本文整理汇总了PHP中sanitizeInput函数的典型用法代码示例。如果您正苦于以下问题:PHP sanitizeInput函数的具体用法?PHP sanitizeInput怎么用?PHP sanitizeInput使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了sanitizeInput函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: genBestOfPlaylist
function genBestOfPlaylist($showid)
{
$final_output = array();
$cdcodes = array();
//don't play the same CD twice
sanitizeInput($showid);
/** get all the non-optional cdcodes/tracks from the current playlist **/
//logbookID showID lb_album_code lb_rotation lb_track_num lb_track_name
//lb_artist lb_album lb_label time_played played deleted
$qv = sprintf("SELECT lb_album_code, lb_track_num FROM `logbook` WHERE showID = %s AND lb_rotation != '0' ORDER BY logbookID ASC", $showid);
$rt = mysql_query($qv) or die("MySQL Error near line " . __LINE__ . " in automation_generate_showplist\n" . $qv . "\n: " . mysql_error());
// echo "ROWS: ".mysql_num_rows($rt)."\n";
while ($song = mysql_fetch_array($rt, MYSQL_ASSOC)) {
$cdcode = $song['lb_album_code'];
$trnum = $song['lb_track_num'];
if ($cdcode == "" || $trnum == "") {
continue;
}
/** for this one song, pull artist, album, label info **/
//albumID album_name num_discs lbum_code artistID
//labelID mediumID genre general_genreID rotationID
$qw = sprintf("SELECT * FROM `libartist`, `libalbum`, `liblabel`, `def_rotations` " . "WHERE libalbum.album_code = '%s' AND " . "libalbum.artistID = libartist.artistID AND " . "libalbum.labelID = liblabel.labelID AND " . "def_rotations.rotationID = libalbum.rotationID LIMIT 1", $cdcode);
$ru = mysql_query($qw) or die("MySQL Error near line " . __LINE__ . ": " . mysql_error());
$cd = mysql_fetch_array($ru, MYSQL_ASSOC);
$cdid = $cd['albumID'];
/** get the song and file names **/
// libtrack: track_name disc_num track_num
// artistID airabilityID file_name albumID
$qx = sprintf("SELECT track_name, file_name \n\t\t\tFROM `libtrack` \n\t\t\tWHERE albumID = '%s' \n\t\t\tAND track_num = '%s'\n\t\t\tAND airabilityID <= 1 \n\t\t\tLIMIT 1", $cdid, $trnum);
$rv = mysql_query($qx) or die("MySQL Error near line " . __LINE__ . ": " . mysql_error());
$track = mysql_fetch_array($rv, MYSQL_ASSOC);
/** it's here, and it hasn't been played in *this* set before **/
if ($track['file_name'] != "" && !in_array($cdcode, $cdcodes)) {
$cdcodes[] = $cdcode;
$output = array();
$output[] = $cdcode;
//0
$output[] = $trnum;
$output[] = $cd['genre'];
$output[] = substr($cd['rotation_bin'], 0, 1);
$output[] = $cd['artist_name'];
$output[] = $track['track_name'];
$output[] = $cd['album_name'];
$output[] = $cd['label'];
$output[] = $track['file_name'];
//8
$final_output[] = $output;
}
}
return $final_output;
}示例2: database_handler
*
* Dette programmet gjør det mulig å legge til nye
* bedrifter til databasen.
************************************************/
// Henter innstillinger og kobler til databasen
require_once "../settings.php";
require_once $document_root . "handler/database_handler.php";
$database_handler = new database_handler();
// Objekt-klasse for bedrifter
require_once "../object/company.php";
// Sjekker om brukeren har lagret
if (isset($_POST["company_submit"])) {
$company_name = sanitizeInput($_POST["company_name"]);
$company_street_address = sanitizeInput($_POST["company_street_address"]);
$company_postal_code = sanitizeInput($_POST["company_postal_code"]);
$company_city = sanitizeInput($_POST["company_city"]);
// Validerer informasjonen fra brukeren
$error_message = array();
// Validerer navn
if (strlen($company_name) == 0) {
$error_message[] = "Navn er ikke riktig utfylt.";
}
// Validerer gateadresse
if (strlen($company_street_address) == 0) {
$error_message[] = "Gateadresse er ikke riktig utfylt.";
}
// Validerer postnummeret
if (!$database_handler->validPostalCode($company_postal_code)) {
$error_message[] = "Postnummer er ikke riktig utfylt.";
}
// Oppretter company-objekt om informasjonen er tilfredsstillende utfylt示例3: date
echo "</SELECT>";
/* make year selector */
echo "<SELECT NAME=" . $inName . "Year>\n";
$startYear = date("Y", $useDate);
for ($currentYear = $startYear - 5; $currentYear <= $startYear + 5; $currentYear++) {
echo "<OPTION VALUE=\"{$currentYear}\"";
if (date("Y", $useDate) == $currentYear) {
echo " SELECTED";
}
echo ">{$currentYear}\n";
}
echo "</SELECT>";
}
//end date selector
$id3 = new getID3();
sanitizeInput();
$dirCurrent = urldecode($_GET['path']);
//security is above...
$cartGet = urldecode($_GET['cart']);
$cartName = explode(".", $cartGet);
$cartPath = $dirCurrent . "/" . $cartGet;
if (chdir($dirCurrent) === FALSE) {
die("Error: Could not change to " . $dirCurrent . "\n");
}
$dirCurrent = getcwd();
if (strpos($dirCurrent, BASE_DIR) === FALSE) {
header("Location: " . $_SERVER['HTTP_REFERER']);
}
echo "<h1>PRELIMINARY IMPORT SYSTEM</h1>\n";
echo "<h3>Import a Cart</h3>\n";
echo "<p>This page imports <b>carts.</b> K? Or go <a href='" . $_SERVER['HTTP_REFERER'] . "'>back</a>...</p>\n";示例4: build_table
function build_table($sql, $list)
{
global $bg_colors;
$sth = dbquery($sql);
$rows = mysql_num_rows($sth);
if ($rows > 0) {
echo '<table class="blackwhitelist">' . "\n";
echo ' <tr>' . "\n";
echo ' <th>' . __('from07') . '</th>' . "\n";
echo ' <th>' . __('to07') . '</th>' . "\n";
echo ' <th>' . __('action07') . '</th>' . "\n";
echo ' </tr>' . "\n";
$i = 1;
while ($row = mysql_fetch_row($sth)) {
$i = 1 - $i;
$bgcolor = $bg_colors[$i];
echo ' <tr>' . "\n";
echo ' <td style="background-color: ' . $bgcolor . '; ">' . $row[1] . '</td>' . "\n";
echo ' <td style="background-color: ' . $bgcolor . '; ">' . $row[2] . '</td>' . "\n";
echo ' <td style="background-color: ' . $bgcolor . '; "><a href="' . sanitizeInput($_SERVER['PHP_SELF']) . '?submit=Delete&id=' . $row[0] . '&to=' . $row[2] . '&list=' . $list . '">' . __('delete07') . '</a><td>' . "\n";
echo ' </tr>' . "\n";
}
echo '</table>' . "\n";
} else {
echo "No entries found.\n";
}
}示例5: sanitizeInput
include_once '../configuration/db.php';
include_once '../function/funcs.php';
$originalCatDesc = sanitizeInput($_POST['originalCatDesc']);
$originalCatName = sanitizeInput($_POST['originalCatName']);
$catDesc = sanitizeInput($_POST['catDesc']);
$catName = sanitizeInput($_POST['catName']);
$connection = new mysqli(HOST, USER, PSW, DB);
$query = "UPDATE category SET name='" . $catName . "',description='" . $catDesc . "' WHERE name='" . $originalCatName . "'";
$exec = $connection->query($query);
if ($exec) {
echo "Category updated!";
} else {
echo $connection->error;
}
$connection->close();
}
//function: cpanelCategory - edit category
if (isset($_POST['delCategory'])) {
include_once '../configuration/db.php';
include_once '../function/funcs.php';
$catName = sanitizeInput($_POST['catName']);
$connection = new mysqli(HOST, USER, PSW, DB);
$query = "DELETE FROM category WHERE name='" . $catName . "'";
$exec = $connection->query($query);
if ($exec) {
echo "Category deleted!";
} else {
echo $connection->error;
}
$connection->close();
}示例6: session_start
As a special exception, you have permission to link this program with the JpGraph library and
distribute executables, as long as you follow the requirements of the GNU GPL in regard to all of the software
in the executable aside from JpGraph.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
//Require files
require_once './functions.php';
// Authentication verification and keep the session alive
session_start();
require './login.function.php';
html_start("GeoIP Database Update", 0, false, false);
if (!isset($_POST['run'])) {
echo '<form method="POST" action="' . sanitizeInput($_SERVER['PHP_SELF']) . '">
<input type="hidden" name="run" value="true">
<table class="boxtable" width="100%">
<tr>
<td>
This utility is used to download the GeoIP database files (which are updated on the first Tuesday of each month) from <a href="http://dev.maxmind.com/geoip/legacy/geolite/" target="_maxmind">MaxMind</a> which is used to work out the country of origin for any given IP address and is displayed on the Message Detail page.<br><br>
</td>
</tr>
<tr>
<td align="center"><br><input type="SUBMIT" value="Run Now"><br><br></td>
</tr>
</table>
</form>' . "\n";
} else {
ob_start();
echo "Downloading file, please wait....<br>\n";示例7: ob_start
<?php
//Use output buffer mode
ob_start();
//Start session
session_start();
//Include database config
require_once "php/config.php";
//Include components;
require_once "php/components.php";
//Include functions;
require_once "php/functions.php";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$userName = sanitizeInput($_POST['userName']);
$password = sanitizeInput($_POST['password']);
if (validateLoginParam($userName, $password)) {
login($userName, $password);
} else {
$loginPaneVisibility = "visible";
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>Vancouver Guide</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="style/homepage.css" rel="stylesheet" type="text/css">
<link href="style/base.css" rel="stylesheet" type="text/css">示例8: Process_Form
//.........这里部分代码省略.........
// Target and Action must both have values
// delete rule if they don't
if ($_POST[$target] == "" or $_POST[$action] == "") {
continue;
}
if (strtolower($_POST[$target]) == "default") {
// Default 'direction' can only be "Virus:" or "FromOrTo:"
if ($_POST[$direction] == "Virus:") {
$default_direction = "Virus:";
} else {
$default_direction = "FromOrTo:";
}
$default_action = $_POST[$action];
$default_desc = $_POST[$description];
continue;
}
// check to see if any rule action was specified, like delete,
// disable, enable.
// If so, we need to do something here..
//echo "$rule_action: |" . $_POST[$rule_action] . "|<br>\n";
if (isset($_POST[$rule_action])) {
switch ($_POST[$rule_action]) {
case "Delete":
// deletions are simple, just ignore this rule and
// go to the next one (and it won't get written to
// the new file)
//echo "rule$i: $rule_action says delete<br>\n";
continue 2;
case "Disable":
// to disable a rule, we simply add "#DISABLED" to the
// beginning of the direction field,
// which will end up being the first thing on the line
$_POST[$direction] = "#DISABLED#" . $_POST[$direction];
break;
case "Enable":
// enable is the opposite of disable..
$_POST[$direction] = preg_replace("/^#DISABLED#/", "", $_POST[$direction]);
break;
}
}
//echo "after case, rule $i<br>\n";
// make sure there's something there... direction is required
if (!isset($_POST[$and])) {
$_POST[$and] = "";
}
// if any of the "and" parts are missing, clear the whole and part
if ($_POST[$and] == "" or $_POST[$and_direction] == "" or $_POST[$and_target] == "") {
$_POST[$and] = "";
$_POST[$and_direction] = "";
$_POST[$and_target] = "";
}
if (isset($_POST[$direction])) {
if ($_POST[$direction]) {
//echo "$direction: $_POST[$direction]<br>\n";
$new_ruleset[] = array("description" => $_POST[$description], "direction" => $_POST[$direction], "target" => $_POST[$target], "and" => $_POST[$and], "and_direction" => $_POST[$and_direction], "and_target" => $_POST[$and_target], "action" => $_POST[$action]);
}
}
}
// ok, at this point I think we can finish assembling the new file
foreach ($new_ruleset as $new_rule) {
$new_file[] = "#" . $new_rule["description"] . "\n" . $new_rule["direction"] . "\t" . $new_rule["target"] . "\t" . $new_rule["and"] . "\t" . $new_rule["and_direction"] . "\t" . $new_rule["and_target"] . "\t" . $new_rule["action"] . "\n";
}
// and add on the default rule if there is one.
if ($default_action != "") {
$new_file[] = "#" . sanitizeInput($default_desc) . "\n";
$new_file[] = sanitizeInput($default_direction) . "\tdefault\t\t\t" . sanitizeInput($default_action) . "\n";
}
// ### ---> Debugging
/*
echo "<span class=\"debug\">\n";
echo "new file:<br>\n";
echo "<pre>";
foreach ($new_file as $line) {
echo $line;
}
echo "</pre>\n";
echo "</span>\n";
*/
// mmmkay, now we should be able to write the new file
$getFile = basename(sanitizeInput($_GET["file"]));
$filename = MSRE_RULESET_DIR . "/" . $getFile;
list($bytes, $status_msg) = Write_File($filename, $new_file);
// schedule a reload of mailscanner's stuff. We can't do an immediate
// reload w/out giving the apache user rights to run the MailScanner
// startup/reload script, and that could be a bad idea...
//So instead, I schedule a reload with the msre_reload.cron cron job
$status_msg .= "<span class=\"status\">\n";
$status_msg .= "Scheduling reload of MailScanner...";
$fh = fopen("/tmp/msre_reload", "w");
// we don't need to write to the file, just it existing is enough
if (!$fh) {
$status_msg .= "<span class=\"error\">**ERROR** Couldn't schedule a reload of " . "MailScanner! (You will have to manually do a " . "|/etc/init.d/MailScanner reload| )</span><br>\n";
} else {
$status_msg .= "Ok.<br>\n" . "Your changes will take effect in the next " . MSRE_RELOAD_INTERVAL . " minutes, when MailScanner reloads.<br>\n";
}
$status_msg .= "</span>\n";
$returnvalue = array($bytes, $status_msg);
return $returnvalue;
}示例9: updateArea
function updateArea($aData)
{
global $db;
$iAreaID = $aData['hdArea'];
// first update the area info
$db->query("update areas " . "set area_name=" . sanitizeInput($aData['tbName']) . ", area_desc=" . sanitizeInput($aData['tbDesc']) . ", " . "area_templ=" . sanitizeInput($aData['taTempl']) . " " . "where area_id={$iAreaID}");
// clear the areasuper list
$db->query("delete from areasuper where as_area_id={$iAreaID}");
// now do the supervisor updates
foreach ($aData['msSupers'] as $Super) {
$Super = sanitizeInput($Super);
$db->query("insert into areasuper values(null,{$iAreaID},{$Super})");
}
}示例10: session_start
//Start session
if (!isset($_SESSION)) {
session_start();
}
//Include database configure
require_once "config.php";
//Include components
require_once "components.php";
//Include control functions
require_once "functions.php";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
//Retrive register data from request (POST)
$userName = sanitizeInput($_POST["userName"]);
$password = sanitizeInput($_POST["password"]);
$confirmPassword = sanitizeInput($_POST["confirmPassword"]);
$email = sanitizeInput($_POST["email"]);
if (validateRegisterParam($userName, $password, $confirmPassword, $email)) {
dbAddAccount($userName, $password, $email);
header('location:' . 'loginPage.php');
}
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Servival Guide for International Students </title>
<link href="../style/base.css" rel="stylesheet" type="text/css">
<link href="../style/homepage.css" rel="stylesheet" type="text/css">示例11: checkUser
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
// $Id: editNotes.php,v 1.9 2005/10/30 22:37:19 atrommer Exp $
checkUser($_SESSION['USERTYPE'], 2);
// check for postback
if ($_POST['isPostback']) {
updateNotes($_POST['hdEvent'], sanitizeInput($_POST['taComments']));
redirect('editSched.php?area=' . $_POST['area']);
}
if (isset($_REQUEST['event'])) {
$oEvent = getEventDetails($_REQUEST['event']);
// if we don't have a month set, pull it from area
if (strlen($oEvent->event_comments)) {
$sNotes = $oEvent->event_comments;
} else {
$sNotes = getAreaTempl($_REQUEST['area']);
}
} else {
accessDenied("Please choose an event to edit first using Manage Schedules");
}
doHeader("Editing notes for " . $oEvent->event_name, 'taComments');
?>示例12: ed_da_delta_appointments_delPay_action_callback
function ed_da_delta_appointments_delPay_action_callback()
{
global $wpdb;
$id_cd = isset($_POST['id_cd']) ? sanitizeInput($_POST['id_cd'], "n") : "";
$payDate = isset($_POST['payDate']) ? sanitizeInput($_POST['payDate'], "notes") : "";
$payAmount = isset($_POST['payAmount']) ? sanitizeInput($_POST['payAmount'], "notes") : "";
$payDate = convertDate($payDate, false);
$workWithModels = new ManipulateTables();
// Refer to views.php#32 about table_tabs
$table_tabs = $wpdb->prefix . 'ed_da_delta_appointments_tabs';
$wpdb->update($table_tabs, array('tabs' => 'paymentsTab'), array('id' => 1));
echo $workWithModels->deletePay($id_cd, $payDate, $payAmount);
wp_die();
}示例13: empty
" method="post">
<fieldset>
<legend><?php
echo empty($acronym_id) ? 'Nouvel acronyme' : "Modification de l'acronyme <acronym>{$acronym_id}</acronym>";
?>
</legend>
<p><label>Acronyme : <input type="text" id="acronym" name="acronym"<?php
if (!empty($acroinfos['acronym'])) {
echo ' value="', $acroinfos['acronym'], '"';
}
?>
/></label></p>
<p><label>Signification : <input type="text" id="content" name="content"<?php
if (!empty($acroinfos['content'])) {
echo ' value="', sanitizeInput($acroinfos['content']), '"';
}
?>
/></label></p>
<p><label>Langue : <input type="text" id="lang" name="lang"<?php
if (!empty($acroinfos['lang'])) {
echo ' value="', $acroinfos['lang'], '"';
}
?>
/></label></p>
<p><?php
if (!empty($acronym_id)) {
echo '<input type="hidden" name="acronym_id" id="acronym_id" value="', $acronym_id, '" />';
}示例14: sanitizeInput
<?php
if (isset($_POST['field1'])) {
$data = $_POST['field1'] . "\n";
$data = sanitizeInput($data);
$ret = file_put_contents('FULL_PATH_TO/tmp/mydata.txt', $data, FILE_APPEND | LOCK_EX);
if ($ret === false) {
die('There was an error writing this file');
} else {
echo "{$ret} bytes written to file";
}
} else {
die('no post data to process');
}
// Sanitize the input
function sanitizeInput($data)
{
if (trim($data) == "") {
return false;
} else {
return filter_var($data, FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_HIGH);
}
}示例15: elseif
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
*
* In addition, as a special exception, the copyright holder gives permission to link the code of this program with
* those files in the PEAR library that are licensed under the PHP License (or with modified versions of those files
* that use the same license as those files), and distribute linked combinations including the two.
* You must obey the GNU General Public License in all respects for all of the code used other than those files in the
* PEAR library that are licensed under the PHP License. If you modify this program, you may extend this exception to
* your version of the program, but you are not obligated to do so.
* If you do not wish to do so, delete this exception statement from your version.
*
* As a special exception, you have permission to link this program with the JpGraph library and distribute executables,
* as long as you follow the requirements of the GNU GPL in regard to all of the software in the executable aside from
* JpGraph.
*
* You should have received a copy of the GNU General Public License along with this program; if not, write to the Free
* Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
if (isset($_SERVER['PHP_AUTH_USER']) && !isset($_SESSION['myusername'])) {
include __DIR__ . '/checklogin.php';
} elseif (!isset($_SERVER['PHP_AUTH_USER']) && !isset($_SESSION['myusername']) && isset($_GET['httpbasic'])) {
header('WWW-Authenticate: Basic realm="MailWatch for MailScanner"');
header('HTTP/1.0 401 Unauthorized');
header("Location: login.php?error=baduser");
exit;
} elseif (!isset($_SESSION['myusername'])) {
if (isset($_SERVER['REQUEST_URI'])) {
$_SESSION['REQUEST_URI'] = sanitizeInput($_SERVER['REQUEST_URI']);
}
header("Location: login.php");
exit;
}