden" name="form" value="setuppw" />
<table>
<td colspan="3"><h3>Change setup password</h3></td>
</tr>
<tr>
<td>Setup password</td>示例2: safeget
$phone = safeget('phone');
if (!isset(sql("tacky", 0, "select * from users where phone = {$phone}")[0])) {
sql("tacky", 0, "insert into users (name, phone) values ('{$name}', {$phone})");
}
} else {
if ($what == "new") {
$from = safeget('from');
$to = safeget('to');
$title = safeget('title');
$fromKey = safeoffset(sql("tacky", 0, "select id from users where phone = {$from}"))[0];
$toKey = safeoffset(sql("tacky", 0, "select id from users where phone = {$to}"))[0];
sql("tacky", 0, "insert into tasks (who_from, who_to, name) values ({$fromKey}, {$toKey}, '{$title}')");
} else {
if ($what == "move") {
$id = safeget('id');
$comp = safeget('comp');
sql("tacky", 0, "update tasks set completion = {$comp} where id = {$id}");
}
}
}
}
}
}
}
}
header('Content-Type: application/json');
if (isset($data)) {
echo json_encode($data);
}
function safeget($key)
{示例3: safeget
<?php
include "sql.php";
$score = safeget("score");
$whichgrade = safeget("grade");
if (strlen($score) == 0) {
header("Location: index.php");
die;
}
for ($i = 0; $i < strlen($score); $i++) {
if (!($score[$i] >= '0' && $score[$i] <= '9')) {
die("asshole.");
}
}
if (!isset(sql("mathclass", 1, "select * from grades where grade = '{$whichgrade}'")[0])) {
die("asshole.");
}
$qry = "create table if not exists {$whichgrade} (score int);";
sql("mathclass", 1, $qry);
$qry = "insert into {$whichgrade} values ({$score});";
sql("mathclass", 0, $qry);
$count = sizeof(sql("mathclass", 0, "select * from {$whichgrade}"));
$qry = "create table if not exists " . $whichgrade . "_max (m int)";
sql("mathclass", 0, $qry);
$maxresults = sql("mathclass", 0, "select * from " . $whichgrade . "_max");
if (isset($maxresults[0])) {
$max = $maxresults[0][0];
if ($count > $max) {
sql("mathclass", 0, "delete from " . $whichgrade . "_max where m = {$max}");
sql("mathclass", 0, "insert into " . $whichgrade . "_max values ({$count})");
}示例4: safeget
* tInterval_time
*
* Form POST \ GET Variables:
*
* fUsername
* fDomain
* fCancel
* fChange
* fBack
* fActive
*/
require_once 'common.php';
// only allow admins to change someone else's 'stuff'
if (authentication_has_role('admin')) {
$Admin_role = 1;
$fUsername = safeget('username');
list(, $fDomain) = explode('@', $fUsername);
$Return_url = "list-virtual.php?domain=" . urlencode($fDomain);
# TODO: better check for valid username (check if mailbox exists)
# TODO: (should be done in VacationHandler)
if ($fDomain == '' || !check_owner(authentication_get_username(), $fDomain)) {
die("Invalid username!");
# TODO: better error message
}
} else {
$Admin_role = 0;
$Return_url = "main.php";
authentication_require_role('user');
$fUsername = authentication_get_username();
}
// is vacation support enabled in $CONF ?示例5: error
<?php
include_once "../inc/global.inc.php";
require "../inc/user.inc.php";
/*
* 请求处理,如果没有相应的处理程序,发出错误信息
*/
if (!is_admins() && !is_manager()) {
error("Admin Only Operation");
}
$act = safeget('act');
$avail_functions = array('AddContestProblem', 'AddProblem', 'ContestEditProblem', 'CreateContest', 'EditContest', 'DeleteContest', 'IncContestProblem', 'DecContestProblem', 'EditContestProblem', 'DeleteProblem', 'DeleteContestProblem', 'EditProblem', 'ImportArchiveProblem', 'ExportProblem', 'ExportSource', 'ExportContest', 'RejudgeProblem', 'ResetContest', 'StartContest', 'CreateCourse', 'EditCourse', 'DeleteCourse', 'KickoutUser', 'StdSubmit');
if (in_array($act, $avail_functions) && function_exists($act)) {
if (strtoupper($_SERVER['REQUEST_METHOD']) == "GET") {
$arg =& $_GET;
} else {
$arg =& $_POST;
}
$act($arg);
} else {
error('Illegal Opeartions');
}
exit;
/*
* 上传rar和zip测试数据
*/
function ArchiveUpload(&$arg, $problem_prefix, $handle)
{
// extract files
$archive_file_name = $_FILES['arcfile']['tmp_name'];
// unrar示例6: authentication_require_role
*
* fDomain
* fDisplay
* search
*/
require_once 'common.php';
authentication_require_role('admin');
$admin_username = authentication_get_username();
$list_domains = list_domains_for_admin($admin_username);
$page_size = $CONF['page_size'];
$fDomain = safepost('fDomain', safeget('domain', safesession('list-virtual:domain')));
if (safesession('list-virtual:domain') != $fDomain) {
unset($_SESSION['list-virtual:limit']);
}
$fDisplay = (int) safepost('limit', safeget('limit', safesession('list-virtual:limit')));
$search = safepost('search', safeget('search', array()));
# not remembered in the session
if (!is_array($search)) {
die(Config::Lang('invalid_parameter'));
}
if (count($list_domains) == 0) {
if (authentication_has_role('global-admin')) {
flash_error($PALANG['no_domains_exist']);
} else {
flash_error($PALANG['no_domains_for_this_admin']);
}
header("Location: list.php?table=domain");
# no domains (for this admin at least) - redirect to domain list
exit;
}
if (is_array($list_domains) and sizeof($list_domains) > 0) {示例7: db_query_parsed
/**
* Replaces database specific parts in a query
* @param String sql query with placeholders
* @param int (optional) whether errors should be ignored (0=false)
* @param String (optional) MySQL specific code to attach, useful for COMMENT= on CREATE TABLE
* @return String sql query
*/
function db_query_parsed($sql, $ignore_errors = 0, $attach_mysql = "")
{
global $CONF;
if ($CONF['database_type'] == 'mysql' || $CONF['database_type'] == 'mysqli') {
$replace = array('{AUTOINCREMENT}' => 'int(11) not null auto_increment', '{PRIMARY}' => 'primary key', '{UNSIGNED}' => 'unsigned', '{FULLTEXT}' => 'FULLTEXT', '{BOOLEAN}' => "tinyint(1) NOT NULL DEFAULT '" . db_get_boolean(False) . "'", '{UTF-8}' => '/*!40100 CHARACTER SET utf8 */', '{LATIN1}' => '/*!40100 CHARACTER SET latin1 */', '{IF_NOT_EXISTS}' => 'IF NOT EXISTS', '{RENAME_COLUMN}' => 'CHANGE COLUMN', '{MYISAM}' => 'ENGINE=MyISAM', '{INNODB}' => 'ENGINE=InnoDB', '{INT}' => 'integer NOT NULL DEFAULT 0', '{BIGINT}' => 'bigint NOT NULL DEFAULT 0', '{DATE}' => "timestamp NOT NULL default '2000-01-01'", '{DATECURRENT}' => 'timestamp NOT NULL default CURRENT_TIMESTAMP');
$sql = "{$sql} {$attach_mysql}";
} elseif ($CONF['database_type'] == 'pgsql') {
$replace = array('{AUTOINCREMENT}' => 'SERIAL', '{PRIMARY}' => 'primary key', '{UNSIGNED}' => '', '{FULLTEXT}' => '', '{BOOLEAN}' => "BOOLEAN NOT NULL DEFAULT '" . db_get_boolean(False) . "'", '{UTF-8}' => '', '{LATIN1}' => '', '{IF_NOT_EXISTS}' => '', '{RENAME_COLUMN}' => 'ALTER COLUMN', '{MYISAM}' => '', '{INNODB}' => '', '{INT}' => 'integer NOT NULL DEFAULT 0', '{BIGINT}' => 'bigint NOT NULL DEFAULT 0', 'int(1)' => 'int', 'int(10)' => 'int', 'int(11)' => 'int', 'int(4)' => 'int', '{DATE}' => "timestamp with time zone default '2000-01-01'", '{DATECURRENT}' => 'timestamp with time zone default now()');
} else {
echo "Sorry, unsupported database type " . $conf['database_type'];
exit;
}
$replace['{BOOL_TRUE}'] = db_get_boolean(True);
$replace['{BOOL_FALSE}'] = db_get_boolean(False);
$query = trim(str_replace(array_keys($replace), $replace, $sql));
if (safeget('debug') != "") {
printdebug($query);
}
$result = db_query($query, $ignore_errors);
if (safeget('debug') != "") {
print "<div style='color:#f00'>" . $result['error'] . "</div>";
}
return $result;
}示例8: safeget
<?php
require "./navigation.php";
$cid = safeget('cid');
$contest = new ContestsTbl($cid);
$contest->Get() or error("No such contest");
if (isset($_POST['pwd'])) {
$pwd = safepost('pwd');
if ($contest->detail['authtype'] != 'password') {
error("No password is needed");
}
if ($contest->detail['pwd'] == $pwd) {
$_SESSION["access{$cid}"] = 1;
MsgAndRedirect("contest_detail.php?cid={$cid}");
} else {
$error_msg = "Password Incorrect";
}
}
if (isset($_SESSION["access{$cid}"]) && $_SESSION["access{$cid}"] == 1 || $contest->detail['authtype'] != 'password') {
// already auth
MsgAndRedirect("contest_detail.php?cid={$cid}");
}
?>
<div class="background_container">
<div class="ui-corner-all ui-widget-content">
<table width="900" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="300" height="100" bgcolor="#F0F0F0"><img src="images/register_01.jpg" width="300" height="100"></td>示例9: die
* @license GNU GPL v2 or later.
*
* File: delete.php
* Used to delete admins, domains, mailboxes, aliases etc.
*
* Template File: none
*/
require_once 'common.php';
if (safeget('token') != $_SESSION['PFA_token']) {
die('Invalid token!');
}
$username = authentication_get_username();
# enforce login
$id = safeget('id');
$table = safeget('table');
$active = safeget('active');
$handlerclass = ucfirst($table) . 'Handler';
if (!preg_match('/^[a-z]+$/', $table) || !file_exists("model/{$handlerclass}.php")) {
# validate $table
die("Invalid table name given!");
}
$handler = new $handlerclass(0, $username);
$formconf = $handler->webformConfig();
authentication_require_role($formconf['required_role']);
if ($handler->init($id)) {
# errors will be displayed as last step anyway, no need for duplicated code ;-)
if ($active != '0' && $active != '1') {
die(Config::Lang('invalid_parameter'));
}
if ($handler->set(array('active' => $active))) {
$handler->store();示例10: authentication_require_role
*
* Template Variables: -none-
*
* Form POST \ GET Variables: -none-
*/
require_once 'common.php';
authentication_require_role('global-admin');
$CONF['backup'] == 'NO' ? header("Location: main.php") && exit : '1';
// TODO: make backup supported for postgres
if (db_pgsql()) {
flash_error('Sorry: Backup is currently not supported for your DBMS (' . $CONF['database_type'] . ').');
$smarty->assign('smarty_template', 'message');
$smarty->display('index.tpl');
die;
}
if (safeget('download') == "") {
$smarty->assign('smarty_template', 'backupwarning');
$smarty->display('index.tpl');
die;
}
# Still here? Then let's create the database dump...
/*
SELECT attnum,attname,typname,atttypmod-4,attnotnull,atthasdef,adsrc
AS def FROM pg_attribute,pg_class,pg_type,pg_attrdef
WHERE pg_class.oid=attrelid AND pg_type.oid=atttypid
AND attnum>0 AND pg_class.oid=adrelid AND adnum=attnum AND atthasdef='t' AND lower(relname)='admin'
UNION SELECT attnum,attname,typname,atttypmod-4,attnotnull,atthasdef,''
AS def FROM pg_attribute,pg_class,pg_type
WHERE pg_class.oid=attrelid
AND pg_type.oid=atttypid
AND attnum>0示例11: flash_error
}
$_SESSION["search_{$table}"] = $search;
$_SESSION["searchmode_{$table}"] = $searchmode;
if (count($search)) {
$handler->getList($search, $searchmode);
} else {
$handler->getList('');
}
$items = $handler->result();
if (count($handler->errormsg)) {
flash_error($handler->errormsg);
}
if (count($handler->infomsg)) {
flash_error($handler->infomsg);
}
if (safeget('output') == 'csv') {
$out = fopen('php://output', 'w');
header('Content-Type: text/csv; charset=utf-8');
header('Content-Disposition: attachment;filename=' . $table . '.csv');
print "";
# utf8 byte-order to indicate the file is utf8 encoded
# print "sep=;"; # hint that ; is used as seperator - breaks the utf8 flag in excel import!
print "\n";
if (!defined('ENT_HTML401')) {
# for compability for PHP < 5.4.0
define('ENT_HTML401', 0);
}
# print column headers as csv
$header = array();
$columns = array();
foreach ($handler->getStruct() as $key => $field) {示例12: safeget
$func = safeget($_REQUEST, "func", null, false);
$param = safeget($_REQUEST, "param", null, false);
if ($param != null) {
// Make sure we don't have escaped quotes
if (get_magic_quotes_gpc()) {
$param = stripslashes($param);
}
}
////////////////////////////////////////////////////////////////////////////
// Now, check if the call is correctly signed.
// Compare our own computed signature with the received signature
$REQUEST_IS_SIGNED = strcmp(md5($SIGNATURE_SECRET . $func . $param), $signature) == 0;
////////////////////////////////////////////////////////////////////////////
// Log the call
$now = date("Y-m-d H:i:s");
$logline = "[{$now}][" . basename(__FILE__) . "] Signed=" . $REQUEST_IS_SIGNED . " Func=" . safeget($_REQUEST, "func", null, false) . " Param=" . safeget($_REQUEST, "param", null, false);
$logline .= "\r\n";
$logname = "calllog_" . date("Y-m-d") . ".txt";
file_put_contents($logname, $logline, FILE_APPEND);
////////////////////////////////////////////////////////////////////////////
// Test the method name
if ($func === null) {
echo "No function name found!";
exit;
}
////////////////////////////////////////////////////////////////////////////
// Optionally, get the param
if ($param != null) {
// If we have a param, then try to convert it from json
$decode = json_decode($param, true);
if ($decode != NULL) {示例13: authentication_require_role
*
* POST:
* - save
* - cancel
* - all editable form values, see $fm_struct
*/
require_once 'common.php';
authentication_require_role('admin');
$extra_options = 0;
if ($CONF['fetchmail_extra_options'] == 'YES') {
$extra_options = 1;
}
# import control GET/POST variables. Form values are imported below.
$new = (int) safeget("new") == 1 ? 1 : 0;
$edit = (int) safeget("edit");
$delete = (int) safeget("delete");
$save = safepost("save") != "" ? 1 : 0;
$cancel = safepost("cancel") != "" ? 1 : 0;
$display_status = 1;
if ($new || $edit) {
$display_status = 0;
}
$fm_struct = array("id" => array(0, 0, 'id'), "mailbox" => array(1, 1, 'enum'), "src_server" => array(1, 1, 'text'), "src_auth" => array(1, 1, 'enum'), "src_user" => array(1, 1, 'text'), "src_password" => array(1, 0, 'password'), "src_folder" => array(1, 1, 'text'), "poll_time" => array(1, 1, 'num'), "fetchall" => array(1, 1, 'bool'), "keep" => array(1, 1, 'bool'), "protocol" => array(1, 1, 'enum'), "extra_options" => array($extra_options, $extra_options, 'longtext'), "mda" => array($extra_options, $extra_options, 'longtext'), "date" => array(0, $display_status, 'text'), "returned_text" => array(0, $display_status, 'longtext'));
# labels and descriptions are taken from $PALANG['pFetchmail_field_xxx'] and $PALANG['pFetchmail_desc_xxx']
# TODO: After pressing save or cancel in edit form, date and returned text are not displayed in list view.
# TODO: Reason: $display_status is set before $new and $edit are reset to 0.
# TODO: Fix: split the "display field?" column into "display in list" and "display in edit mode".
$SESSID_USERNAME = authentication_get_username();
if (!$SESSID_USERNAME) {
exit;
}示例14: authentication_require_role
* tMessage
*
* Form POST \ GET Variables:
*
* fTable
* fDelete
* fDomain
*/
require_once 'common.php';
authentication_require_role('admin');
$SESSID_USERNAME = authentication_get_username();
$error = 0;
$fTable = escape_string(safeget('table'));
# see the if blocks below for valid values
$fDelete = escape_string(safeget('delete'));
$fDomain = escape_string(safeget('domain'));
$error = 0;
if ($fTable == "admin") {
authentication_require_role('global-admin');
$fWhere = 'username';
$result_admin = db_delete($table_admin, $fWhere, $fDelete);
$result_domain_admins = db_delete($table_domain_admins, $fWhere, $fDelete);
if (!($result_admin == 1) and $result_domain_admins >= 0) {
$error = 1;
$tMessage = $PALANG['pAdminDelete_admin_error'];
} else {
$url = "list-admin.php";
header("Location: {$url}");
}
} elseif ($fTable == "domain") {
authentication_require_role('global-admin');示例15: db_query_parsed
/**
* Replaces database specific parts in a query
* @param String sql query with placeholders
* @param int (optional) whether errors should be ignored (0=false)
* @param String (optional) MySQL specific code to attach, useful for COMMENT= on CREATE TABLE
* @return String sql query
*/
function db_query_parsed($sql, $ignore_errors = 0, $attach_mysql = "")
{
global $CONF;
if ($CONF['database_type'] == 'mysql' || $CONF['database_type'] == 'mysqli') {
$replace = array('{AUTOINCREMENT}' => 'int(11) not null auto_increment', '{PRIMARY}' => 'primary key', '{UNSIGNED}' => 'unsigned', '{FULLTEXT}' => 'FULLTEXT', '{BOOLEAN}' => 'tinyint(1) NOT NULL', '{UTF-8}' => '/*!40100 CHARACTER SET utf8 COLLATE utf8_unicode_ci */', '{LATIN1}' => '/*!40100 CHARACTER SET latin1 COLLATE latin1_swedish_ci */', '{IF_NOT_EXISTS}' => 'IF NOT EXISTS', '{RENAME_COLUMN}' => 'CHANGE COLUMN');
$sql = "{$sql} {$attach_mysql}";
} elseif ($CONF['database_type'] == 'pgsql') {
$replace = array('{AUTOINCREMENT}' => 'SERIAL', '{PRIMARY}' => 'primary key', '{UNSIGNED}' => '', '{FULLTEXT}' => '', '{BOOLEAN}' => 'BOOLEAN NOT NULL', '{UTF-8}' => '', '{LATIN1}' => '', '{IF_NOT_EXISTS}' => '', '{RENAME_COLUMN}' => 'ALTER COLUMN', 'int(1)' => 'int', 'int(10)' => 'int', 'int(11)' => 'int', 'int(4)' => 'int');
} else {
echo "Sorry, unsupported database type " . $conf['database_type'];
exit;
}
$replace['{BOOL_TRUE}'] = db_get_boolean(True);
$replace['{BOOL_FALSE}'] = db_get_boolean(False);
$query = trim(str_replace(array_keys($replace), $replace, $sql));
if (safeget('debug') != "") {
print "<p style='color:#999'>{$query}";
}
$result = db_query($query, $ignore_errors);
if (safeget('debug') != "") {
print "<div style='color:#f00'>" . $result['error'] . "</div>";
}
return $result;
}