本文整理汇总了PHP中sanitize_and_format_gpc函数的典型用法代码示例。如果您正苦于以下问题:PHP sanitize_and_format_gpc函数的具体用法?PHP sanitize_and_format_gpc怎么用?PHP sanitize_and_format_gpc使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了sanitize_and_format_gpc函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: set_value
function set_value(&$all_values, $sanitize = true)
{
if ($sanitize) {
$this->value = remove_banned_words(sanitize_and_format_gpc($all_values, $this->config['dbfield'], TYPE_STRING, $GLOBALS['__field2format'][FIELD_TEXTFIELD], $this->empty_value['edit']));
} elseif (isset($all_values[$this->config['dbfield']])) {
$this->value = $all_values[$this->config['dbfield']];
}
return true;
}示例2: admin_processor
function admin_processor()
{
$error = false;
$my_input = array();
if ($this->is_search) {
$my_input['search_default'] = array('min' => sanitize_and_format_gpc($_POST, 'search_start', TYPE_INT, 0, 0), 'max' => sanitize_and_format_gpc($_POST, 'search_end', TYPE_INT, 0, 0));
return $my_input;
}
return $error;
}示例3: set_value
function set_value(&$all_values, $sanitize = true)
{
$this->value = $this->empty_value['edit'];
if ($sanitize) {
$this->value['zip'] = sanitize_and_format_gpc($all_values, $this->config['dbfield'] . '_zip', TYPE_STRING, $GLOBALS['__field2format'][FIELD_TEXTFIELD], $this->empty_value['edit']['zip']);
$this->value['dist'] = sanitize_and_format_gpc($all_values, $this->config['dbfield'] . '_dist', TYPE_INT, 0, $this->empty_value['edit']['dist']);
} else {
if (isset($all_values[$this->config['dbfield'] . '_zip'])) {
$this->value['zip'] = $all_values[$this->config['dbfield'] . '_zip'];
} elseif (isset($this->config['default_value']['zip'])) {
$this->value['zip'] = $this->config['default_value']['zip'];
}
if (isset($all_values[$this->config['dbfield'] . '_dist'])) {
$this->value['dist'] = (int) $all_values[$this->config['dbfield'] . '_dist'];
} elseif (isset($this->config['default_value']['dist'])) {
$this->value['dist'] = (int) $this->config['default_value']['dist'];
}
}
return true;
}示例4: set_value
function set_value(&$all_values, $sanitize = true)
{
$this->value = $this->empty_value['edit'];
if ($sanitize) {
$this->value['min'] = sanitize_and_format_gpc($all_values, $this->config['dbfield'] . '_min', TYPE_INT, 0, $this->empty_value['edit']['min']);
$this->value['max'] = sanitize_and_format_gpc($all_values, $this->config['dbfield'] . '_max', TYPE_INT, 0, $this->empty_value['edit']['max']);
} else {
if (isset($all_values[$this->config['dbfield'] . '_min'])) {
$this->value['min'] = (int) $all_values[$this->config['dbfield'] . '_min'];
}
if (isset($all_values[$this->config['dbfield'] . '_max'])) {
$this->value['max'] = (int) $all_values[$this->config['dbfield'] . '_max'];
}
}
if ($this->value['min'] > $this->value['max']) {
$temp = $this->value['max'];
$this->value['max'] = $this->value['min'];
$this->value['min'] = $temp;
}
return true;
}示例5: check_login_member
*******************************************************************************
* See the "docs/licenses/etano.txt" file for license. *
******************************************************************************/
require '../includes/common.inc.php';
require _BASEPATH_ . '/includes/user_functions.inc.php';
require _BASEPATH_ . '/includes/field_functions.inc.php';
check_login_member('auth');
$error = false;
$qs = '';
$qs_sep = '';
$topass = array();
$nextpage = 'my_profile.php';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$input = array();
// get the input we need and sanitize it
$pcat_id = sanitize_and_format_gpc($_POST, 'pcat_id', TYPE_INT, 0, 0);
if (isset($_pcats[$pcat_id]) && count($_pcats[$pcat_id]['fields']) > 0) {
$config = get_site_option(array('manual_profile_approval'), 'core');
$on_changes = array();
$changes_status = array();
foreach ($_pcats[$pcat_id]['fields'] as $field_id) {
$field =& $_pfields[$field_id];
if ($field->config['editable']) {
$field->set_value($_POST, true);
// check for input errors
if (true !== ($temp = $field->validation_server())) {
$error = true;
$topass['message']['type'] = MESSAGE_ERROR;
if (empty($temp['text'])) {
$topass['message']['text'] = $GLOBALS['_lang'][69];
} else {示例6: search_results
function search_results($search, $my_membership = 1)
{
global $dbtable_prefix;
global $_pfields;
$myreturn = array();
$input['acclevel_code'] = 'search_advanced';
// default access level is the one for advanced search!!!!
$search_fields = array();
$continue = false;
// for searches not based on search_fields
$select = "a.`fk_user_id`";
$from = "`{$dbtable_prefix}user_profiles` a";
$where = ' a.`status`=' . STAT_APPROVED . ' AND a.`del`=0';
$orderby = "ORDER BY a.`score` DESC";
if (isset($search['min_user_id'])) {
$where .= " AND a.`fk_user_id`>" . $search['min_user_id'];
}
// if (!empty($_SESSION[_LICENSE_KEY_]['user']['user_id'])) {
// $where.=" AND a.`fk_user_id`<>'".$_SESSION[_LICENSE_KEY_]['user']['user_id']."'";
// }
// define here all search types
// you can either add fields to be read into $search_fields or build the query directly
if (isset($search['st'])) {
switch ($search['st']) {
case 'basic':
$input['acclevel_code'] = 'search_basic';
$search_fields = $GLOBALS['basic_search_fields'];
if (isset($search['wphoto'])) {
$where .= " AND a.`_photo`!=''";
}
break;
case 'adv':
$input['acclevel_code'] = 'search_advanced';
// for advanced search we get all fields
foreach ($_pfields as $field_id => $field) {
if (!empty($field->config['searchable'])) {
$search_fields[] = $field_id;
}
}
if (isset($search['wphoto'])) {
$where .= " AND a.`_photo`!=''";
}
break;
case 'user':
$input['acclevel_code'] = 'search_advanced';
$continue = true;
$input['user'] = sanitize_and_format_gpc($search, 'user', TYPE_STRING, $GLOBALS['__field2format'][FIELD_TEXTFIELD], '');
if (strlen($input['user']) <= 3) {
// $topass['message']['text']=$GLOBALS['_lang'][8];
// $topass['message']['type']=MESSAGE_ERROR;
$where = '';
// force no results returned.
} else {
$where .= " AND a.`_user` LIKE '" . $input['user'] . "%'";
}
break;
case 'net':
$input['acclevel_code'] = 'search_basic';
$continue = true;
$input['fk_user_id'] = sanitize_and_format_gpc($search, 'uid', TYPE_INT, 0, 0);
$input['fk_net_id'] = sanitize_and_format_gpc($search, 'nid', TYPE_INT, 0, 0);
$select = "b.`fk_user_id_other`";
$from = "`{$dbtable_prefix}user_networks` b," . $from;
$where = "b.`fk_user_id`=" . $input['fk_user_id'] . " AND b.`fk_net_id`=" . $input['fk_net_id'] . " AND b.`nconn_status`=1 AND b.`fk_user_id_other`=a.`fk_user_id` AND " . $where;
break;
case 'new':
$input['acclevel_code'] = 'search_basic';
$continue = true;
$orderby = "ORDER BY a.`date_added` DESC";
break;
case 'online':
$input['acclevel_code'] = 'search_basic';
$continue = true;
$from = "`{$dbtable_prefix}online` b," . $from;
$where .= " AND b.`fk_user_id` IS NOT NULL AND b.`fk_user_id`=a.`fk_user_id`";
$orderby = "GROUP BY b.`fk_user_id` " . $orderby;
break;
case 'vote':
case 'views':
case 'comm':
// TODO
break;
default:
break;
}
}
if (allow_at_level($input['acclevel_code'], $my_membership)) {
for ($i = 0; isset($search_fields[$i]); ++$i) {
$field = $_pfields[$search_fields[$i]]->search();
$field->set_value($search);
$where .= $field->query_search();
$input = array_merge($input, $field->get_value(true));
}
if (!empty($where)) {
// if $where is empty then a condition above prevents us from searching.
$query = "SELECT {$select} FROM {$from} WHERE {$where} {$orderby}";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
for ($i = 0; $i < mysql_num_rows($res); ++$i) {
//.........这里部分代码省略.........
示例7: allow_dept
* See the "docs/licenses/etano.txt" file for license. *
******************************************************************************/
require_once '../includes/common.inc.php';
require_once '../includes/admin_functions.inc.php';
require_once '../includes/tables/site_news.inc.php';
allow_dept(DEPT_ADMIN);
$tpl = new phemplate('skin/', 'remove_nonjs');
$output = $site_news_default['defaults'];
if (isset($_SESSION['topass']['input'])) {
$output = $_SESSION['topass']['input'];
} elseif (!empty($_GET['news_id'])) {
$news_id = (int) $_GET['news_id'];
$query = "SELECT * FROM `{$dbtable_prefix}site_news` WHERE `news_id`='{$news_id}'";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
if (mysql_num_rows($res)) {
$output = mysql_fetch_assoc($res);
$output['news_title'] = sanitize_and_format($output['news_title'], TYPE_STRING, $__field2format[TEXT_DB2EDIT]);
$output['news_body'] = sanitize_and_format($output['news_body'], TYPE_STRING, $__field2format[TEXT_DB2EDIT]);
}
}
$output['return2'] = sanitize_and_format_gpc($_GET, 'return', TYPE_STRING, $__field2format[FIELD_TEXTFIELD], '');
$output['return'] = rawurlencode($output['return2']);
$tpl->set_file('content', 'site_news_addedit.html');
$tpl->set_var('output', $output);
$tpl->process('content', 'content');
$tplvars['title'] = 'Site News Management';
$tplvars['css'] = 'site_news_addedit.css';
$tplvars['page'] = 'site_news_addedit';
include 'frame.php';示例8: unset
if (empty($input['astat'])) {
unset($input['astat']);
}
$input['pstat'] = sanitize_and_format_gpc($_GET, 'pstat', TYPE_INT, 0, 0);
if (empty($input['pstat'])) {
unset($input['pstat']);
}
$input['membership'] = sanitize_and_format_gpc($_GET, 'membership', TYPE_INT, 0, 0);
if (empty($input['membership'])) {
unset($input['membership']);
}
$input['photo'] = sanitize_and_format_gpc($_GET, 'photo', TYPE_INT, 0, 0);
if (empty($input['photo'])) {
unset($input['photo']);
}
$input['album'] = sanitize_and_format_gpc($_GET, 'album', TYPE_INT, 0, 0);
if (empty($input['album'])) {
unset($input['album']);
}
}
// we build the query but run it only if this is a first run, otherwise we already know the results
// we need the query though for the md5
$where = "a.`fk_user_id`=b.`" . USER_ACCOUNT_ID . "`";
$from = "`{$dbtable_prefix}user_profiles` a,`" . USER_ACCOUNTS_TABLE . "` b";
if (isset($input['user'])) {
$where .= " AND a.`_user` LIKE '" . $input['user'] . "%'";
}
if (isset($input['pstat'])) {
// profile status
$where .= " AND a.`status`=" . $input['pstat'];
}示例9: db_connect
*******************************************************************************
* See the "docs/licenses/etano.txt" file for license. *
******************************************************************************/
require_once '../includes/common.inc.php';
db_connect(_DBHOST_, _DBUSER_, _DBPASS_, _DBNAME_);
require_once '../includes/admin_functions.inc.php';
require_once '../includes/classes/fileop.class.php';
require_once '../includes/classes/etano_package.class.php';
allow_dept(DEPT_ADMIN);
set_time_limit(0);
ignore_user_abort(true);
$error = false;
$tpl = new phemplate('skin/', 'remove_nonjs');
$output = array();
$fileop = new fileop();
$file = sanitize_and_format_gpc($_GET, 'f', TYPE_STRING, $__field2format[FIELD_TEXTFIELD] | FORMAT_RUDECODE, '');
if (substr($file, 0, 7) == 'http://') {
// save it in tmp/packages and rename $file to filename.zip
require_once '../includes/classes/package_downloader.class.php';
$p = new package_downloader($file);
if ($p->download()) {
$file = $p->file_name;
} else {
$file = '';
$error = true;
$topass['message']['type'] = MESSAGE_ERROR;
$topass['message']['text'] = $p->error_text;
}
}
$install_index = 0;
$ui_request = false;示例10: sanitize_and_format_gpc
$tplvars['page_title'] = $GLOBALS['_lang'][104];
//$orderby="a.`date_posted` DESC"; // default
break;
case 'views':
$tplvars['page_title'] = $GLOBALS['_lang'][105];
$input['acclevel_code'] = 'search_blog';
$orderby = "a.`stat_views` DESC";
break;
case 'comm':
$tplvars['page_title'] = $GLOBALS['_lang'][106];
$input['acclevel_code'] = 'search_blog';
$orderby = "a.`stat_comments` DESC";
break;
case 'uid':
$input['acclevel_code'] = 'search_blog';
$input['uid'] = sanitize_and_format_gpc($_GET, 'uid', TYPE_INT, 0, 0);
$tplvars['page_title'] = sprintf($GLOBALS['_lang'][108], get_user_by_userid($input['uid']));
$where = "a.`fk_user_id`=" . $input['uid'] . " AND " . $where;
$orderby = "a.`post_id` DESC";
break;
case 'tag':
$tplvars['page_title'] = $GLOBALS['_lang'][107];
$input['acclevel_code'] = 'search_blog';
$input['tags'] = isset($_GET['tags']) ? $_GET['tags'] : '';
// remove extra spaces and words with less than 3 chars
$input['tags'] = trim(preg_replace(array("/\\s\\s+/", "/\\b[^\\s]{1,3}\\b/"), array(' ', ''), $input['tags']));
$input['tags'] = sanitize_and_format($input['tags'], TYPE_STRING, $__field2format[FIELD_TEXTFIELD]);
if (!empty($input['tags'])) {
$select .= ",MATCH (a.`title`,a.`post_content`) AGAINST ('" . $input['tags'] . "' IN BOOLEAN MODE) as `match_score`";
$where .= " AND MATCH (a.`title`,a.`post_content`) AGAINST ('" . $input['tags'] . "' IN BOOLEAN MODE)";
$orderby = "`match_score` DESC";示例11: get_my_skin
require _BASEPATH_ . '/includes/tables/message_filters.inc.php';
require _BASEPATH_ . '/skins_site/' . get_my_skin() . '/lang/mailbox.inc.php';
check_login_member('manage_folders');
if (is_file(_BASEPATH_ . '/events/processors/filters_addedit.php')) {
include _BASEPATH_ . '/events/processors/filters_addedit.php';
}
$error = false;
$qs = '';
$qs_sep = '';
$topass = array();
$nextpage = 'filters.php';
$input = array();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// get the input we need and sanitize it
foreach ($message_filters_default['types'] as $k => $v) {
$input[$k] = sanitize_and_format_gpc($_POST, $k, $__field2type[$v], $__field2format[$v], $message_filters_default['defaults'][$k]);
}
$input['fk_user_id'] = $_SESSION[_LICENSE_KEY_]['user']['user_id'];
switch ($input['filter_type']) {
case FILTER_SENDER:
if (!($input['field_value'] = get_userid_by_user($input['field_value']))) {
$error = true;
$topass['message']['type'] = MESSAGE_ERROR;
$topass['message']['text'] = sprintf($GLOBALS['_lang'][41], $input['field_value']);
}
break;
case FILTER_SENDER_PROFILE:
case FILTER_MESSAGE:
default:
break;
}示例12: get_my_skin
require _BASEPATH_ . '/includes/user_functions.inc.php';
require _BASEPATH_ . '/skins_site/' . get_my_skin() . '/lang/my_searches.inc.php';
check_login_member('save_searches');
if (is_file(_BASEPATH_ . '/events/processors/my_searches.php')) {
include _BASEPATH_ . '/events/processors/my_searches.php';
}
$error = false;
$qs = '';
$qs_sep = '';
$topass = array();
$nextpage = 'my_searches.php';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$input = array();
// get the input we need and sanitize it
$input['is_default'] = sanitize_and_format_gpc($_POST, 'is_default', TYPE_INT, 0, 0);
$input['alert'] = sanitize_and_format_gpc($_POST, 'alert', TYPE_INT, 0, array());
// make sure $input['alert'] is an array
if (!is_array($input['alert']) && !empty($input['alert'])) {
$input['alert'] = array($input['alert']);
}
if (!$error) {
if (isset($_on_before_update)) {
for ($i = 0; isset($_on_before_update[$i]); ++$i) {
call_user_func($_on_before_update[$i]);
}
}
$query = "UPDATE `{$dbtable_prefix}user_searches` SET `is_default`=0,`alert`=0 WHERE `fk_user_id`='" . $_SESSION[_LICENSE_KEY_]['user']['user_id'] . "'";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
if (!empty($input['is_default'])) {示例13: DateMill
File: admin/processors/login.php
$Revision$
Software by: DateMill (http://www.datemill.com)
Copyright by: DateMill (http://www.datemill.com)
Support at: http://www.datemill.com/forum
*******************************************************************************
* See the "docs/licenses/etano.txt" file for license. *
******************************************************************************/
require_once '../../includes/common.inc.php';
require_once '../../includes/admin_functions.inc.php';
$topass = array();
$qs = '';
$qs_sep = '';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$username = strtolower(sanitize_and_format_gpc($_POST, 'username', TYPE_STRING, $__field2format[FIELD_TEXTFIELD], ''));
$password = sanitize_and_format_gpc($_POST, 'password', TYPE_STRING, $__field2format[FIELD_TEXTFIELD], '');
if (!empty($username) && !empty($password)) {
$query = "SELECT `admin_id`,`name`,`dept_id`,`status` FROM `{$dbtable_prefix}admin_accounts` WHERE `user`='{$username}' AND `pass`=md5('{$password}')";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
if (mysql_num_rows($res)) {
$admin = mysql_fetch_assoc($res);
if ($admin['status'] == ASTAT_ACTIVE) {
$_SESSION[_LICENSE_KEY_]['admin'] = array_merge(isset($_SESSION[_LICENSE_KEY_]['admin']) ? $_SESSION[_LICENSE_KEY_]['admin'] : array(), $admin);
$_SESSION[_LICENSE_KEY_]['admin']['def_skin'] = get_default_skin_dir();
if (isset($_SESSION[_LICENSE_KEY_]['admin']['timedout']['url'])) {
$next = $_SESSION[_LICENSE_KEY_]['admin']['timedout'];
unset($_SESSION[_LICENSE_KEY_]['admin']['timedout']);
if ($next['method'] == 'GET') {
if (!empty($next['qs'])) {示例14: trigger_error
}
}
// no need to sanitize
// $output=sanitize_and_format($output,TYPE_STRING,$__field2format[TEXT_DB2EDIT]);
if ($output['message_type'] == MESS_FLIRT) {
$output['flirt_reply'] = true;
}
} else {
trigger_error($GLOBALS['_lang'][120], E_USER_ERROR);
}
$output['lang_263'] = sanitize_and_format($GLOBALS['_lang'][263], TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]);
$output['lang_264'] = sanitize_and_format($GLOBALS['_lang'][264], TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]);
$output['lang_196'] = sanitize_and_format($GLOBALS['_lang'][196], TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]);
$output['lang_197'] = sanitize_and_format($GLOBALS['_lang'][197], TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]);
if (!isset($output['return']) && isset($_GET['return'])) {
$output['return'] = sanitize_and_format_gpc($_GET, 'return', TYPE_STRING, $__field2format[FIELD_TEXTFIELD] | FORMAT_RUENCODE, '');
}
$output['bbcode_message'] = get_site_option('bbcode_message', 'core');
if (empty($output['bbcode_message'])) {
unset($output['bbcode_message']);
}
$tpl->set_file('content', 'message_send.html');
$tpl->set_var('output', $output);
$tpl->process('content', 'content', TPL_OPTIONAL);
$tplvars['page_title'] = sprintf($GLOBALS['_lang'][137], $output['_user_other']);
$tplvars['title'] = $tplvars['page_title'];
$tplvars['page'] = 'message_send';
$tplvars['css'] = 'message_send.css';
if (is_file('message_send_left.php')) {
include 'message_send_left.php';
}示例15: DateMill
===============================================================================
File: admin/processors/site_skins_delete.php
$Revision$
Software by: DateMill (http://www.datemill.com)
Copyright by: DateMill (http://www.datemill.com)
Support at: http://www.datemill.com/forum
*******************************************************************************
* See the "docs/licenses/etano.txt" file for license. *
******************************************************************************/
require_once '../../includes/common.inc.php';
require_once '../../includes/admin_functions.inc.php';
allow_dept(DEPT_ADMIN);
$qs = '';
$qs_sep = '';
$topass = array();
$module_code = sanitize_and_format_gpc($_GET, 'module_code', TYPE_STRING, $__field2format[FIELD_TEXTFIELD], '');
$query = "SELECT count(*) FROM `{$dbtable_prefix}modules` WHERE `module_type`=" . MODULE_SKIN;
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
if (mysql_result($res, 0, 0) > 1) {
$config = get_site_option(array('is_default', 'skin_dir'), $module_code);
$query = "DELETE FROM `{$dbtable_prefix}site_options3` WHERE `fk_module_code`='{$module_code}'";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "DELETE FROM `{$dbtable_prefix}modules` WHERE `module_code`='{$module_code}'";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$query = "DELETE FROM `{$dbtable_prefix}lang_strings` WHERE `skin`='{$module_code}'";