本文整理汇总了PHP中sanitize_paranoid_string函数的典型用法代码示例。如果您正苦于以下问题:PHP sanitize_paranoid_string函数的具体用法?PHP sanitize_paranoid_string怎么用?PHP sanitize_paranoid_string使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了sanitize_paranoid_string函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: index
function index()
{
$aData = array();
$needpermission = false;
$aData['surveyid'] = $surveyid = sanitize_int(Yii::app()->request->getQuery('sid'));
$aData['sa'] = $sa = sanitize_paranoid_string(Yii::app()->request->getQuery('sa', 'index'));
if (($aData['sa'] == 'survey_logic_file' || $aData['sa'] == 'navigation_test') && $surveyid) {
$needpermission = true;
}
if ($needpermission && !Permission::model()->hasSurveyPermission($surveyid, 'surveycontent', 'read')) {
App()->getClientScript()->registerPackage('jquery-superfish');
$message['title'] = gT('Access denied!');
$message['message'] = gT('You do not have sufficient rights to access this page.');
$message['class'] = "error";
$this->_renderWrappedTemplate('survey', array("message" => $message), $aData);
} else {
App()->getClientScript()->registerPackage('jqueryui');
App()->getClientScript()->registerScriptFile(Yii::app()->getConfig('generalscripts') . "survey_runtime.js");
App()->getClientScript()->registerScriptFile(Yii::app()->getConfig('generalscripts') . "expressions/em_javascript.js");
App()->getClientScript()->registerCssFile(Yii::app()->getConfig('adminstyleurl') . "adminstyle.css");
$this->_printOnLoad(Yii::app()->request->getQuery('sa', 'index'));
$aData['pagetitle'] = "ExpressionManager: {$aData['sa']}";
//header("Content-type: text/html; charset=UTF-8"); // needed for correct UTF-8 encoding
if (isset($_GET['sa'])) {
$this->test($aData['sa'], $aData);
} else {
$this->_renderWrappedTemplate('expressions', 'test_view', $aData);
}
}
}示例2: index
function index()
{
Yii::app()->loadHelper('admin/htmleditor');
$aData = array('ckLanguage' => sTranslateLangCode2CK(Yii::app()->session['adminlang']), 'sFieldName' => sanitize_xss_string(App()->request->getQuery('name')), 'sFieldText' => sanitize_xss_string(App()->request->getQuery('text')), 'sFieldType' => sanitize_xss_string(App()->request->getQuery('type')), 'sAction' => sanitize_paranoid_string(App()->request->getQuery('action')), 'iSurveyId' => sanitize_int(App()->request->getQuery('sid', 0)), 'iGroupId' => sanitize_int(App()->request->getQuery('gid', 0)), 'iQuestionId' => sanitize_int(App()->request->getQuery('qid', 0)));
if (!$aData['sFieldName']) {
$this->getController()->render('/admin/htmleditor/pop_nofields_view', $aData);
} else {
$aData['sControlIdEna'] = $aData['sFieldName'] . '_popupctrlena';
$aData['sControlIdDis'] = $aData['sFieldName'] . '_popupctrldis';
$aData['toolbarname'] = 'popup';
$aData['htmlformatoption'] = '';
if (in_array($aData['sFieldType'], array('email-inv', 'email-reg', 'email-conf', 'email-rem'))) {
$aData['htmlformatoption'] = ',fullPage:true';
}
$this->getController()->render('/admin/htmleditor/pop_editor_view', $aData);
}
}示例3: index
function index()
{
$aData = array();
$needpermission = false;
$aData['surveyid'] = $surveyid = $iSurveyID = sanitize_int(Yii::app()->request->getQuery('sid'));
$aData['sa'] = $sa = sanitize_paranoid_string(Yii::app()->request->getQuery('sa', 'index'));
$aData['fullpagebar']['closebutton']['url'] = 'admin/';
if (($aData['sa'] == 'survey_logic_file' || $aData['sa'] == 'navigation_test') && $surveyid) {
$needpermission = true;
}
if ($needpermission && !Permission::model()->hasSurveyPermission($surveyid, 'surveycontent', 'read')) {
$message['title'] = gT('Access denied!');
$message['message'] = gT('You do not have sufficient rights to access this page.');
$message['class'] = "error";
$this->_renderWrappedTemplate('survey', array("message" => $message), $aData);
} else {
App()->getClientScript()->registerPackage('jqueryui');
App()->getClientScript()->registerScriptFile(Yii::app()->getConfig('generalscripts') . "survey_runtime.js");
App()->getClientScript()->registerScriptFile(Yii::app()->getConfig('generalscripts') . "expressions/em_javascript.js");
//App()->getClientScript()->registerCssFile(Yii::app()->getConfig('adminstyleurl') . "adminstyle.css" );
$this->_printOnLoad(Yii::app()->request->getQuery('sa', 'index'));
$aData['pagetitle'] = "ExpressionManager: {$aData['sa']}";
if (isset($iSurveyID)) {
$aData['sidebar']['state'] = "close";
$surveyinfo = Survey::model()->findByPk($iSurveyID)->surveyinfo;
$aData['title_bar']['title'] = $surveyinfo['surveyls_title'] . "(" . gT("ID") . ":" . $iSurveyID . ")";
if (Yii::app()->request->getQuery('gid') != '') {
$aData['questiongroupbar']['closebutton']['url'] = 'admin/questiongroups/sa/view/surveyid/' . $aData['surveyid'] . '/gid/' . sanitize_int(Yii::app()->request->getQuery('gid'));
} else {
$aData['surveybar']['closebutton']['url'] = 'admin/survey/sa/view/surveyid/' . $aData['surveyid'];
}
if (Yii::app()->request->getQuery('qid') != '') {
$aData['questiongroupbar']['closebutton']['url'] = 'admin/questions/sa/view/surveyid/' . $aData['surveyid'] . '/gid/' . sanitize_int(Yii::app()->request->getQuery('gid')) . '/qid/' . sanitize_int(Yii::app()->request->getQuery('qid'));
$aData['gid'] = sanitize_int(Yii::app()->request->getQuery('gid'));
}
}
//header("Content-type: text/html; charset=UTF-8"); // needed for correct UTF-8 encoding
if (isset($_GET['sa'])) {
$this->test($aData['sa'], $aData);
} else {
$this->_renderWrappedTemplate('expressions', 'test_view', $aData);
}
}
}示例4: _saveSettings
private function _saveSettings()
{
if ($_POST['action'] !== "globalsettingssave") {
return;
}
if (!Permission::model()->hasGlobalPermission('settings', 'update')) {
$this->getController()->redirect(array('/admin'));
}
Yii::app()->loadHelper('surveytranslator');
$iPDFFontSize = sanitize_int($_POST['pdffontsize']);
if ($iPDFFontSize < 1) {
$iPDFFontSize = 9;
}
$iPDFLogoWidth = sanitize_int($_POST['pdflogowidth']);
if ($iPDFLogoWidth < 1) {
$iPDFLogoWidth = 50;
}
$maxemails = $_POST['maxemails'];
if (sanitize_int($_POST['maxemails']) < 1) {
$maxemails = 1;
}
$defaultlang = sanitize_languagecode($_POST['defaultlang']);
$aRestrictToLanguages = explode(' ', sanitize_languagecodeS($_POST['restrictToLanguages']));
if (!in_array($defaultlang, $aRestrictToLanguages)) {
// Force default language in restrictToLanguages
$aRestrictToLanguages[] = $defaultlang;
}
if (count(array_diff(array_keys(getLanguageData(false, Yii::app()->session['adminlang'])), $aRestrictToLanguages)) == 0) {
$aRestrictToLanguages = '';
} else {
$aRestrictToLanguages = implode(' ', $aRestrictToLanguages);
}
setGlobalSetting('defaultlang', $defaultlang);
setGlobalSetting('restrictToLanguages', trim($aRestrictToLanguages));
setGlobalSetting('sitename', strip_tags($_POST['sitename']));
setGlobalSetting('defaulthtmleditormode', sanitize_paranoid_string($_POST['defaulthtmleditormode']));
setGlobalSetting('defaultquestionselectormode', sanitize_paranoid_string($_POST['defaultquestionselectormode']));
setGlobalSetting('defaulttemplateeditormode', sanitize_paranoid_string($_POST['defaulttemplateeditormode']));
if (!Yii::app()->getConfig('demoMode')) {
$sTemplate = Yii::app()->getRequest()->getPost("defaulttemplate");
if (array_key_exists($sTemplate, getTemplateList())) {
setGlobalSetting('defaulttemplate', $sTemplate);
}
}
setGlobalSetting('admintheme', sanitize_paranoid_string($_POST['admintheme']));
setGlobalSetting('adminthemeiconsize', trim(file_get_contents(Yii::app()->getConfig("styledir") . DIRECTORY_SEPARATOR . sanitize_paranoid_string($_POST['admintheme']) . DIRECTORY_SEPARATOR . 'iconsize')));
setGlobalSetting('emailmethod', strip_tags($_POST['emailmethod']));
setGlobalSetting('emailsmtphost', strip_tags(returnGlobal('emailsmtphost')));
if (returnGlobal('emailsmtppassword') != 'somepassword') {
setGlobalSetting('emailsmtppassword', strip_tags(returnGlobal('emailsmtppassword')));
}
setGlobalSetting('bounceaccounthost', strip_tags(returnGlobal('bounceaccounthost')));
setGlobalSetting('bounceaccounttype', strip_tags(returnGlobal('bounceaccounttype')));
setGlobalSetting('bounceencryption', strip_tags(returnGlobal('bounceencryption')));
setGlobalSetting('bounceaccountuser', strip_tags(returnGlobal('bounceaccountuser')));
if (returnGlobal('bounceaccountpass') != 'enteredpassword') {
setGlobalSetting('bounceaccountpass', strip_tags(returnGlobal('bounceaccountpass')));
}
setGlobalSetting('emailsmtpssl', sanitize_paranoid_string(Yii::app()->request->getPost('emailsmtpssl', '')));
setGlobalSetting('emailsmtpdebug', sanitize_int(Yii::app()->request->getPost('emailsmtpdebug', '0')));
setGlobalSetting('emailsmtpuser', strip_tags(returnGlobal('emailsmtpuser')));
setGlobalSetting('filterxsshtml', strip_tags($_POST['filterxsshtml']));
$warning = '';
// make sure emails are valid before saving them
if (Yii::app()->request->getPost('siteadminbounce', '') == '' || validateEmailAddress(Yii::app()->request->getPost('siteadminbounce'))) {
setGlobalSetting('siteadminbounce', strip_tags(Yii::app()->request->getPost('siteadminbounce')));
} else {
$warning .= gT("Warning! Admin bounce email was not saved because it was not valid.") . '<br/>';
}
if (Yii::app()->request->getPost('siteadminemail', '') == '' || validateEmailAddress(Yii::app()->request->getPost('siteadminemail'))) {
setGlobalSetting('siteadminemail', strip_tags(Yii::app()->request->getPost('siteadminemail')));
} else {
$warning .= gT("Warning! Admin email was not saved because it was not valid.") . '<br/>';
}
setGlobalSetting('siteadminname', strip_tags($_POST['siteadminname']));
setGlobalSetting('shownoanswer', sanitize_int($_POST['shownoanswer']));
setGlobalSetting('showxquestions', $_POST['showxquestions']);
setGlobalSetting('showgroupinfo', $_POST['showgroupinfo']);
setGlobalSetting('showqnumcode', $_POST['showqnumcode']);
$repeatheadingstemp = (int) $_POST['repeatheadings'];
if ($repeatheadingstemp == 0) {
$repeatheadingstemp = 25;
}
setGlobalSetting('repeatheadings', $repeatheadingstemp);
setGlobalSetting('maxemails', sanitize_int($maxemails));
$iSessionExpirationTime = (int) $_POST['iSessionExpirationTime'];
if ($iSessionExpirationTime == 0) {
$iSessionExpirationTime = 7200;
}
setGlobalSetting('iSessionExpirationTime', $iSessionExpirationTime);
setGlobalSetting('ipInfoDbAPIKey', $_POST['ipInfoDbAPIKey']);
setGlobalSetting('pdffontsize', $iPDFFontSize);
setGlobalSetting('pdfshowheader', $_POST['pdfshowheader']);
setGlobalSetting('pdflogowidth', $iPDFLogoWidth);
setGlobalSetting('pdfheadertitle', $_POST['pdfheadertitle']);
setGlobalSetting('pdfheaderstring', $_POST['pdfheaderstring']);
setGlobalSetting('googleMapsAPIKey', $_POST['googleMapsAPIKey']);
setGlobalSetting('googleanalyticsapikey', $_POST['googleanalyticsapikey']);
setGlobalSetting('googletranslateapikey', $_POST['googletranslateapikey']);
setGlobalSetting('force_ssl', $_POST['force_ssl']);
//.........这里部分代码省略.........
示例5: index
//.........这里部分代码省略.........
if (!is_null(Yii::app()->request->getPost('defaultanswerscale_0_' . $sLanguage . '_0'))) {
$this->_updateDefaultValues($iQuestionID, 0, 0, '', $sLanguage, Yii::app()->request->getPost('defaultanswerscale_0_' . $sLanguage . '_0'), true);
}
}
}
}
Yii::app()->session['flashmessage'] = gT("Default value settings were successfully saved.");
LimeExpressionManager::SetDirtyFlag();
if ($sDBOutput != '') {
echo $sDBOutput;
} else {
if (Yii::app()->request->getPost('close-after-save') === 'true') {
$this->getController()->redirect(array('admin/questions/sa/view/surveyid/' . $iSurveyID . '/gid/' . $iQuestionGroupID . '/qid/' . $iQuestionID));
}
$this->getController()->redirect(array('admin/questions/sa/editdefaultvalues/surveyid/' . $iSurveyID . '/gid/' . $iQuestionGroupID . '/qid/' . $iQuestionID));
}
}
if ($sAction == "updateansweroptions" && Permission::model()->hasSurveyPermission($iSurveyID, 'surveycontent', 'update')) {
Yii::app()->loadHelper('database');
$aSurveyLanguages = Survey::model()->findByPk($iSurveyID)->additionalLanguages;
$sBaseLanguage = Survey::model()->findByPk($iSurveyID)->language;
array_unshift($aSurveyLanguages, $sBaseLanguage);
$arQuestion = Question::model()->findByAttributes(array('qid' => $iQuestionID));
$sQuestionType = $arQuestion['type'];
// Checked)
$aQuestionTypeList = getQuestionTypeList('', 'array');
$iScaleCount = $aQuestionTypeList[$sQuestionType]['answerscales'];
//First delete all answers
Answer::model()->deleteAllByAttributes(array('qid' => $iQuestionID));
LimeExpressionManager::RevertUpgradeConditionsToRelevance($iSurveyID);
for ($iScaleID = 0; $iScaleID < $iScaleCount; $iScaleID++) {
$iMaxCount = (int) Yii::app()->request->getPost('answercount_' . $iScaleID);
for ($iSortOrderID = 1; $iSortOrderID < $iMaxCount; $iSortOrderID++) {
$sCode = sanitize_paranoid_string(Yii::app()->request->getPost('code_' . $iSortOrderID . '_' . $iScaleID));
$iAssessmentValue = (int) Yii::app()->request->getPost('assessment_' . $iSortOrderID . '_' . $iScaleID);
foreach ($aSurveyLanguages as $sLanguage) {
$sAnswerText = Yii::app()->request->getPost('answer_' . $sLanguage . '_' . $iSortOrderID . '_' . $iScaleID);
// Fix bug with FCKEditor saving strange BR types
$sAnswerText = $oFixCKeditor->fixCKeditor($sAnswerText);
// Now we insert the answers
$iInsertCount = Answer::model()->insertRecords(array('code' => $sCode, 'answer' => $sAnswerText, 'qid' => $iQuestionID, 'sortorder' => $iSortOrderID, 'language' => $sLanguage, 'assessment_value' => $iAssessmentValue, 'scale_id' => $iScaleID));
if (!$iInsertCount) {
Yii::app()->setFlashMessage(gT("Failed to update answers"), 'error');
}
}
// Updating code (oldcode!==null) => update condition with the new code
$sOldCode = Yii::app()->request->getPost('oldcode_' . $iSortOrderID . '_' . $iScaleID);
if (isset($sOldCode) && $sCode !== $sOldCode) {
Condition::model()->updateAll(array('value' => $sCode), 'cqid=:cqid AND value=:value', array(':cqid' => $iQuestionID, ':value' => $sOldCode));
}
}
// for ($sortorderid=0;$sortorderid<$maxcount;$sortorderid++)
}
// for ($scale_id=0;
LimeExpressionManager::UpgradeConditionsToRelevance($iSurveyID);
if (!Yii::app()->request->getPost('bFullPOST')) {
Yii::app()->setFlashMessage(gT("Not all answer options were saved. This usually happens due to server limitations ( PHP setting max_input_vars) - please contact your system administrator."));
} else {
Yii::app()->session['flashmessage'] = gT("Answer options were successfully saved.");
}
LimeExpressionManager::SetDirtyFlag();
if ($sDBOutput != '') {
echo $sDBOutput;
} else {
if (Yii::app()->request->getPost('close-after-save') === 'true') {
$this->getController()->redirect(array('admin/questions/sa/view/surveyid/' . $iSurveyID . '/gid/' . $iQuestionGroupID . '/qid/' . $iQuestionID));示例6: _getAssessmentPostData
private function _getAssessmentPostData($iSurveyID, $language)
{
if (!isset($_POST['gid'])) {
$_POST['gid'] = 0;
}
return array('sid' => $iSurveyID, 'scope' => sanitize_paranoid_string($_POST['scope']), 'gid' => sanitize_int($_POST['gid']), 'minimum' => intval($_POST['minimum']), 'maximum' => intval($_POST['maximum']), 'name' => $_POST['name_' . $language], 'language' => $language, 'message' => $_POST['assessmentmessage_' . $language]);
}示例7: _getUpdateKey
private function _getUpdateKey($sSubAction)
{
$updatekey = getGlobalSetting("updatekey");
if ($sSubAction == 'keyupdate') {
$updatekey = sanitize_paranoid_string($_POST['updatekey']);
setGlobalSetting('updatekey', $updatekey);
Yii::app()->setConfig("updatekey", $updatekey);
return $updatekey;
}
return $updatekey;
}示例8: sprintf
$importtemplateoutput .= "<div class=\"warningheader\">" . $clang->gT("Error") . "</div><br />\n";
$importtemplateoutput .= sprintf($clang->gT("Demo mode: Uploading templates is disabled."), $basedestdir) . "<br/><br/>\n";
$importtemplateoutput .= "<br/><input type=\"submit\" onclick=\"window.open('{$scriptname}?action=templates', '_top')\" value=\"" . $clang->gT("Template Editor") . "\"/>\n";
$importtemplateoutput .= "</div>\n";
return;
}
require "classes/phpzip/phpzip.inc.php";
//$the_full_file_path = $tempdir . "/" . $_FILES['the_file']['name'];
$zipfile = $_FILES['the_file']['tmp_name'];
$z = new PHPZip();
// Create temporary directory
// If dangerous content is unzipped
// then no one will know the path
$extractdir = tempdir($tempdir);
$basedestdir = $usertemplaterootdir;
$newdir = str_replace('.', '', strip_ext(sanitize_paranoid_string($_FILES['the_file']['name'])));
$destdir = $basedestdir . '/' . $newdir . '/';
if (!is_writeable($basedestdir)) {
$importtemplateoutput .= "<div class=\"warningheader\">" . $clang->gT("Error") . "</div><br />\n";
$importtemplateoutput .= sprintf($clang->gT("Incorrect permissions in your %s folder."), $basedestdir) . "<br/><br/>\n";
$importtemplateoutput .= "<br/><input type=\"submit\" onclick=\"window.open('{$scriptname}?action=templates', '_top')\" value=\"" . $clang->gT("Template Editor") . "\"/>\n";
$importtemplateoutput .= "</div>\n";
return;
}
if (!is_dir($destdir)) {
mkdir($destdir);
} else {
$importtemplateoutput .= "<div class=\"warningheader\">" . $clang->gT("Error") . "</div><br />\n";
$importtemplateoutput .= sprintf($clang->gT("Template '%s' does already exist."), $newdir) . "<br/><br/>\n";
$importtemplateoutput .= "<br/><input type=\"submit\" onclick=\"window.open('{$scriptname}?action=templates', '_top')\" value=\"" . $clang->gT("Template Editor") . "\"/>\n";
$importtemplateoutput .= "</div>\n";示例9: microtime
* MA 02110-1301, USA.
*/
require_once "../functions.php";
global $DEBUG;
if ($DEBUG) {
$starttime_main = microtime(true);
}
ini_set("session.cookie_httponly", 1);
session_start();
if ($_POST['submit'] == "submit") {
if ($_POST['user'] == "" || $_POST['pass'] == "") {
$emptyField = true;
} else {
$username = @sanitize_paranoid_string($_POST['user']);
$password = $_POST['pass'];
$ref = @sanitize_paranoid_string($_POST['ref']);
$userlogon = checkUser($username, $password);
if ($userlogon[0]['result']) {
$_SESSION['login'] = true;
$_SESSION['userName'] = ucfirst(strtolower($userlogon[0]['username']));
$_SESSION['userID'] = $userlogon[0]['user_id'];
$_SESSION['email'] = $userlogon[0]['email'];
$_SESSION['LAST_ACTIVITY'] = time();
// define first "last activity" timestamp
$_SESSION['CREATED'] = time();
// initialize the session create timestamp
if ($userlogon[0]['changePass']) {
$_SESSION['forceChangePass'] = true;
}
session_regenerate_id(true);
// change session ID for the current session an invalidate old session ID示例10: vvexport
public function vvexport()
{
$iSurveyID = sanitize_int(Yii::app()->request->getParam('surveyid'));
$subaction = Yii::app()->request->getParam('subaction');
//Exports all responses to a survey in special "Verified Voting" format.
$clang = $this->getController()->lang;
if (!hasSurveyPermission($iSurveyID, 'responses', 'export')) {
return;
}
if ($subaction != "export") {
$selecthide = "";
$selectshow = "";
$selectinc = "";
if (incompleteAnsFilterState() == "incomplete") {
$selectinc = "selected='selected'";
} elseif (incompleteAnsFilterState() == "complete") {
$selecthide = "selected='selected'";
} else {
$selectshow = "selected='selected'";
}
$data['selectinc'] = $selectinc;
$data['selecthide'] = $selecthide;
$data['selectshow'] = $selectshow;
$data['surveyid'] = $iSurveyID;
$data['display']['menu_bars']['browse'] = $clang->gT("Export VV file");
$this->_renderWrappedTemplate('export', 'vv_view', $data);
} elseif (isset($iSurveyID) && $iSurveyID) {
//Export is happening
$extension = sanitize_paranoid_string(returnGlobal('extension'));
$fn = "vvexport_{$iSurveyID}." . $extension;
$this->_addHeaders($fn, "text/comma-separated-values", 0, "cache");
$s = "\t";
$fieldmap = createFieldMap($iSurveyID, 'full', false, false, getBaseLanguageFromSurveyID($iSurveyID));
$surveytable = "{{survey_{$iSurveyID}}}";
Survey::model()->findByPk($iSurveyID)->language;
$fieldnames = Yii::app()->db->schema->getTable($surveytable)->getColumnNames();
//Create the human friendly first line
$firstline = "";
$secondline = "";
foreach ($fieldnames as $field) {
$fielddata = arraySearchByKey($field, $fieldmap, "fieldname", 1);
if (count($fielddata) < 1) {
$firstline .= $field;
} else {
$firstline .= preg_replace('/\\s+/', ' ', strip_tags($fielddata['question']));
}
$firstline .= $s;
$secondline .= $field . $s;
}
$vvoutput = $firstline . "\n";
$vvoutput .= $secondline . "\n";
$query = "SELECT * FROM " . Yii::app()->db->quoteTableName($surveytable);
if (incompleteAnsFilterState() == "incomplete") {
$query .= " WHERE submitdate IS NULL ";
} elseif (incompleteAnsFilterState() == "complete") {
$query .= " WHERE submitdate >= '01/01/1980' ";
}
$result = Yii::app()->db->createCommand($query)->query();
foreach ($result->readAll() as $row) {
foreach ($fieldnames as $field) {
if (is_null($row[$field])) {
$value = '{question_not_shown}';
} else {
$value = trim($row[$field]);
// sunscreen for the value. necessary for the beach.
// careful about the order of these arrays:
// lbrace has to be substituted *first*
$value = str_replace(array("{", "\n", "\r", "\t"), array("{lbrace}", "{newline}", "{cr}", "{tab}"), $value);
}
// one last tweak: excel likes to quote values when it
// exports as tab-delimited (esp if value contains a comma,
// oddly enough). So we're going to encode a leading quote,
// if it occurs, so that we can tell the difference between
// strings that "really are" quoted, and those that excel quotes
// for us.
$value = preg_replace('/^"/', '{quote}', $value);
// yay! that nasty soab won't hurt us now!
if ($field == "submitdate" && !$value) {
$value = "NULL";
}
$sun[] = $value;
}
$beach = implode($s, $sun);
$vvoutput .= $beach;
unset($sun);
$vvoutput .= "\n";
}
echo $vvoutput;
exit;
}
}示例11: attributeMapCSV
function attributeMapCSV()
{
$clang = $this->getController()->lang;
$sRandomFileName = randomChars(20);
$sFilePath = Yii::app()->getConfig('tempdir') . DIRECTORY_SEPARATOR . $sRandomFileName;
$aPathinfo = pathinfo($_FILES['the_file']['name']);
$sExtension = $aPathinfo['extension'];
if (strtolower($sExtension) == 'csv') {
$bMoveFileResult = @move_uploaded_file($_FILES['the_file']['tmp_name'], $sFilePath);
$errorinupload = '';
$filterblankemails = Yii::app()->request->getPost('filterbea');
} else {
$templateData['error_msg'] = sprintf($clang->gT("This is not a .csv file."), Yii::app()->getConfig('tempdir'));
$errorinupload = array('error' => $this->upload->display_errors());
Yii::app()->session['summary'] = array('errorinupload' => $errorinupload);
$this->_renderWrappedTemplate('participants', array('participantsPanel', 'uploadSummary'), array('aAttributes' => ParticipantAttributeName::model()->getAllAttributes()));
}
if (!$bMoveFileResult) {
$templateData['error_msg'] = sprintf($clang->gT("An error occurred uploading your file. This may be caused by incorrect permissions in your %s folder."), Yii::app()->getConfig('tempdir'));
$errorinupload = array('error' => $this->upload->display_errors());
Yii::app()->session['summary'] = array('errorinupload' => $errorinupload);
$this->_renderWrappedTemplate('participants', array('participantsPanel', 'uploadSummary'), array('aAttributes' => ParticipantAttributeName::model()->getAllAttributes()));
} else {
$aData = array('upload_data' => $_FILES['the_file']);
$sFileName = $_FILES['the_file']['name'];
$regularfields = array('firstname', 'participant_id', 'lastname', 'email', 'language', 'blacklisted', 'owner_uid');
$csvread = fopen($sFilePath, 'r');
$separator = Yii::app()->request->getPost('separatorused');
$firstline = fgetcsv($csvread, 1000, ',');
$selectedcsvfields = array();
foreach ($firstline as $key => $value) {
$testvalue = preg_replace('/[^(\\x20-\\x7F)]*/', '', $value);
//Remove invalid characters from string
if (!in_array(strtolower($testvalue), $regularfields)) {
array_push($selectedcsvfields, $value);
}
$fieldlist[] = $value;
}
$linecount = count(file($sFilePath));
$attributes = ParticipantAttributeName::model()->model()->getCPDBAttributes();
$aData = array('attributes' => $attributes, 'firstline' => $selectedcsvfields, 'fullfilepath' => $sRandomFileName, 'linecount' => $linecount - 1, 'filterbea' => $filterblankemails, 'participant_id_exists' => in_array('participant_id', $fieldlist));
App()->getClientScript()->registerCssFile(Yii::app()->getConfig('adminstyleurl') . "attributeMapCSV.css");
App()->getClientScript()->registerPackage('qTip2');
App()->getClientScript()->registerPackage('jquery-nestedSortable');
App()->getClientScript()->registerScriptFile(Yii::app()->getConfig('adminscripts') . "attributeMapCSV.js");
$sAttributeMapJS = "var copyUrl = '" . App()->createUrl("admin/participants/sa/uploadCSV") . "';\n" . "var displayParticipants = '" . App()->createUrl("admin/participants/sa/displayParticipants") . "';\n" . "var mapCSVcancelled = '" . App()->createUrl("admin/participants/sa/mapCSVcancelled") . "';\n" . "var characterset = '" . sanitize_paranoid_string($_POST['characterset']) . "';\n" . "var okBtn = '" . $clang->gT("OK") . "';\n" . "var processed = '" . $clang->gT("Summary") . "';\n" . "var summary = '" . $clang->gT("Upload summary") . "';\n" . "var notPairedErrorTxt = '" . $clang->gT("You have to pair this field with an existing attribute.") . "';\n" . "var onlyOnePairedErrorTxt = '" . $clang->gT("Only one CSV attribute is mapped with central attribute.") . "';\n" . "var cannotAcceptErrorTxt='" . $clang->gT("This list cannot accept token attributes.") . "';\n" . "var separator = '" . sanitize_paranoid_string($_POST['separatorused']) . "';\n" . "var thefilepath = '" . $sRandomFileName . "';\n" . "var filterblankemails = '" . $filterblankemails . "';\n";
App()->getClientScript()->registerScript("sAttributeMapJS", $sAttributeMapJS, CClientScript::POS_BEGIN);
$this->_renderWrappedTemplate('participants', 'attributeMapCSV', $aData);
}
}示例12: check
function check($input, $flags, $min = '', $max = '')
{
$oldput = $input;
if ($flags & UTF8) {
$input = my_utf8_decode($input);
}
if ($flags & PARANOID) {
$input = sanitize_paranoid_string($input, $min, $max);
}
if ($flags & INT) {
$input = sanitize_int($input, $min, $max);
}
if ($flags & FLOAT) {
$input = sanitize_float($input, $min, $max);
}
if ($flags & HTML) {
$input = sanitize_html_string($input, $min, $max);
}
if ($flags & LDAP) {
$input = sanitize_ldap_string($input, $min, $max);
}
if ($flags & SYSTEM) {
$input = sanitize_system_string($input, $min, $max, TRUE);
}
if ($input != $oldput) {
return FALSE;
}
return TRUE;
}示例13: hasTemplateManageRights
function hasTemplateManageRights($userid, $templatefolder)
{
global $connect;
global $dbprefix;
$userid = sanitize_int($userid);
$templatefolder = sanitize_paranoid_string($templatefolder);
$query = "SELECT " . db_quote_id('use') . " FROM {$dbprefix}templates_rights WHERE uid=" . $userid . " AND folder LIKE '" . $templatefolder . "'";
$result = db_execute_assoc($query) or safe_die($connect->ErrorMsg());
//Safe
if ($result->RecordCount() == 0) {
return false;
}
$row = $result->FetchRow();
return $row["use"];
}示例14: InputFilter
$count = 0;
$invalidCode = 0;
$duplicateCode = 0;
require_once "../classes/inputfilter/class.inputfilter_clean.php";
$myFilter = new InputFilter('', '', 1, 1, 1);
//First delete all answers
$query = "delete from " . db_table_name('answers') . " where qid=" . db_quote($qid);
$result = $connect->Execute($query);
// Checked
LimeExpressionManager::RevertUpgradeConditionsToRelevance($surveyid);
for ($scale_id = 0; $scale_id < $scalecount; $scale_id++) {
$maxcount = (int) $_POST['answercount_' . $scale_id];
for ($sortorderid = 1; $sortorderid < $maxcount; $sortorderid++) {
$code = sanitize_paranoid_string($_POST['code_' . $sortorderid . '_' . $scale_id]);
if (isset($_POST['oldcode_' . $sortorderid . '_' . $scale_id])) {
$oldcode = sanitize_paranoid_string($_POST['oldcode_' . $sortorderid . '_' . $scale_id]);
if ($code !== $oldcode) {
$query = 'UPDATE ' . db_table_name('conditions') . ' SET value=' . db_quoteall($code) . ' WHERE cqid=' . db_quote($qid) . ' AND value=' . db_quoteall($oldcode);
$connect->execute($query);
}
}
$assessmentvalue = (int) $_POST['assessment_' . $sortorderid . '_' . $scale_id];
foreach ($alllanguages as $language) {
$answer = $_POST['answer_' . $language . '_' . $sortorderid . '_' . $scale_id];
if ($filterxsshtml) {
//Sanitize input, strip XSS
$answer = $myFilter->process($answer);
} else {
$answer = html_entity_decode($answer, ENT_QUOTES, "UTF-8");
}
// Fix bug with FCKEditor saving strange BR types示例15: vvexport
public function vvexport()
{
$iSurveyId = sanitize_int(Yii::app()->request->getParam('surveyid'));
$subaction = Yii::app()->request->getParam('subaction');
//Exports all responses to a survey in special "Verified Voting" format.
if (!Permission::model()->hasSurveyPermission($iSurveyId, 'responses', 'export')) {
Yii::app()->session['flashmessage'] = gT("You do not have sufficient rights to access this page.");
$this->getController()->redirect($this->getController()->createUrl("/admin/survey/sa/view/surveyid/{$iSurveyId}"));
}
if ($subaction != "export") {
$aData['selectincansstate'] = incompleteAnsFilterState();
$aData['surveyid'] = $iSurveyId;
$aData['display']['menu_bars']['browse'] = gT("Export VV file");
$fieldmap = createFieldMap($iSurveyId, 'full', false, false, getBaseLanguageFromSurveyID($iSurveyId));
Survey::model()->findByPk($iSurveyId)->language;
$surveytable = "{{survey_{$iSurveyId}}}";
// Control if fieldcode are unique
$fieldnames = Yii::app()->db->schema->getTable($surveytable)->getColumnNames();
foreach ($fieldnames as $field) {
$fielddata = arraySearchByKey($field, $fieldmap, "fieldname", 1);
$fieldcode[] = viewHelper::getFieldCode($fielddata, array("LEMcompat" => true));
}
$aData['uniquefieldcode'] = count(array_unique($fieldcode)) == count($fieldcode);
// Did we need more control ?
$aData['vvversionseleted'] = $aData['uniquefieldcode'] ? 2 : 1;
$this->_renderWrappedTemplate('export', 'vv_view', $aData);
} elseif (isset($iSurveyId) && $iSurveyId) {
//Export is happening
$extension = sanitize_paranoid_string(returnGlobal('extension'));
$vvVersion = (int) Yii::app()->request->getPost('vvversion');
$vvVersion = in_array($vvVersion, array(1, 2)) ? $vvVersion : 2;
// Only 2 version actually, default to 2
$fn = "vvexport_{$iSurveyId}." . $extension;
$this->_addHeaders($fn, "text/comma-separated-values", 0, "cache");
$s = "\t";
$fieldmap = createFieldMap($iSurveyId, 'full', false, false, getBaseLanguageFromSurveyID($iSurveyId));
$surveytable = "{{survey_{$iSurveyId}}}";
Survey::model()->findByPk($iSurveyId)->language;
$fieldnames = Yii::app()->db->schema->getTable($surveytable)->getColumnNames();
//Create the human friendly first line
$firstline = "";
$secondline = "";
foreach ($fieldnames as $field) {
$fielddata = arraySearchByKey($field, $fieldmap, "fieldname", 1);
if (count($fielddata) < 1) {
$firstline .= $field;
} else {
$firstline .= preg_replace('/\\s+/', ' ', strip_tags($fielddata['question']));
}
$firstline .= $s;
if ($vvVersion == 2) {
$fieldcode = viewHelper::getFieldCode($fielddata, array("LEMcompat" => true));
$fieldcode = $fieldcode ? $fieldcode : $field;
// $fieldcode is empty for token if there are no token table
} else {
$fieldcode = $field;
}
$secondline .= $fieldcode . $s;
}
$vvoutput = $firstline . "\n";
$vvoutput .= $secondline . "\n";
$query = "SELECT * FROM " . Yii::app()->db->quoteTableName($surveytable);
if (incompleteAnsFilterState() == "incomplete") {
$query .= " WHERE submitdate IS NULL ";
} elseif (incompleteAnsFilterState() == "complete") {
$query .= " WHERE submitdate >= '01/01/1980' ";
}
$result = Yii::app()->db->createCommand($query)->query();
echo $vvoutput;
foreach ($result as $row) {
foreach ($fieldnames as $field) {
if (is_null($row[$field])) {
$value = '{question_not_shown}';
} else {
$value = trim($row[$field]);
// sunscreen for the value. necessary for the beach.
// careful about the order of these arrays:
// lbrace has to be substituted *first*
$value = str_replace(array("{", "\n", "\r", "\t"), array("{lbrace}", "{newline}", "{cr}", "{tab}"), $value);
}
// one last tweak: excel likes to quote values when it
// exports as tab-delimited (esp if value contains a comma,
// oddly enough). So we're going to encode a leading quote,
// if it occurs, so that we can tell the difference between
// strings that "really are" quoted, and those that excel quotes
// for us.
$value = preg_replace('/^"/', '{quote}', $value);
// yay! that nasty soab won't hurt us now!
if ($field == "submitdate" && !$value) {
$value = "NULL";
}
$sun[] = $value;
}
/* it is important here to stream output data, line by line
* in order to avoid huge memory consumption when exporting large
* quantities of answers */
echo implode($s, $sun) . "\n";
unset($sun);
}
exit;
//.........这里部分代码省略.........