本文整理汇总了PHP中sanitize_tag函数的典型用法代码示例。如果您正苦于以下问题:PHP sanitize_tag函数的具体用法?PHP sanitize_tag怎么用?PHP sanitize_tag使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了sanitize_tag函数的11个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: setArticleTags
function setArticleTags()
{
$id = db_escape_string($_REQUEST["id"]);
$tags_str = db_escape_string($_REQUEST["tags_str"]);
$tags = array_unique(trim_array(explode(",", $tags_str)));
db_query($this->link, "BEGIN");
$result = db_query($this->link, "SELECT int_id FROM ttrss_user_entries WHERE\n\t\t\t\tref_id = '{$id}' AND owner_uid = '" . $_SESSION["uid"] . "' LIMIT 1");
if (db_num_rows($result) == 1) {
$tags_to_cache = array();
$int_id = db_fetch_result($result, 0, "int_id");
db_query($this->link, "DELETE FROM ttrss_tags WHERE\n\t\t\t\tpost_int_id = {$int_id} AND owner_uid = '" . $_SESSION["uid"] . "'");
foreach ($tags as $tag) {
$tag = sanitize_tag($tag);
if (!tag_is_valid($tag)) {
continue;
}
if (preg_match("/^[0-9]*\$/", $tag)) {
continue;
}
// print "<!-- $id : $int_id : $tag -->";
if ($tag != '') {
db_query($this->link, "INSERT INTO ttrss_tags\n\t\t\t\t\t\t\t\t(post_int_id, owner_uid, tag_name) VALUES ('{$int_id}', '" . $_SESSION["uid"] . "', '{$tag}')");
}
array_push($tags_to_cache, $tag);
}
/* update tag cache */
sort($tags_to_cache);
$tags_str = join(",", $tags_to_cache);
db_query($this->link, "UPDATE ttrss_user_entries\n\t\t\t\tSET tag_cache = '{$tags_str}' WHERE ref_id = '{$id}'\n\t\t\t\t\t\tAND owner_uid = " . $_SESSION["uid"]);
}
db_query($this->link, "COMMIT");
$tags = get_article_tags($this->link, $id);
$tags_str = format_tags_string($tags, $id);
$tags_str_full = join(", ", $tags);
if (!$tags_str_full) {
$tags_str_full = __("no tags");
}
print json_encode(array("tags_str" => array("id" => $id, "content" => $tags_str, "content_full" => $tags_str_full)));
}示例2: update_rss_feed
//.........这里部分代码省略.........
_debug("assigning labels...", $debug_enabled);
assign_article_to_label_filters($entry_ref_id, $article_filters, $owner_uid, $article_labels);
_debug("looking for enclosures...", $debug_enabled);
// enclosures
$enclosures = array();
$encs = $item->get_enclosures();
if (is_array($encs)) {
foreach ($encs as $e) {
$e_item = array($e->link, $e->type, $e->length);
array_push($enclosures, $e_item);
}
}
if ($debug_enabled) {
_debug("article enclosures:", $debug_enabled);
print_r($enclosures);
}
db_query("BEGIN");
foreach ($enclosures as $enc) {
$enc_url = db_escape_string($enc[0]);
$enc_type = db_escape_string($enc[1]);
$enc_dur = db_escape_string($enc[2]);
$result = db_query("SELECT id FROM ttrss_enclosures\n\t\t\t\t\t\tWHERE content_url = '{$enc_url}' AND post_id = '{$entry_ref_id}'");
if (db_num_rows($result) == 0) {
db_query("INSERT INTO ttrss_enclosures\n\t\t\t\t\t\t\t(content_url, content_type, title, duration, post_id) VALUES\n\t\t\t\t\t\t\t('{$enc_url}', '{$enc_type}', '', '{$enc_dur}', '{$entry_ref_id}')");
}
}
db_query("COMMIT");
// check for manual tags (we have to do it here since they're loaded from filters)
foreach ($article_filters as $f) {
if ($f["type"] == "tag") {
$manual_tags = trim_array(explode(",", $f["param"]));
foreach ($manual_tags as $tag) {
if (tag_is_valid($tag)) {
array_push($entry_tags, $tag);
}
}
}
}
// Skip boring tags
$boring_tags = trim_array(explode(",", mb_strtolower(get_pref('BLACKLISTED_TAGS', $owner_uid, ''), 'utf-8')));
$filtered_tags = array();
$tags_to_cache = array();
if ($entry_tags && is_array($entry_tags)) {
foreach ($entry_tags as $tag) {
if (array_search($tag, $boring_tags) === false) {
array_push($filtered_tags, $tag);
}
}
}
$filtered_tags = array_unique($filtered_tags);
if ($debug_enabled) {
_debug("filtered article tags:", $debug_enabled);
print_r($filtered_tags);
}
// Save article tags in the database
if (count($filtered_tags) > 0) {
db_query("BEGIN");
foreach ($filtered_tags as $tag) {
$tag = sanitize_tag($tag);
$tag = db_escape_string($tag);
if (!tag_is_valid($tag)) {
continue;
}
$result = db_query("SELECT id FROM ttrss_tags\n\t\t\t\t\t\t\tWHERE tag_name = '{$tag}' AND post_int_id = '{$entry_int_id}' AND\n\t\t\t\t\t\t\towner_uid = '{$owner_uid}' LIMIT 1");
if ($result && db_num_rows($result) == 0) {
db_query("INSERT INTO ttrss_tags\n\t\t\t\t\t\t\t\t\t(owner_uid,tag_name,post_int_id)\n\t\t\t\t\t\t\t\t\tVALUES ('{$owner_uid}','{$tag}', '{$entry_int_id}')");
}
array_push($tags_to_cache, $tag);
}
/* update the cache */
$tags_to_cache = array_unique($tags_to_cache);
$tags_str = db_escape_string(join(",", $tags_to_cache));
db_query("UPDATE ttrss_user_entries\n\t\t\t\t\t\tSET tag_cache = '{$tags_str}' WHERE ref_id = '{$entry_ref_id}'\n\t\t\t\t\t\tAND owner_uid = {$owner_uid}");
db_query("COMMIT");
}
if (get_pref("AUTO_ASSIGN_LABELS", $owner_uid, false)) {
_debug("auto-assigning labels...", $debug_enabled);
foreach ($labels as $label) {
$caption = preg_quote($label["caption"]);
if ($caption && preg_match("/\\b{$caption}\\b/i", "{$tags_str} " . strip_tags($entry_content) . " {$entry_title}")) {
if (!labels_contains_caption($article_labels, $caption)) {
label_add_article($entry_ref_id, $caption, $owner_uid);
}
}
}
}
_debug("article processed", $debug_enabled);
}
_debug("purging feed...", $debug_enabled);
purge_feed($feed, 0, $debug_enabled);
db_query("UPDATE ttrss_feeds\n\t\t\t\tSET last_updated = NOW(), last_error = '' WHERE id = '{$feed}'");
// db_query("COMMIT");
} else {
$error_msg = db_escape_string(mb_substr($rss->error(), 0, 245));
_debug("error fetching feed: {$error_msg}", $debug_enabled);
db_query("UPDATE ttrss_feeds SET last_error = '{$error_msg}',\n\t\t\t\t\tlast_updated = NOW() WHERE id = '{$feed}'");
}
unset($rss);
_debug("done", $debug_enabled);
}示例3: array_unique
$RequestID = $DB->inserted_id();
} else {
$DB->query("UPDATE requests
SET CategoryID = ".$CategoryID.",
Title = '".db_string($Title)."',
Image = '".db_string($Image)."',
Description = '".db_string($Description)."'
WHERE ID = ".$RequestID);
}
}
//Tags
$Tags = array_unique(explode(',', $Tags));
foreach($Tags as $Index => $Tag) {
$Tag = sanitize_tag($Tag);
$Tags[$Index] = $Tag; //For announce
$DB->query("INSERT INTO tags
(Name, UserID)
VALUES
('".$Tag."', ".$LoggedUser['ID'].")
ON DUPLICATE KEY UPDATE Uses=Uses+1");
$TagID = $DB->inserted_id();
$DB->query("INSERT IGNORE INTO requests_tags
(TagID, RequestID)
VALUES
(".$TagID.", ".$RequestID.")");
}示例4: update_rss_feed_real
//.........这里部分代码省略.........
assign_article_to_labels($link, $entry_ref_id, $article_filters, $owner_uid);
if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
_debug("update_rss_feed: looking for enclosures...");
}
if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
print_r($enclosures);
}
db_query($link, "BEGIN");
foreach ($enclosures as $enc) {
$enc_url = db_escape_string($enc[0]);
$enc_type = db_escape_string($enc[1]);
$enc_dur = db_escape_string($enc[2]);
$result = db_query($link, "SELECT id FROM ttrss_enclosures\n\t\t\t\t\t\tWHERE content_url = '{$enc_url}' AND post_id = '{$entry_ref_id}'");
if (db_num_rows($result) == 0) {
db_query($link, "INSERT INTO ttrss_enclosures\n\t\t\t\t\t\t\t(content_url, content_type, title, duration, post_id) VALUES\n\t\t\t\t\t\t\t('{$enc_url}', '{$enc_type}', '', '{$enc_dur}', '{$entry_ref_id}')");
}
}
db_query($link, "COMMIT");
if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
_debug("update_rss_feed: looking for tags...");
}
/* taaaags */
// <a href="..." rel="tag">Xorg</a>, //
$entry_tags = null;
preg_match_all("/<a.*?rel=['\"]tag['\"].*?>([^<]+)<\\/a>/i", $entry_content_unescaped, $entry_tags);
/* print "<p><br/>$entry_title : $entry_content_unescaped<br>";
print_r($entry_tags);
print "<br/></p>"; */
$entry_tags = $entry_tags[1];
# check for manual tags
foreach ($article_filters as $f) {
if ($f[0] == "tag") {
$manual_tags = trim_array(split(",", $f[1]));
foreach ($manual_tags as $tag) {
if (tag_is_valid($tag)) {
array_push($entry_tags, $tag);
}
}
}
}
$boring_tags = trim_array(split(",", mb_strtolower(get_pref($link, 'BLACKLISTED_TAGS', $owner_uid, ''), 'utf-8')));
if ($additional_tags && is_array($additional_tags)) {
foreach ($additional_tags as $tag) {
if (tag_is_valid($tag) && array_search($tag, $boring_tags) === FALSE) {
array_push($entry_tags, $tag);
}
}
}
// print "<p>TAGS: "; print_r($entry_tags); print "</p>";
if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
print_r($entry_tags);
}
if (count($entry_tags) > 0) {
db_query($link, "BEGIN");
foreach ($entry_tags as $tag) {
$tag = sanitize_tag($tag);
$tag = db_escape_string($tag);
if (!tag_is_valid($tag)) {
continue;
}
$result = db_query($link, "SELECT id FROM ttrss_tags\t\t\n\t\t\t\t\t\t\t\tWHERE tag_name = '{$tag}' AND post_int_id = '{$entry_int_id}' AND \n\t\t\t\t\t\t\t\towner_uid = '{$owner_uid}' LIMIT 1");
// print db_fetch_result($result, 0, "id");
if ($result && db_num_rows($result) == 0) {
db_query($link, "INSERT INTO ttrss_tags \n\t\t\t\t\t\t\t\t\t(owner_uid,tag_name,post_int_id)\n\t\t\t\t\t\t\t\t\tVALUES ('{$owner_uid}','{$tag}', '{$entry_int_id}')");
}
}
db_query($link, "COMMIT");
}
if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
_debug("update_rss_feed: article processed");
}
}
if (!$last_updated) {
if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
_debug("update_rss_feed: new feed, catching it up...");
}
catchup_feed($link, $feed, false, $owner_uid);
}
purge_feed($link, $feed, 0);
db_query($link, "UPDATE ttrss_feeds \n\t\t\t\tSET last_updated = NOW(), last_error = '' WHERE id = '{$feed}'");
// db_query($link, "COMMIT");
} else {
if ($use_simplepie) {
$error_msg = mb_substr($rss->error(), 0, 250);
} else {
$error_msg = mb_substr(magpie_error(), 0, 250);
}
if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
_debug("update_rss_feed: error fetching feed: {$error_msg}");
}
$error_msg = db_escape_string($error_msg);
db_query($link, "UPDATE ttrss_feeds SET last_error = '{$error_msg}', \n\t\t\t\t\tlast_updated = NOW() WHERE id = '{$feed}'");
}
if ($use_simplepie) {
unset($rss);
}
if (defined('DAEMON_EXTENDED_DEBUG') || $_REQUEST['xdebug']) {
_debug("update_rss_feed: done");
}
}示例5: update_rss_feed
//.........这里部分代码省略.........
}
}
if ($debug_enabled) {
_debug("update_rss_feed: article enclosures:");
print_r($enclosures);
}
db_query($link, "BEGIN");
foreach ($enclosures as $enc) {
$enc_url = db_escape_string($enc[0]);
$enc_type = db_escape_string($enc[1]);
$enc_dur = db_escape_string($enc[2]);
$result = db_query($link, "SELECT id FROM ttrss_enclosures\n\t\t\t\t\t\tWHERE content_url = '{$enc_url}' AND post_id = '{$entry_ref_id}'");
if (db_num_rows($result) == 0) {
db_query($link, "INSERT INTO ttrss_enclosures\n\t\t\t\t\t\t\t(content_url, content_type, title, duration, post_id) VALUES\n\t\t\t\t\t\t\t('{$enc_url}', '{$enc_type}', '', '{$enc_dur}', '{$entry_ref_id}')");
}
}
db_query($link, "COMMIT");
// check for manual tags (we have to do it here since they're loaded from filters)
foreach ($article_filters as $f) {
if ($f["type"] == "tag") {
$manual_tags = trim_array(explode(",", $f["param"]));
foreach ($manual_tags as $tag) {
if (tag_is_valid($tag)) {
array_push($entry_tags, $tag);
}
}
}
}
// Skip boring tags
$boring_tags = trim_array(explode(",", mb_strtolower(get_pref($link, 'BLACKLISTED_TAGS', $owner_uid, ''), 'utf-8')));
$filtered_tags = array();
$tags_to_cache = array();
if ($entry_tags && is_array($entry_tags)) {
foreach ($entry_tags as $tag) {
if (array_search($tag, $boring_tags) === false) {
array_push($filtered_tags, $tag);
}
}
}
$filtered_tags = array_unique($filtered_tags);
if ($debug_enabled) {
_debug("update_rss_feed: filtered article tags:");
print_r($filtered_tags);
}
// Save article tags in the database
if (count($filtered_tags) > 0) {
db_query($link, "BEGIN");
foreach ($filtered_tags as $tag) {
$tag = sanitize_tag($tag);
$tag = db_escape_string($tag);
if (!tag_is_valid($tag)) {
continue;
}
$result = db_query($link, "SELECT id FROM ttrss_tags\n\t\t\t\t\t\t\tWHERE tag_name = '{$tag}' AND post_int_id = '{$entry_int_id}' AND\n\t\t\t\t\t\t\towner_uid = '{$owner_uid}' LIMIT 1");
if ($result && db_num_rows($result) == 0) {
db_query($link, "INSERT INTO ttrss_tags\n\t\t\t\t\t\t\t\t\t(owner_uid,tag_name,post_int_id)\n\t\t\t\t\t\t\t\t\tVALUES ('{$owner_uid}','{$tag}', '{$entry_int_id}')");
}
array_push($tags_to_cache, $tag);
}
/* update the cache */
$tags_to_cache = array_unique($tags_to_cache);
$tags_str = db_escape_string(join(",", $tags_to_cache));
db_query($link, "UPDATE ttrss_user_entries\n\t\t\t\t\t\tSET tag_cache = '{$tags_str}' WHERE ref_id = '{$entry_ref_id}'\n\t\t\t\t\t\tAND owner_uid = {$owner_uid}");
db_query($link, "COMMIT");
}
if ($debug_enabled) {
_debug("update_rss_feed: article processed");
}
}
if (!$last_updated) {
if ($debug_enabled) {
_debug("update_rss_feed: new feed, catching it up...");
}
catchup_feed($link, $feed, false, $owner_uid);
}
if ($debug_enabled) {
_debug("purging feed...");
}
purge_feed($link, $feed, 0, $debug_enabled);
db_query($link, "UPDATE ttrss_feeds\n\t\t\t\tSET last_updated = NOW(), last_error = '' WHERE id = '{$feed}'");
// db_query($link, "COMMIT");
} else {
if ($use_simplepie) {
$error_msg = mb_substr($rss->error(), 0, 250);
} else {
$error_msg = mb_substr(magpie_error(), 0, 250);
}
if ($debug_enabled) {
_debug("update_rss_feed: error fetching feed: {$error_msg}");
}
$error_msg = db_escape_string($error_msg);
db_query($link, "UPDATE ttrss_feeds SET last_error = '{$error_msg}',\n\t\t\t\t\tlast_updated = NOW() WHERE id = '{$feed}'");
}
if ($use_simplepie) {
unset($rss);
}
if ($debug_enabled) {
_debug("update_rss_feed: done");
}
}示例6: sanitize_data
function sanitize_data($input)
{
if (is_array($input)) {
// Sanitize Array
foreach ($input as $var => $val) {
$output[$var] = sanitize_data($val);
}
} else {
// Remove whitespaces (not a must though)
$input = trim($input);
$input = str_replace('--', '', $input);
$input = str_replace('..', '', $input);
$input = str_replace(';', '', $input);
$input = str_replace('/*', '', $input);
// Injection sql
$input = str_ireplace('HAVING', '', $input);
$input = str_ireplace('UNION', '', $input);
$input = str_ireplace('SUBSTRING', '', $input);
$input = str_ireplace('ASCII', '', $input);
$input = str_ireplace('SHA1', '', $input);
#MD5 is used by md5secret
#$input = str_ireplace('MD5', '', $input);
$input = str_ireplace('ROW_COUNT', '', $input);
$input = str_ireplace('SELECT', '', $input);
$input = str_ireplace('INSERT', '', $input);
$input = str_ireplace('CASE WHEN', '', $input);
$input = str_ireplace('INFORMATION_SCHEMA', '', $input);
$input = str_ireplace('DROP', '', $input);
$input = str_ireplace('RLIKE', '', $input);
$input = str_ireplace(' IF', '', $input);
$input = str_ireplace(' OR ', '', $input);
$input = str_ireplace('\\', '', $input);
//$input = str_ireplace('DELETE', '', $input);
$input = str_ireplace('CONCAT', '', $input);
$input = str_ireplace('WHERE', '', $input);
$input = str_ireplace('UPDATE', '', $input);
$input = str_ireplace(' or 1', '', $input);
$input = str_ireplace(' or true', '', $input);
//Permutation - in mailing admin/Public/A2B_entity_mailtemplate.php
// we use url with key=$loginkey$
$input = str_ireplace('=$', '+$', $input);
$input = str_ireplace('=', '', $input);
$input = str_ireplace('+$', '=$', $input);
if (get_magic_quotes_gpc()) {
$input = stripslashes($input);
}
$input = sanitize_tag($input);
$output = addslashes($input);
}
return $output;
}示例7: update_rss_feed
//.........这里部分代码省略.........
_debug("assigning labels [filters]...", $debug_enabled);
assign_article_to_label_filters($entry_ref_id, $article_filters, $owner_uid, $article_labels);
_debug("looking for enclosures...", $debug_enabled);
// enclosures
$enclosures = array();
$encs = $item->get_enclosures();
if (is_array($encs)) {
foreach ($encs as $e) {
$e_item = array($e->link, $e->type, $e->length, $e->title, $e->width, $e->height);
array_push($enclosures, $e_item);
}
}
if ($debug_enabled) {
_debug("article enclosures:", $debug_enabled);
print_r($enclosures);
}
db_query("BEGIN");
// debugging
// db_query("DELETE FROM ttrss_enclosures WHERE post_id = '$entry_ref_id'");
foreach ($enclosures as $enc) {
$enc_url = db_escape_string($enc[0]);
$enc_type = db_escape_string($enc[1]);
$enc_dur = db_escape_string($enc[2]);
$enc_title = db_escape_string($enc[3]);
$enc_width = intval($enc[4]);
$enc_height = intval($enc[5]);
$result = db_query("SELECT id FROM ttrss_enclosures\n\t\t\t\t\t\tWHERE content_url = '{$enc_url}' AND post_id = '{$entry_ref_id}'");
if (db_num_rows($result) == 0) {
db_query("INSERT INTO ttrss_enclosures\n\t\t\t\t\t\t\t(content_url, content_type, title, duration, post_id, width, height) VALUES\n\t\t\t\t\t\t\t('{$enc_url}', '{$enc_type}', '{$enc_title}', '{$enc_dur}', '{$entry_ref_id}', {$enc_width}, {$enc_height})");
}
}
db_query("COMMIT");
// check for manual tags (we have to do it here since they're loaded from filters)
foreach ($article_filters as $f) {
if ($f["type"] == "tag") {
$manual_tags = trim_array(explode(",", $f["param"]));
foreach ($manual_tags as $tag) {
if (tag_is_valid($tag)) {
array_push($entry_tags, $tag);
}
}
}
}
// Skip boring tags
$boring_tags = trim_array(explode(",", mb_strtolower(get_pref('BLACKLISTED_TAGS', $owner_uid, ''), 'utf-8')));
$filtered_tags = array();
$tags_to_cache = array();
if ($entry_tags && is_array($entry_tags)) {
foreach ($entry_tags as $tag) {
if (array_search($tag, $boring_tags) === false) {
array_push($filtered_tags, $tag);
}
}
}
$filtered_tags = array_unique($filtered_tags);
if ($debug_enabled) {
_debug("filtered article tags:", $debug_enabled);
print_r($filtered_tags);
}
// Save article tags in the database
if (count($filtered_tags) > 0) {
db_query("BEGIN");
foreach ($filtered_tags as $tag) {
$tag = sanitize_tag($tag);
$tag = db_escape_string($tag);
if (!tag_is_valid($tag)) {
continue;
}
$result = db_query("SELECT id FROM ttrss_tags\n\t\t\t\t\t\t\tWHERE tag_name = '{$tag}' AND post_int_id = '{$entry_int_id}' AND\n\t\t\t\t\t\t\towner_uid = '{$owner_uid}' LIMIT 1");
if ($result && db_num_rows($result) == 0) {
db_query("INSERT INTO ttrss_tags\n\t\t\t\t\t\t\t\t\t(owner_uid,tag_name,post_int_id)\n\t\t\t\t\t\t\t\t\tVALUES ('{$owner_uid}','{$tag}', '{$entry_int_id}')");
}
array_push($tags_to_cache, $tag);
}
/* update the cache */
$tags_to_cache = array_unique($tags_to_cache);
$tags_str = db_escape_string(join(",", $tags_to_cache));
db_query("UPDATE ttrss_user_entries\n\t\t\t\t\t\tSET tag_cache = '{$tags_str}' WHERE ref_id = '{$entry_ref_id}'\n\t\t\t\t\t\tAND owner_uid = {$owner_uid}");
db_query("COMMIT");
}
_debug("article processed", $debug_enabled);
}
_debug("purging feed...", $debug_enabled);
purge_feed($feed, 0, $debug_enabled);
db_query("UPDATE ttrss_feeds\n\t\t\t\tSET last_updated = NOW(), last_error = '' WHERE id = '{$feed}'");
// db_query("COMMIT");
} else {
$error_msg = db_escape_string(mb_substr($rss->error(), 0, 245));
_debug("fetch error: {$error_msg}", $debug_enabled);
if (count($rss->errors()) > 1) {
foreach ($rss->errors() as $error) {
_debug("+ {$error}");
}
}
db_query("UPDATE ttrss_feeds SET last_error = '{$error_msg}',\n\t\t\t\tlast_updated = NOW() WHERE id = '{$feed}'");
unset($rss);
}
_debug("done", $debug_enabled);
return $rss;
}示例8: create_article
private function create_article($owner_uid, $guid, $title, $link, $updated, $content, $author, $marked, $tags, $orig_feed_data, $last_marked)
{
if (!$guid) {
$guid = sha1($link);
}
$create_archived_feeds = true;
$guid = "{$owner_uid},{$guid}";
$content_hash = sha1($content);
if (filter_var(FILTER_VALIDATE_URL) === FALSE) {
return false;
}
db_query("BEGIN");
$feed_id = 'NULL';
// let's check for archived feed entry
$feed_inserted = false;
// before dealing with archived feeds we must check ttrss_feeds to maintain id consistency
if ($orig_feed_data['feed_url'] && $create_archived_feeds) {
$result = db_query("SELECT id FROM ttrss_feeds WHERE feed_url = '" . $orig_feed_data['feed_url'] . "'\n\t\t\t\t\t\tAND owner_uid = {$owner_uid}");
if (db_num_rows($result) != 0) {
$feed_id = db_fetch_result($result, 0, "id");
} else {
// let's insert it
if (!$orig_feed_data['title']) {
$orig_feed_data['title'] = '[Unknown]';
}
$result = db_query("INSERT INTO ttrss_feeds\n\t\t\t\t\t\t(owner_uid,feed_url,site_url,title,cat_id,auth_login,auth_pass,update_method)\n\t\t\t\t\t\tVALUES ({$owner_uid},\n\t\t\t\t\t\t'" . $orig_feed_data['feed_url'] . "',\n\t\t\t\t\t\t'" . $orig_feed_data['site_url'] . "',\n\t\t\t\t\t\t'" . $orig_feed_data['title'] . "',\n\t\t\t\t\t\tNULL, '', '', 0)");
$result = db_query("SELECT id FROM ttrss_feeds WHERE feed_url = '" . $orig_feed_data['feed_url'] . "'\n\t\t\t\t\t\tAND owner_uid = {$owner_uid}");
if (db_num_rows($result) != 0) {
$feed_id = db_fetch_result($result, 0, "id");
$feed_inserted = true;
}
}
}
if ($feed_id && $feed_id != 'NULL') {
// locate archived entry to file entries in, we don't want to file them in actual feeds because of purging
// maybe file marked in real feeds because eh
$result = db_query("SELECT id FROM ttrss_archived_feeds WHERE\n\t\t\t\tfeed_url = '" . $orig_feed_data['feed_url'] . "' AND owner_uid = {$owner_uid}");
if (db_num_rows($result) != 0) {
$orig_feed_id = db_fetch_result($result, 0, "id");
} else {
db_query("INSERT INTO ttrss_archived_feeds\n\t\t\t\t\t\t(id, owner_uid, title, feed_url, site_url)\n\t\t\t\t\t\tSELECT id, owner_uid, title, feed_url, site_url from ttrss_feeds\n\t\t\t\t\t\t\tWHERE id = '{$feed_id}'");
$result = db_query("SELECT id FROM ttrss_archived_feeds WHERE\n\t\t\t\t\tfeed_url = '" . $orig_feed_data['feed_url'] . "' AND owner_uid = {$owner_uid}");
if (db_num_rows($result) != 0) {
$orig_feed_id = db_fetch_result($result, 0, "id");
}
}
}
// delete temporarily inserted feed
if ($feed_id && $feed_inserted) {
db_query("DELETE FROM ttrss_feeds WHERE id = {$feed_id}");
}
if (!$orig_feed_id) {
$orig_feed_id = 'NULL';
}
$result = db_query("SELECT id FROM ttrss_entries, ttrss_user_entries WHERE\n\t\t\tguid = '{$guid}' AND ref_id = id AND owner_uid = '{$owner_uid}' LIMIT 1");
if (db_num_rows($result) == 0) {
$result = db_query("INSERT INTO ttrss_entries\n\t\t\t\t(title, guid, link, updated, content, content_hash, date_entered, date_updated, author)\n\t\t\t\tVALUES\n\t\t\t\t('{$title}', '{$guid}', '{$link}', '{$updated}', '{$content}', '{$content_hash}', NOW(), NOW(), '{$author}')");
$result = db_query("SELECT id FROM ttrss_entries WHERE guid = '{$guid}'");
if (db_num_rows($result) != 0) {
$ref_id = db_fetch_result($result, 0, "id");
db_query("INSERT INTO ttrss_user_entries\n\t\t\t\t\t(ref_id, uuid, feed_id, orig_feed_id, owner_uid, marked, tag_cache, label_cache,\n\t\t\t\t\t\tlast_read, note, unread, last_marked)\n\t\t\t\t\tVALUES\n\t\t\t\t\t('{$ref_id}', '', NULL, {$orig_feed_id}, {$owner_uid}, {$marked}, '', '', '{$last_marked}', '', false, '{$last_marked}')");
$result = db_query("SELECT int_id FROM ttrss_user_entries, ttrss_entries\n\t\t\t\t\tWHERE owner_uid = {$owner_uid} AND ref_id = id AND ref_id = {$ref_id}");
if (db_num_rows($result) != 0 && is_array($tags)) {
$entry_int_id = db_fetch_result($result, 0, "int_id");
$tags_to_cache = array();
foreach ($tags as $tag) {
$tag = db_escape_string(sanitize_tag($tag));
if (!tag_is_valid($tag)) {
continue;
}
$result = db_query("SELECT id FROM ttrss_tags\n\t\t\t\t\t\t\tWHERE tag_name = '{$tag}' AND post_int_id = '{$entry_int_id}' AND\n\t\t\t\t\t\t\towner_uid = '{$owner_uid}' LIMIT 1");
if ($result && db_num_rows($result) == 0) {
db_query("INSERT INTO ttrss_tags\n\t\t\t\t\t\t\t\t\t(owner_uid,tag_name,post_int_id)\n\t\t\t\t\t\t\t\t\tVALUES ('{$owner_uid}','{$tag}', '{$entry_int_id}')");
}
array_push($tags_to_cache, $tag);
}
/* update the cache */
$tags_to_cache = array_unique($tags_to_cache);
$tags_str = db_escape_string(join(",", $tags_to_cache));
db_query("UPDATE ttrss_user_entries\n\t\t\t\t\t\tSET tag_cache = '{$tags_str}' WHERE ref_id = '{$ref_id}'\n\t\t\t\t\t\tAND owner_uid = {$owner_uid}");
}
$rc = true;
}
}
db_query("COMMIT");
return $rc;
}示例9: sanitize_data
function sanitize_data($input)
{
if (is_array($input)) {
foreach ($input as $var => $val) {
$output[$var] = sanitize_data($val);
}
} else {
// remove whitespaces (not a must though)
$input = trim($input);
$input = str_replace('--', '', $input);
$input = str_replace(';', '', $input);
if (!(stripos($input, ' or 1') === FALSE)) {
return false;
}
if (!(stripos($input, ' or true') === FALSE)) {
return false;
}
if (get_magic_quotes_gpc()) {
$input = stripslashes($input);
}
$input = sanitize_tag($input);
$output = addslashes($input);
}
return $output;
}示例10: db_string
<?
$UserID = $LoggedUser['ID'];
$GroupID = db_string($_POST['groupid']);
if(!is_number($GroupID) || !$GroupID) {
error(0);
}
$Tags = explode(',', $_POST['tagname']);
foreach($Tags as $TagName) {
$TagName = sanitize_tag($TagName);
if(!empty($TagName)) {
// Check DB for tag matching name
$DB->query("SELECT t.ID FROM tags AS t WHERE t.Name LIKE '".$TagName."'");
list($TagID) = $DB->next_record();
if(!$TagID) { // Tag doesn't exist yet - create tag
$DB->query("INSERT INTO tags (Name, UserID) VALUES ('".$TagName."', ".$UserID.")");
$TagID = $DB->inserted_id();
} else {
$DB->query("SELECT TagID FROM torrents_tags_votes WHERE GroupID='$GroupID' AND TagID='$TagID' AND UserID='$UserID'");
if($DB->record_count()!=0) { // User has already voted on this tag, and is trying hax to make the rating go up
header('Location: '.$_SERVER['HTTP_REFERER']);
die();
}
}
$DB->query("INSERT INTO torrents_tags
(TagID, GroupID, PositiveVotes, UserID) VALUES
('$TagID', '$GroupID', '3', '$UserID')
ON DUPLICATE KEY UPDATE PositiveVotes=PositiveVotes+2");示例11: update_rss_feed
//.........这里部分代码省略.........
db_query($link, "BEGIN");
foreach ($enclosures as $enc) {
$enc_url = db_escape_string($enc[0]);
$enc_type = db_escape_string($enc[1]);
$enc_dur = db_escape_string($enc[2]);
$result = db_query($link, "SELECT id FROM ttrss_enclosures\n\t\t\t\t\t\tWHERE content_url = '{$enc_url}' AND post_id = '{$entry_ref_id}'");
if (db_num_rows($result) == 0) {
db_query($link, "INSERT INTO ttrss_enclosures\n\t\t\t\t\t\t\t(content_url, content_type, title, duration, post_id) VALUES\n\t\t\t\t\t\t\t('{$enc_url}', '{$enc_type}', '', '{$enc_dur}', '{$entry_ref_id}')");
}
}
db_query($link, "COMMIT");
// check for manual tags (we have to do it here since they're loaded from filters)
foreach ($article_filters as $f) {
if ($f["type"] == "tag") {
$manual_tags = trim_array(explode(",", $f["param"]));
foreach ($manual_tags as $tag) {
if (tag_is_valid($tag)) {
array_push($entry_tags, $tag);
}
}
}
}
// Skip boring tags
$boring_tags = trim_array(explode(",", mb_strtolower(get_pref($link, 'BLACKLISTED_TAGS', $owner_uid, ''), 'utf-8')));
$filtered_tags = array();
$tags_to_cache = array();
if ($entry_tags && is_array($entry_tags)) {
foreach ($entry_tags as $tag) {
if (array_search($tag, $boring_tags) === false) {
array_push($filtered_tags, $tag);
}
}
}
$filtered_tags = array_unique($filtered_tags);
if ($debug_enabled) {
_debug("update_rss_feed: filtered article tags:");
print_r($filtered_tags);
}
// Save article tags in the database
if (count($filtered_tags) > 0) {
db_query($link, "BEGIN");
foreach ($filtered_tags as $tag) {
$tag = sanitize_tag($tag);
$tag = db_escape_string($tag);
if (!tag_is_valid($tag)) {
continue;
}
$result = db_query($link, "SELECT id FROM ttrss_tags\n\t\t\t\t\t\t\tWHERE tag_name = '{$tag}' AND post_int_id = '{$entry_int_id}' AND\n\t\t\t\t\t\t\towner_uid = '{$owner_uid}' LIMIT 1");
if ($result && db_num_rows($result) == 0) {
db_query($link, "INSERT INTO ttrss_tags\n\t\t\t\t\t\t\t\t\t(owner_uid,tag_name,post_int_id)\n\t\t\t\t\t\t\t\t\tVALUES ('{$owner_uid}','{$tag}', '{$entry_int_id}')");
}
array_push($tags_to_cache, $tag);
}
/* update the cache */
$tags_to_cache = array_unique($tags_to_cache);
$tags_str = db_escape_string(join(",", $tags_to_cache));
db_query($link, "UPDATE ttrss_user_entries\n\t\t\t\t\t\tSET tag_cache = '{$tags_str}' WHERE ref_id = '{$entry_ref_id}'\n\t\t\t\t\t\tAND owner_uid = {$owner_uid}");
db_query($link, "COMMIT");
}
if (get_pref($link, "AUTO_ASSIGN_LABELS", $owner_uid, false)) {
if ($debug_enabled) {
_debug("update_rss_feed: auto-assigning labels...");
}
foreach ($labels as $label) {
$caption = $label["caption"];
if (preg_match("/\\b{$caption}\\b/i", "{$tags_str} " . strip_tags($entry_content) . " {$entry_title}")) {
if (!labels_contains_caption($article_labels, $caption)) {
label_add_article($link, $entry_ref_id, $caption, $owner_uid);
}
}
}
}
if ($debug_enabled) {
_debug("update_rss_feed: article processed");
}
}
if (!$last_updated) {
if ($debug_enabled) {
_debug("update_rss_feed: new feed, catching it up...");
}
catchup_feed($link, $feed, false, $owner_uid);
}
if ($debug_enabled) {
_debug("purging feed...");
}
purge_feed($link, $feed, 0, $debug_enabled);
db_query($link, "UPDATE ttrss_feeds\n\t\t\t\tSET last_updated = NOW(), last_error = '' WHERE id = '{$feed}'");
// db_query($link, "COMMIT");
} else {
$error_msg = db_escape_string(mb_substr($rss->error(), 0, 245));
if ($debug_enabled) {
_debug("update_rss_feed: error fetching feed: {$error_msg}");
}
db_query($link, "UPDATE ttrss_feeds SET last_error = '{$error_msg}',\n\t\t\t\t\tlast_updated = NOW() WHERE id = '{$feed}'");
}
unset($rss);
if ($debug_enabled) {
_debug("update_rss_feed: done");
}
}