本文整理汇总了PHP中sqlInjection函数的典型用法代码示例。如果您正苦于以下问题:PHP sqlInjection函数的具体用法?PHP sqlInjection怎么用?PHP sqlInjection使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了sqlInjection函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: session_start
session_start();
session_unset($_SESSION['ERROR']);
session_unset($_SESSION['user']);
session_unset($_SESSION['password']);
session_unset($_SESSION['email']);
require "../deny/connector.php";
require "../administrator/process/class/class.Customer.php";
require "../administrator/includes/injection.php";
$username = sqlInjection($_POST['username']);
$email = sqlInjection($_POST['email']);
$password = sqlInjection($_POST['password']);
$fullname = sqlInjection($_POST['fullname']);
$phone = sqlInjection($_POST['phone']);
$address = sqlInjection($_POST['address']);
$gender = sqlInjection($_POST['gender']);
$errors = "";
$flag = 0;
$cus = new Customer();
if ($username == "") {
$errors .= " - Hãy nhập tên đăng nhập.<br>";
$flag++;
} else {
if (strlen($username) > 25 || strlen($username) < 5) {
$errors .= " - Tên đăng nhập phải từ 5-25 ký tự.<br>";
$flag++;
} else {
if ($cus->checkUser($username) == "true") {
$errors .= " - Tên đăng nhập đã tồn tại,hãy chọn tên đăng nhập khác.<br>";
$flag++;
}示例2: session_start
<?php
session_start();
//require("../includes/checkPermission.php");
require "../../deny/connector.php";
require "class/class.News.php";
require "../includes/injection.php";
$newstitle = sqlInjection($_POST['NewsTitle']);
$newssummary = sqlInjection($_POST['NewsSummary']);
$newsimage = sqlInjection($_POST['NewsImage']);
$newscontent = mysql_real_escape_string($_POST['textContent']);
$newsdate = date("Y-m-d");
$continue = $_REQUEST['continue'];
//echo $newstitle."<br>".$newssummary."<br>".$newsimage."<br>".$newscontent."<br>".$newsdate;
$cate = new News();
$cate->insert($newstitle, $newssummary, $newsimage, $newscontent);
if ($continue == "OK") {
echo "<meta http-equiv='refresh' content='0;url=../admincp.php?opt=addnews'>";
//header("location: ../admincp.php?opt=addnews");
//exit();
} else {
echo "<meta http-equiv='refresh' content='0;url=../admincp.php?opt=listnews'>";
//header("location: ../admincp.php?opt=listnews");
//exit();
}示例3: substr
$tempquery = " where " . substr($condistion, 4);
}
$start = $p->findStart($limit);
$querycount = "select cd_id from tblcd " . $tempquery;
$count = mysql_num_rows(mysql_query($querycount));
$pages = $p->findPages($count, $limit);
if (isset($_GET['nav']) and is_numeric($_GET['nav'])) {
$paging = "LIMIT " . $start . "," . $limit . " ";
} else {
$paging = "LIMIT 0," . $limit . " ";
}
$orderby = "ORDER BY cd_id DESC";
$products = $prod->getListProduct($orderby, $condistion, $paging);
//echo mysql_error();
//echo $condistion;
$page_list = $p->pageList(sqlInjection($_GET['nav']), $pages);
?>
<style type="text/css">
ul.paging li a {
background-color: #F8F8F8;
border: 1px solid #E6E6E6;
border-radius: 2px 2px 2px 2px;
color: #666666;
padding: 2px 6px;
outline: medium none;
text-decoration: none;
}
ul.paging li a:active {
color: #0000CC;
}
ul.paging li a:hover, ul.paging li a.paging-active {示例4: array
require_once "../deny/connector.php";
require_once "includes/injection.php";
$conditions = "";
$count = 0;
$limit = 20;
$listorder = array();
$ord = new Order();
$pag = new Page();
if (isset($_GET["orderStatus"]) and $_GET["orderStatus"] != NULL) {
$conditions .= " where tblorder.order_status =" . sqlInjection($_GET['orderStatus']) . " ";
if (isset($_GET["searchStr"]) and $_GET["searchStr"] != NULL) {
$conditions .= " and tblcustomer.cus_username like '%" . sqlInjection($_GET['searchStr']) . "%'";
}
} else {
if (isset($_GET["searchStr"]) and $_GET["searchStr"] != NULL) {
$conditions .= " where tblcustomer.cus_username like '%" . sqlInjection($_GET['searchStr']) . "%'";
}
}
//echo $conditions;
$start = $pag->findStart($limit);
$querycount = "SELECT tblorder.order_id FROM tblcustomer INNER JOIN tblorder ON tblcustomer.cus_id = tblorder.cus_id " . $conditions;
$count = mysql_num_rows(mysql_query($querycount));
$pages = $pag->findPages($count, $limit);
if (isset($_GET['page']) or is_numeric($_GET['page'])) {
$paging = " LIMIT " . $start . "," . $limit . " ";
} else {
$paging = " LIMIT 0," . $limit . " ";
}
$listorder = $ord->getListOrder($conditions, $paging);
$page_list = $pag->pageList($_GET['page'], $pages);
?>示例5: Feedback
<?php
require_once "../includes/checkPermission.php";
require_once "../../deny/connector.php";
require_once "class/class.Feedback.php";
require_once "../includes/injection.php";
$fb = new Feedback();
$fbid = sqlInjection($_GET['feedbackID']);
$status = sqlInjection($_GET['sts']);
$fb->changeStatus($fbid, $status);
echo "<meta http-equiv='refresh' content='0;url=../admincp.php?opt=listfeedback'>";
//header("LOCATION : ../admincp.php?opt=listorder");
//exit();示例6: Page
<?php
require_once "includes/checkPermission.php";
require_once "process/class/Paging.php";
require_once "process/class/class.News.php";
require_once "../deny/connector.php";
require_once "includes/injection.php";
$conditions = "";
$count = 0;
$limit = 15;
$pag = new Page();
$news = new News();
$dataNews = array();
if (isset($_GET["Ntitle"]) and $_GET["Ntitle"] != NULL) {
$conditions = " where news_title like '%" . sqlInjection($_GET['Ntitle']) . "%'";
}
$start = $pag->findStart($limit);
$querycount = "select news_id from tblnews " . $conditions;
$count = mysql_num_rows(mysql_query($querycount));
$pages = $pag->findPages($count, $limit);
if (isset($_GET['page']) or is_numeric($_GET['page'])) {
$paging = "LIMIT " . $start . "," . $limit . " ";
} else {
$paging = "LIMIT 0," . $limit . " ";
}
$dataNews = $news->getListNews($conditions, $paging);
$page_list = $pag->pageList($_GET['page'], $pages);
?>
<link rel="stylesheet" href="css/tabledataStyle2.css" type="text/css"></link>
<link rel="stylesheet" href="css/paging.css" type="text/css"></link>
<h2 id="siteTitle"><img src="images/news.png" border="0" width="64" height="64" align="middle"> Xem, Xóa Tin tức</h2>示例7: Category
<?php
require "includes/checkPermission.php";
require "../deny/connector.php";
require "process/class/class.Category.php";
require "includes/injection.php";
$cate = new Category();
$categories = array();
$currentCate = array();
$selected = "";
$categories = $cate->getCategories();
$cateId = sqlInjection($_REQUEST['cateID']);
$currentCate = $cate->getCategoryById($cateId);
?>
<link rel="stylesheet" href="css/tabledataStyle.css" type="text/css"></link>
<script language="javascript">
function check()
{
var errStr="";
errStr+= checkEmpty("cateName","<br>Tên loại sản phẩm không được để trống");
//errStr+= checkEmpty("CatLink","<br>Link cho loại sản phẩm không được để trống");
x3 = document.getElementById("errorArea");
if (errStr!=""){
x3.innerHTML = "<h4><font color=red face=Verdana>"+errStr+"</font></h4>";
return false;
}
}
</script>
</head>
示例8: session_start
<?php
session_start();
require "../includes/checkPermission.php";
require "../../deny/connector.php";
require "class/class.Category.php";
require "../includes/injection.php";
$cateid = sqlInjection($_POST['cateID']);
$catename = sqlInjection($_POST['cateName']);
$cateparent = sqlInjection($_POST['cateParent']);
//echo $cateid." \"".$catename."\" ".$cateparent;
if ($catename == "") {
$_SESSION['CATEEDIT'] = "<h4><font color=red face=Verdana>Tên loại sản phẩm không được để trống</font></h4>";
//echo "<meta http-equiv='refresh' content='0;url=../admincp.php?opt=editcategory&cateID=".$cateid."'>";
header("location: ../admincp.php?opt=editcategory&cateID={$cateid}");
exit;
} else {
$cate = new Category();
$cate->update($cateid, $catename, $cateparent);
}
echo "<meta http-equiv='refresh' content='0;url=../admincp.php?opt=listcategory'>";
//header("location: ../admincp.php?opt=listcategory");
//exit();示例9: session_start
<?php
session_start();
require "../includes/checkPermission.php";
require "../../deny/connector.php";
require "class/class.Customer.php";
require "../includes/injection.php";
$_SESSION['CUSDELETE'] = "";
$cusid = sqlInjection($_GET['cID']);
$str = "select cus_id from tblorder where cus_id={$cusid} ";
$result = mysql_query($str);
if (mysql_num_rows($result) > 0) {
$_SESSION['CUSDELETE'] = "<font color=red face=Verdana>Không thể xóa Khách hàng vì đang có đơn đặt hàng liên quan<br>Hãy xóa đơn đặt hàng liên quan trước khi xóa Khách hàng</font>";
} else {
$cus = new Customer();
$cus->delete($cusid);
$_SESSION['CUSDELETE'] = "";
}
//echo $cusid;
echo "<meta http-equiv='refresh' content='0;url=../admincp.php?opt=listcustomer'>";
//header("location: ../admincp.php?opt=listcustomer");
//exit();示例10: Customer
<?php
require_once "administrator/process/class/class.Customer.php";
require_once "deny/connector.php";
?>
<div class="width">
<div class="box">
<?php
$cus = new Customer();
$customer = array();
$cid = sqlInjection($_SESSION['user_id']);
$customer = $cus->getCustomerbyId($cid);
?>
<form class="form-validate" method="post" action="process/updateprofile.php" enctype="application/x-www-form-urlencoded">
<div class="componentheading">Cập nhật thông tin khách hàng</div>
<div id="regmess"></div>
<?php
if ($_SESSION['ERROR'] != "") {
echo "<font color='#FF0000'>" . $_SESSION['ERROR'] . "</font><br/>";
$_SESSION['ERROR'] = NULL;
}
?>
<table width="100%" cellspacing="0" cellpadding="0" border="0" class="contentpane">
<tbody><tr>
<td width="30%" height="40">
<label for="fullname" id="namemsg" class="">
Họ tên:
</label>
</td>
<td>
<input type="text" maxlength="50" class="inputbox required" value="<?php 示例11: session_start
<?php
session_start();
require_once "../deny/connector.php";
require_once "../administrator/process/class/class.Customer.php";
require_once "../administrator/includes/injection.php";
$infor = array();
$username = sqlInjection($_POST['username']);
$password = sqlInjection($_POST['passwd']);
//echo $password."<br>";
$mess = "";
$newpass = md5($password);
$_SESSION['LOGINERROR'] = "";
//echo $newpass;
if ($username == NULL) {
$mess .= "<font color='red'>Hãy điền tên đăng nhập.</font><br>";
} else {
if (strlen($username) > 25 || strlen($username) < 5) {
$mess .= "<font color='red'>Tên đăng nhập có từ 5-25 ký tự.</font><br>";
}
}
if ($password == NULL) {
$mess .= "<font color='red'>Hãy điền mật khẩu.</font><br>";
$error++;
} else {
if (strlen($password) > 25 || strlen($password) < 5) {
$mess .= "<font color='red'>Mật khẩu có từ 5-25 ký tự.</font><br>";
}
}
if ($mess != "") {
$_SESSION['LOGINERROR'] = $mess;示例12: array
<?php
require_once "administrator/process/class/Paging.php";
require_once "administrator/process/class/class.Order.php";
require_once "deny/connector.php";
require_once "administrator/includes/injection.php";
$conditions = "";
$count = 0;
$limit = 15;
$listorder = array();
$ord = new Order();
$pag = new Page();
$conditions = " WHERE tblorder.cus_id=" . sqlInjection($_SESSION['user_id']) . "";
if (isset($_GET["orderStatus"])) {
$conditions .= " and tblorder.order_status =" . sqlInjection($_GET['orderStatus']) . " ";
}
$start = $pag->findStart($limit);
$querycount = "SELECT tblorder.order_id FROM tblcustomer INNER JOIN tblorder ON tblcustomer.cus_id = tblorder.cus_id " . $conditions;
$count = mysql_num_rows(mysql_query($querycount));
$pages = $pag->findPages($count, $limit);
if (isset($_GET['nav']) or is_numeric($_GET['nav'])) {
$paging = " LIMIT " . $start . "," . $limit . " ";
} else {
$paging = " LIMIT 0," . $limit . " ";
}
$listorder = $ord->getListOrder($conditions, $paging);
$page_list = $pag->pageList($_GET['nav'], $pages);
?>
<style>
table tr{
border:dotted thin;示例13: Page
<?php
require "includes/checkPermission.php";
include "process/class/Paging.php";
include "process/class/class.Customer.php";
require "../deny/connector.php";
require "includes/injection.php";
$conditions = "";
$count = 0;
$limit = 20;
$pag = new Page();
$cus = new Customer();
$dataCus = array();
if (isset($_GET['searchStr']) and $_GET['searchStr'] != NULL) {
$conditions = " where cus_fullname like '%" . sqlInjection($_GET['searchStr']) . "%'";
}
$start = $pag->findStart($limit);
$querycount = "select cus_id from tblcustomer " . $conditions;
$count = mysql_num_rows(mysql_query($querycount));
$pages = $pag->findPages($count, $limit);
if (isset($_GET["page"]) and is_numeric($_GET["page"])) {
$paging = "LIMIT " . $start . "," . $limit . " ";
} else {
$paging = "LIMIT 0," . $limit . " ";
}
$page_list = $pag->pageList($_GET['page'], $pages);
$dataCus = $cus->getListCustomerSummary($conditions, $paging);
?>
<link rel="stylesheet" href="css/tabledataStyle2.css" type="text/css"></link>
<link rel="stylesheet" href="css/paging.css" type="text/css"></link>
<h2 id="siteTitle"><img src="images/User.png" border="0" width="64" height="64" align="middle"> Xem, Xóa Thành Viên</h2>
<div id="infoArea">示例14: session_start
<?php
session_start();
require "../includes/checkPermission.php";
require "../../deny/connector.php";
require "class/class.Category.php";
require "../includes/injection.php";
$_SESSION['CATEDELETE'] = "";
$cateid = sqlInjection($_GET['cateID']);
$str = "select cate_id from tblcd where cate_id=" . $cateid . "";
$result = mysql_query($str);
if (mysql_num_rows($result) > 0) {
$_SESSION['CATEDELETE'] = "<h4><font color=red face=Verdana>Không thể xóa Category vì đã có sản phẩm liên quan<br>Hãy xóa sản phẩm liên quan trước khi xóa Category</font></h4>";
} else {
$cateid = intval($cateid);
$cate = new Category();
$cate->delete($cateid);
$_SESSION['CATEDELETE'] = "";
}
//echo $cateid."<br>".$str."<br>";
echo "<meta http-equiv='refresh' content='0;url=../admincp.php?opt=listcategory'>";
//header("location: ../admincp.php?opt=listcategory");
//exit();示例15: session_start
<?php
session_start();
require "../includes/checkPermission.php";
require "../../deny/connector.php";
require "class/class.Admin.php";
require "../includes/injection.php";
$aid = sqlInjection($_POST['adminID']);
$continue = $_POST['continue'];
$adm = new Admin();
if ($_SESSION['ADMIN'] != $aid) {
$adm->delete($aid);
}
echo "<meta http-equiv='refresh' content='0;url=../admincp.php?opt=listadmin'>";
//header("location: ../admincp.php?opt=listadmin");
//exit();