本文整理汇总了PHP中sanitizeString函数的典型用法代码示例。如果您正苦于以下问题:PHP sanitizeString函数的具体用法?PHP sanitizeString怎么用?PHP sanitizeString使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了sanitizeString函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: view
public function view()
{
$dao = DAO::getDAO('UserDAO');
if (isset($this->params[0]) && trim($this->params[0]) == 'remove') {
// ex: requesting: /user-list/delete/2
$id = trim(sanitizeString($this->params[1]));
$dao->removeById($id);
} else {
if (isset($this->params[0]) && trim($this->params[0]) == 'add') {
$randNum = mt_rand(0, 99999);
$newUser = new User(array('firstName' => 'First', 'lastName' => 'LastName', 'username' => "test{$randNum}", 'email' => "test{$randNum}@example.com", 'createTime' => dbDateTime()));
// #TODO: implement UserDao.create($newUser) instead.
if ($dao->countAll() > 30) {
// Demo mode: clean up if too many users
$dao->execute("DELETE FROM user");
$dao->execute("vacuum");
}
$dao->insertInto("firstName, lastName, username, email, createTime", $newUser->getFields());
}
}
$users = $dao->getAll();
$v = $this->smarty;
$v->assign('title', 'User List');
$v->assign('inc_content', v('user_list.html'));
$v->assign('users', $users);
$v->assign('totalUsers', $dao->countAll());
$this->display($v, v('index.html'));
}示例2: login
function login()
{
global $conn;
if (postExist(array('username', 'password'))) {
$username = sanitizeString($_POST['username']);
$password = sanitizeString($_POST['password']);
try {
$response = $conn->prepare("SELECT * FROM users WHERE username = :username");
$response->bindParam(':username', $username, \PDO::PARAM_STR);
$response->execute();
$datas = $response->fetchAll();
if (isset($datas[0])) {
if (password_verify($password, $datas[0]['password'])) {
initSession($datas[0]['id'], $username, 0);
redirect('chat.php');
} else {
echo 'Your password does not match your username';
}
} else {
echo 'Your username has not been found';
}
} catch (Exception $e) {
die("An error occured : " . $e);
}
} else {
var_dump($_POST);
die;
}
}示例3: sanitizeMYSQL
function sanitizeMYSQL($connection, $var)
{
$var = mysqli_real_escape_string($connection, $var);
//Escapes special characters in a string for use in an SQL statement
$var = sanitizeString($var);
return $var;
}示例4: sanitizeMySQL
function sanitizeMySQL($connection, $var)
{
// Using the mysqli extension
$var = $connection->real_escape_string($var);
$var = sanitizeString($var);
return $var;
}示例5: sanitizeSQL
function sanitizeSQL($str_array, $connection)
{
for ($i = 0; $i < count($str_array); ++$i) {
$str_array[$i] = $connection->real_escape_string($str_array[$i]);
$str_array[$i] = sanitizeString($str_array[$i]);
}
}示例6: view
public function view()
{
$dao = DAO::getDAO('SearchDAO');
if (isset($this->params[0]) && trim($this->params[0]) == 'remove') {
// ex: requesting: /search/delete/2
$id = trim(sanitizeString($this->params[1]));
$dao->removeById($id);
} else {
if (isset($this->params[0]) && trim($this->params[0]) == 'add') {
$randNum = mt_rand(0, 99999);
$newSearch = new Search(array('username' => "test{$randNum}", 'email' => "test{$randNum}@example.com", 'created' => dbDateTime()));
// #TODO: implement UserDao.create($newUser) instead.
if ($dao->countAll() > 30) {
// Demo mode: clean up if too many searchs
$dao->execute("DELETE FROM searchs");
$dao->execute("vacuum");
}
$dao->insertInto("username, email, created", $newSearch->getFields());
}
}
$search = $dao->getAll();
$v = $this->smarty;
$v->assign('title', 'Search List');
$v->assign('inc_content', v('search.html'));
$v->assign('search', $search);
$v->assign('totalSearch', $dao->countAll());
$this->display($v, v('index.html'));
}示例7: processAction
private function processAction($dao, $v)
{
if ( !isset($this->params[0])) {
$action = 'list'; // default action
} else {
$action = trim($this->params[0]);
}
$err = '';
if ( in_array($action, array('list','show','edit')) )
{
if ($action == 'list') {
$html = BaseController::callController(BASEEXT.'/blog', 'BlogList', array());
}
else {
$postId = trim(sanitizeString($this->params[1]));
if ($action == 'show') {
$html = BaseController::callController(BASEEXT.'/blog', 'BlogShow', array($postId));
}
else if ($action == 'edit') {
$html = BaseController::callController(BASEEXT.'/blog', 'BlogEdit', array($postId));
}
}
$v->assign('inc_content', 'blank.html');
$v->assign('content', $html);
}
else {
if ($action == 'remove')
{
// ex: requesting: /blog/delete/2
$id = trim(sanitizeString($this->params[1]));
if (isDemoMode() && $id == 1) $err = '<span id="msgWarn">Demo Mode: removing entry #1 is not allowed!</span>';
if ($err == '') {
$dao->removeById($id);
}
}
else if ($action == 'add')
{
$randNum = mt_rand(0, 99999);
$dbNow = date( 'Y-m-d H:i:s' );
$newPost = new Post(
array('title' => 'Blog entry '.$randNum,
'description' => 'description '.$randNum,
'content' => 'content '.$randNum,
'createTime' => $dbNow)
);
$dao->execute("INSERT INTO post(title, description, content, createTime)
VALUES(:title, :description, :content, :createTime)", $newPost->getFields());
}
$posts = $dao->getAll();
$v->assign('inc_content', BASEEXT.'/blog/view/admin.html');
$v->assign('err', $err);
$v->assign('posts', $posts);
$v->assign('totalPosts', $dao->countAll());
$v->assign('content', '');
}
return $html;
}示例8: initFromPOST
/**
* @return int
*/
function initFromPOST()
{
date_default_timezone_set('Europe/Kiev');
$this->printerID = sanitizeString($_POST['Sticker']);
$this->newCounter = sanitizeString($_POST['counter']);
$this->date = date('Y-m-d H:i:s');
return 1;
}示例9: initFromPOST
function initFromPOST()
{
$this->login = sanitizeString($_POST['username']);
$this->password = sanitizeString($_POST['password']);
$this->firstName = sanitizeString($_POST['surname']);
$this->lastName = sanitizeString($_POST['forename']);
return 1;
}示例10: sanitizeMySQL
function sanitizeMySQL($conn, $var)
{
$var = $conn->real_escape_string($var);
#Remove escape characters
$var = sanitizeString($var);
#Use sanitizeString()
return $var;
}示例11: initFromPOST
function initFromPOST()
{
date_default_timezone_set('Europe/Kiev');
$this->id = sanitizeString($_POST['printernum']);
$this->name = sanitizeString($_POST['printername']);
$this->manufacturer = sanitizeString($_POST['printermanufac']);
$this->model = sanitizeString($_POST['printermodel']);
$this->serNum = sanitizeString($_POST['printerserial']);
$this->currentCount = sanitizeString($_POST['printercount']);
$this->pageCost = sanitizeString($_POST['printercost']);
$this->lastEdit = date('Y-m-d H:i:s');
$this->owner = 2;
$this->balance = 0.0;
return 1;
}示例12: processPost
public function processPost()
{
parent::processPost();
// #TODO: User submitted data. Save it to DB, email, etc.
copyArray($_POST, $fv, 'ftoken', 'name', 'email', 'optin|checkbox', 'msg');
session_start();
if ($fv['ftoken'] != $_SESSION['ftoken']) {
die('Error: invalid form token! Do not submit your form twice.');
}
unset($_SESSION['ftoken']);
$v = $this->smarty;
$v->assign('title', 'Thank you!');
$v->assign(array('name' => sanitizeString($fv['name']), 'email' => sanitizeEmail($fv['email']), 'optin' => $fv['optin']));
$v->assign('inc_content', v('contact_us_done.html'));
$this->display($v, v('index.html'));
}示例13: dologinWithPostData
private function dologinWithPostData()
{
//check login form contents
if (empty($_POST['user']) || $_POST['pass']) {
$this->errors[] = "Not all fields were entered";
} elseif (!empty($_POST['user_name']) && !empty($_POST['user_password'])) {
$user = sanitizeString($_POST['user']);
$pass = sanitizeString($_POST['pass']);
$query = "SELECT user,pass FROM members\n WHERE user='{$user}' AND pass='{$pass}'";
//if this user exists
if (mysql_num_rows(queryMysql($query)) == 1) {
$_SESSION['user'] = $user;
$_SESSION['pass'] = $pass;
}
}
}示例14: Register
function Register()
{
if (!empty($_POST['user'])) {
$user = sanitizeString($_POST['user']);
$pass = sanitizeString($_POST['pass']);
$query = mysql_query("SELECT * FROM user where name = '{$user}'") or die(mysql_error());
$row = mysql_fetch_array($query);
if (empty($row['name'])) {
mysql_query("SET AUTOCOMMIT=0");
mysql_query("START TRANSACTION");
$query = mysql_query("INSERT INTO user (NAME,PASS) VALUES ('{$user}','{$pass}')");
if (!$query) {
mysql_query("ROLLBACK");
echo "<h1 align=center>Error</h1>";
echo "<div id='container'>";
echo "<div id='center'>";
echo "<fieldset>";
echo '<p>DATABASE ERROR</p> ' . mysql_error() . '</p>';
echo "<p>Please <a href='index.php'>click here</a> to return.</p>";
echo "</fieldset>";
echo "</div>";
echo "</div>";
} else {
mysql_query("COMMIT");
echo "<h1 align=center>Registration Area</h1>";
echo "<div id='container'>";
echo "<div id='center'>";
echo "<fieldset>";
echo "<p>Registration successfull! Please Log-in.</p>";
echo "<p>Please <a href='index.php'>click here</a> to return.</p>";
echo "</fieldset>";
echo "</div>";
echo "</div>";
}
} else {
echo "<h1 align=center>Error</h1>";
echo "<div id='container'>";
echo "<div id='center'>";
echo "<fieldset>";
echo "<p>Sorry, User name already in use. Please retry.</p>";
echo "<p>Please <a href='index.php'>click here</a> to return.</p>";
echo "</fieldset>";
echo "</div>";
echo "</div>";
}
}
}示例15: processPost
public function processPost()
{
parent::processPost();
session_start();
// #TODO: User submitted data. Save it to DB, email, etc.
copyArray($_POST, $fv, 'ftoken', 'name', 'email', 'optin|checkbox', 'msg');
checkFormToken('ftoken_contact_us', $fv['ftoken']);
$v = $this->smarty;
$v->assign('title', 'Thank you!');
$v->assign(array(
'name' => sanitizeString($fv['name']),
'email' => sanitizeEmail($fv['email']),
'optin' => $fv['optin']
));
$v->assign('inc_content', v('contact_us_done.html'));
$this->display($v, v('index.html'));
}