本文整理汇总了PHP中CRM_Core_DAO::escape方法的典型用法代码示例。如果您正苦于以下问题:PHP CRM_Core_DAO::escape方法的具体用法?PHP CRM_Core_DAO::escape怎么用?PHP CRM_Core_DAO::escape使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类CRM_Core_DAO的用法示例。
在下文中一共展示了CRM_Core_DAO::escape方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: ukrainerayons_loadcounties
/**
* Check and load counties
*/
function ukrainerayons_loadcounties()
{
$counties = ukrainerayons_listcounties();
static $dao = NULL;
if (!$dao) {
$dao = new CRM_Core_DAO();
}
// go state-by-state to check existing counties
foreach ($counties as $id => $state) {
$check = "SELECT name FROM civicrm_county WHERE state_province_id = {$id}";
$results = CRM_Core_DAO::executeQuery($check);
$existing = array();
while ($results->fetch()) {
$existing[] = $results->name;
}
// identify counties needing to be loaded
$add = array_diff($state, $existing);
$insert = array();
foreach ($add as $county) {
$countydao = $dao->escape($county);
$insert[] = "('{$countydao}', {$id})";
}
// put it into queries of 50 counties each
for ($i = 0; $i < count($insert); $i = $i + 50) {
$inserts = array_slice($insert, $i, 50);
$query = "INSERT INTO civicrm_county (name, state_province_id) VALUES ";
$query .= implode(', ', $inserts);
CRM_Core_DAO::executeQuery($query);
}
}
}示例2: civicrm_drupal_create_user
/**
* Create a Drupal user and return Drupal ID
*
* @param email email address of new user
*
* @return res Drupal ID for new user or FALSE if error
*/
function civicrm_drupal_create_user($email, $rid = NULL)
{
$email = trim($email);
if (empty($email)) {
return FALSE;
}
$user_tab = _civicrm_get_user_table_name();
// If user already exists, return Drupal id
$uid = db_result(db_query("SELECT uid FROM {$user_tab} WHERE mail = '%s'", $email));
if ($uid) {
return $uid;
}
// escape email to prevent sql injection
$dao = new CRM_Core_DAO();
$email = $dao->escape($email);
// Default values for new user
$params = array();
//WARNING -- this is likely *wrong* since it will crash Drupal 6.
//calling conventions for Drupal 7 are different, as well.
//$params['uid'] = db_next_id('{users}_uid');
$params['name'] = $email;
$params['pass'] = md5(uniqid(rand(), TRUE));
$params['mail'] = $email;
$params['mode'] = 0;
$params['access'] = 0;
// don't allow user to login until verified
$params['status'] = 0;
$params['init'] = $email;
$params['created'] = time();
$db_fields = '(';
$db_values = '(';
foreach ($params as $key => $value) {
$db_fields .= "{$key},";
$db_values .= "'{$value}',";
}
$db_fields = rtrim($db_fields, ",");
$db_values = rtrim($db_values, ",");
$db_fields .= ')';
$db_values .= ')';
$q = "INSERT INTO {$user_tab} {$db_fields} VALUES {$db_values}";
db_query($q);
if ($rid) {
// Delete any previous roles entry before adding the role id
//NOTE: weirdly, D7 schema from alpha 3 allows the following:
db_query('DELETE FROM {users_roles} WHERE uid = %d', $params['uid']);
db_query('INSERT INTO {users_roles} (uid, rid) VALUES (%d, %d)', $params['uid'], $rid);
}
return $params['uid'];
}示例3: civicrm_drupal_create_user
/**
* Create a Drupal user and return Drupal ID
* @param email email address of new user
* @return res Drupal ID for new user or FALSE if error
*/
function civicrm_drupal_create_user($email, $rid = null)
{
$email = trim($email);
if (empty($email)) {
return FALSE;
}
// If user already exists, return Drupal id
$uid = db_result(db_query("SELECT uid FROM {users} WHERE mail = '%s'", $email));
if ($uid) {
return $uid;
}
// escape email to prevent sql injection
$dao = new CRM_Core_DAO();
$email = $dao->escape($email);
// Default values for new user
$params = array();
$params['uid'] = db_next_id('{users}_uid');
$params['name'] = $email;
$params['pass'] = md5(uniqid(rand(), true));
$params['mail'] = $email;
$params['mode'] = 0;
$params['access'] = 0;
$params['status'] = 0;
// don't allow user to login until verified
$params['init'] = $email;
$params['created'] = time();
$db_fields = '(';
$db_values = '(';
foreach ($params as $key => $value) {
$db_fields .= "{$key},";
$db_values .= "'{$value}',";
}
$db_fields = rtrim($db_fields, ",");
$db_values = rtrim($db_values, ",");
$db_fields .= ')';
$db_values .= ')';
$q = "INSERT INTO {users} {$db_fields} VALUES {$db_values}";
db_query($q);
if ($rid) {
// Delete any previous roles entry before adding the role id
db_query('DELETE FROM {users_roles} WHERE uid = %d', $params['uid']);
db_query('INSERT INTO {users_roles} (uid, rid) VALUES (%d, %d)', $params['uid'], $rid);
}
return $params['uid'];
}示例4: checkUserNameEmailExists
/**
* Check if username and email exists in the drupal db
*
* @params $params array array of name and mail values
* @params $errors array array of errors
* @params $emailName string field label for the 'email'
*
* @return void
*/
static function checkUserNameEmailExists(&$params, &$errors, $emailName = 'email')
{
$config = CRM_Core_Config::singleton();
$dao = new CRM_Core_DAO();
$name = $dao->escape(CRM_Utils_Array::value('name', $params));
$email = $dao->escape(CRM_Utils_Array::value('mail', $params));
$errors = form_get_errors();
if ($errors) {
// unset drupal messages to avoid twice display of errors
unset($_SESSION['messages']);
}
if (!empty($params['name'])) {
if ($nameError = user_validate_name($params['name'])) {
$errors['cms_name'] = $nameError;
} else {
$uid = db_query("SELECT uid FROM {users} WHERE name = :name", array(':name' => $params['name']))->fetchField();
if ((bool) $uid) {
$errors['cms_name'] = ts('The username %1 is already taken. Please select another username.', array(1 => $params['name']));
}
}
}
if (!empty($params['mail'])) {
if ($emailError = user_validate_mail($params['mail'])) {
$errors[$emailName] = $emailError;
} else {
$uid = db_query("SELECT uid FROM {users} WHERE mail = :mail", array(':mail' => $params['mail']))->fetchField();
if ((bool) $uid) {
$resetUrl = $config->userFrameworkBaseURL . 'user/password';
$errors[$emailName] = ts('The email address %1 is already registered. <a href="%2">Have you forgotten your password?</a>', array(1 => $params['mail'], 2 => $resetUrl));
}
}
}
}示例5: checkUserNameEmailExists
function checkUserNameEmailExists(&$params, &$errors, $emailName = 'email')
{
$config = CRM_Core_Config::singleton();
$dao = new CRM_Core_DAO();
$name = $dao->escape(CRM_Utils_Array::value('name', $params));
$email = $dao->escape(CRM_Utils_Array::value('mail', $params));
if (!empty($params['name'])) {
if (!validate_username($params['name'])) {
$errors['cms_name'] = ts("Your username contains invalid characters");
} elseif (username_exists(sanitize_user($params['name']))) {
$errors['cms_name'] = ts('The username %1 is already taken. Please select another username.', array(1 => $params['name']));
}
}
if (!empty($params['mail'])) {
if (!is_email($params['mail'])) {
$errors[$emailName] = "Your email is invaid";
} elseif (email_exists($params['mail'])) {
$resetUrl = $config->userFrameworkBaseURL . 'wp-login.php?action=lostpassword';
$errors[$emailName] = ts('The email address %1 is already registered. <a href="%2">Have you forgotten your password?</a>', array(1 => $params['mail'], 2 => $resetUrl));
}
}
}示例6: checkUserNameEmailExists
/**
* @param array $params
* @param $errors
* @param string $emailName
*/
public function checkUserNameEmailExists(&$params, &$errors, $emailName = 'email')
{
$config = CRM_Core_Config::singleton();
$dao = new CRM_Core_DAO();
$name = $dao->escape(CRM_Utils_Array::value('name', $params));
$email = $dao->escape(CRM_Utils_Array::value('mail', $params));
if (!empty($params['name'])) {
if (!validate_username($params['name'])) {
$errors['cms_name'] = ts("Your username contains invalid characters");
} elseif (username_exists(sanitize_user($params['name']))) {
$errors['cms_name'] = ts('The username %1 is already taken. Please select another username.', array(1 => $params['name']));
}
}
if (!empty($params['mail'])) {
if (!is_email($params['mail'])) {
$errors[$emailName] = "Your email is invaid";
} elseif (email_exists($params['mail'])) {
$errors[$emailName] = ts('The email address %1 already has an account associated with it. <a href="%2">Have you forgotten your password?</a>', array(1 => $params['mail'], 2 => wp_lostpassword_url()));
}
}
}示例7: checkUserNameEmailExists
/**
* Check if username and email exists in the drupal db
*
* @params $params array array of name and mail values
* @params $errors array array of errors
* @params $emailName string field label for the 'email'
*
* @return void
*/
function checkUserNameEmailExists(&$params, &$errors, $emailName = 'email')
{
$config = CRM_Core_Config::singleton();
$dao = new CRM_Core_DAO();
$name = $dao->escape(CRM_Utils_Array::value('name', $params));
$email = $dao->escape(CRM_Utils_Array::value('mail', $params));
_user_edit_validate(NULL, $params);
$errors = form_get_errors();
if ($errors) {
if (CRM_Utils_Array::value('name', $errors)) {
$errors['cms_name'] = $errors['name'];
}
if (CRM_Utils_Array::value('mail', $errors)) {
$errors[$emailName] = $errors['mail'];
}
// also unset drupal messages to avoid twice display of errors
unset($_SESSION['messages']);
}
// drupal api sucks do the name check manually
$nameError = user_validate_name($params['name']);
if ($nameError) {
$errors['cms_name'] = $nameError;
}
$sql = "\nSELECT name, mail\n FROM {$config->userFrameworkUsersTableName}\n WHERE (LOWER(name) = LOWER('{$name}')) OR (LOWER(mail) = LOWER('{$email}'))";
$db_cms = DB::connect($config->userFrameworkDSN);
if (DB::isError($db_cms)) {
die("Cannot connect to UF db via {$dsn}, " . $db_cms->getMessage());
}
$query = $db_cms->query($sql);
$row = $query->fetchRow();
if (!empty($row)) {
$dbName = CRM_Utils_Array::value(0, $row);
$dbEmail = CRM_Utils_Array::value(1, $row);
if (strtolower($dbName) == strtolower($name)) {
$errors['cms_name'] = ts('The username %1 is already taken. Please select another username.', array(1 => $name));
}
if (strtolower($dbEmail) == strtolower($email)) {
$errors[$emailName] = ts('This email %1 is already registered. Please select another email.', array(1 => $email));
}
}
}示例8: checkUserNameEmailExists
/**
* Check if username and email exists in the Joomla db.
*
* @param array $params
* Array of name and mail values.
* @param array $errors
* Array of errors.
* @param string $emailName
* Field label for the 'email'.
*/
public function checkUserNameEmailExists(&$params, &$errors, $emailName = 'email')
{
$config = CRM_Core_Config::singleton();
$dao = new CRM_Core_DAO();
$name = $dao->escape(CRM_Utils_Array::value('name', $params));
$email = $dao->escape(CRM_Utils_Array::value('mail', $params));
//don't allow the special characters and min. username length is two
//regex \\ to match a single backslash would become '/\\\\/'
$isNotValid = (bool) preg_match('/[\\<|\\>|\\"|\'|\\%|\\;|\\(|\\)|\\&|\\\\|\\/]/im', $name);
if ($isNotValid || strlen($name) < 2) {
$errors['cms_name'] = ts('Your username contains invalid characters or is too short');
}
$JUserTable =& JTable::getInstance('User', 'JTable');
$db = $JUserTable->getDbo();
$query = $db->getQuery(TRUE);
$query->select('username, email');
$query->from($JUserTable->getTableName());
$query->where('(LOWER(username) = LOWER(\'' . $name . '\')) OR (LOWER(email) = LOWER(\'' . $email . '\'))');
$db->setQuery($query, 0, 10);
$users = $db->loadAssocList();
$row = array();
if (count($users)) {
$row = $users[0];
}
if (!empty($row)) {
$dbName = CRM_Utils_Array::value('username', $row);
$dbEmail = CRM_Utils_Array::value('email', $row);
if (strtolower($dbName) == strtolower($name)) {
$errors['cms_name'] = ts('The username %1 is already taken. Please select another username.', array(1 => $name));
}
if (strtolower($dbEmail) == strtolower($email)) {
$resetUrl = str_replace('administrator/', '', $config->userFrameworkBaseURL) . 'index.php?option=com_users&view=reset';
$errors[$emailName] = ts('The email address %1 already has an account associated with it. <a href="%2">Have you forgotten your password?</a>', array(1 => $email, 2 => $resetUrl));
}
}
}示例9: escapeString
/**
* SQL-escape the given string
* (slightly abridged version of CRM_Core_DAO::escapeString)
*
* @see CRM_Core_DAO::escapeString
*/
public static function escapeString($string)
{
static $_dao = NULL;
if (!$_dao) {
if (!defined('CIVICRM_DSN')) {
if (function_exists('mysql_real_escape_string')) {
return mysql_real_escape_string($string);
} elseif (function_exists('mysql_escape_string')) {
return mysql_escape_string($string);
} else {
throw new CRM_Core_Exception("Cannot generate SQL. \"mysql_{real_}escape_string\" is missing. Have you installed PHP \"mysql\" extension?");
}
}
$_dao = new CRM_Core_DAO();
}
return $_dao->escape($string);
}示例10: escapeString
/**
* @param $string
*
* @return string
*/
static function escapeString($string)
{
static $_dao = NULL;
if (!$_dao) {
$_dao = new CRM_Core_DAO();
}
return $_dao->escape($string);
}示例11: civicrm_mysql_real_escape_string
function civicrm_mysql_real_escape_string($string)
{
static $dao = null;
if (!$dao) {
$dao = new CRM_Core_DAO();
}
return $dao->escape($string);
}示例12: checkUserNameEmailExists
/**
* Check if username and email exists in the drupal db
*
* @params $params array array of name and mail values
* @params $errors array array of errors
* @params $emailName string field label for the 'email'
*
* @return void
* @static
*/
static function checkUserNameEmailExists(&$params, &$errors, $emailName = 'email')
{
$config = CRM_Core_Config::singleton();
$isDrupal = ucfirst($config->userFramework) == 'Drupal' ? true : false;
$isJoomla = ucfirst($config->userFramework) == 'Joomla' ? true : false;
$dao = new CRM_Core_DAO();
$name = $dao->escape(CRM_Utils_Array::value('name', $params));
$email = $dao->escape(CRM_Utils_Array::value('mail', $params));
if ($isDrupal) {
_user_edit_validate(null, $params);
$errors = form_get_errors();
if ($errors) {
if (CRM_Utils_Array::value('name', $errors)) {
$errors['cms_name'] = $errors['name'];
}
if (CRM_Utils_Array::value('mail', $errors)) {
$errors[$emailName] = $errors['mail'];
}
// also unset drupal messages to avoid twice display of errors
unset($_SESSION['messages']);
}
// drupal api sucks
// do the name check manually
$nameError = user_validate_name($params['name']);
if ($nameError) {
$errors['cms_name'] = $nameError;
}
$sql = "\nSELECT name, mail\n FROM {$config->userFrameworkUsersTableName}\n WHERE (LOWER(name) = LOWER('{$name}')) OR (LOWER(mail) = LOWER('{$email}'))";
} elseif ($isJoomla) {
//don't allow the special characters and min. username length is two
//regex \\ to match a single backslash would become '/\\\\/'
$isNotValid = (bool) preg_match('/[\\<|\\>|\\"|\'|\\%|\\;|\\(|\\)|\\&|\\\\|\\/]/im', $name);
if ($isNotValid || strlen($name) < 2) {
$errors['cms_name'] = ts("Your username contains invalid characters or is too short");
}
$sql = "\nSELECT username, email\n FROM {$config->userFrameworkUsersTableName}\n WHERE (LOWER(username) = LOWER('{$name}')) OR (LOWER(email) = LOWER('{$email}'))\n";
}
$db_cms = DB::connect($config->userFrameworkDSN);
if (DB::isError($db_cms)) {
die("Cannot connect to UF db via {$dsn}, " . $db_cms->getMessage());
}
$query = $db_cms->query($sql);
$row = $query->fetchRow();
if (!empty($row)) {
$dbName = CRM_Utils_Array::value(0, $row);
$dbEmail = CRM_Utils_Array::value(1, $row);
if (strtolower($dbName) == strtolower($name)) {
$errors['cms_name'] = ts('The username %1 is already taken. Please select another username.', array(1 => $name));
}
if (strtolower($dbEmail) == strtolower($email)) {
$errors[$emailName] = ts('This email %1 is already registered. Please select another email.', array(1 => $email));
}
}
}示例13: checkUserNameEmailExists
/**
* Check if username and email exists in the drupal db.
*
* @param array $params
* Array of name and mail values.
* @param array $errors
* Array of errors.
* @param string $emailName
* Field label for the 'email'.
*/
public function checkUserNameEmailExists(&$params, &$errors, $emailName = 'email')
{
$config = CRM_Core_Config::singleton();
$dao = new CRM_Core_DAO();
$name = $dao->escape(CRM_Utils_Array::value('name', $params));
$email = $dao->escape(CRM_Utils_Array::value('mail', $params));
_user_edit_validate(NULL, $params);
$errors = form_get_errors();
if ($errors) {
if (!empty($errors['name'])) {
$errors['cms_name'] = $errors['name'];
}
if (!empty($errors['mail'])) {
$errors[$emailName] = $errors['mail'];
}
// also unset drupal messages to avoid twice display of errors
unset($_SESSION['messages']);
}
// Do the name check manually.
$nameError = user_validate_name($params['name']);
if ($nameError) {
$errors['cms_name'] = $nameError;
}
$sql = "\n SELECT name, mail\n FROM {users}\n WHERE (LOWER(name) = LOWER('{$name}')) OR (LOWER(mail) = LOWER('{$email}'))\n ";
$result = db_query($sql);
$row = db_fetch_array($result);
if (!$row) {
return;
}
$user = NULL;
if (!empty($row)) {
$dbName = CRM_Utils_Array::value('name', $row);
$dbEmail = CRM_Utils_Array::value('mail', $row);
if (strtolower($dbName) == strtolower($name)) {
$errors['cms_name'] = ts('The username %1 is already taken. Please select another username.', array(1 => $name));
}
if (strtolower($dbEmail) == strtolower($email)) {
if (empty($email)) {
$errors[$emailName] = ts('You cannot create an email account for a contact with no email', array(1 => $email));
} else {
$errors[$emailName] = ts('This email %1 is already registered. Please select another email.', array(1 => $email));
}
}
}
}示例14: checkUserNameEmailExists
function checkUserNameEmailExists(&$params, &$errors, $emailName = 'email')
{
$config = CRM_Core_Config::singleton();
$dao = new CRM_Core_DAO();
$name = $dao->escape(CRM_Utils_Array::value('name', $params));
$email = $dao->escape(CRM_Utils_Array::value('mail', $params));
if (CRM_Utils_Array::value('name', $params)) {
if (!validate_username($params['name'])) {
$errors['cms_name'] = ts("Your username contains invalid characters");
} elseif (username_exists(sanitize_user($params['name']))) {
$errors['cms_name'] = ts('The username %1 is already taken. Please select another username.', array(1 => $params['name']));
}
}
if (CRM_Utils_Array::value('mail', $params)) {
if (!is_email($params['mail'])) {
$errors[$emailName] = "Your email is invaid";
} elseif (email_exists($params['mail'])) {
$errors[$emailName] = ts('This email %1 is already registered. Please select another email.', array(1 => $params['mail']));
}
}
}示例15: escapeString
/**
* @param $string
*
* @return string
*/
public static function escapeString($string)
{
static $_dao = NULL;
if (!$_dao) {
// If this is an atypical case (e.g. preparing .sql file before CiviCRM
// has been installed), then we fallback DB-less str_replace escaping, as
// we can't use mysqli_real_escape_string, as there is no DB connection.
// Note: In typical usage, escapeString() will only check one conditional
// ("if !$_dao") rather than two conditionals ("if !defined(DSN)")
if (!defined('CIVICRM_DSN')) {
// See http://php.net/manual/en/mysqli.real-escape-string.php for the
// list of characters mysqli_real_escape_string escapes.
$search = array("\\", "", "\n", "\r", "'", '"', "");
$replace = array("\\\\", "\\0", "\\n", "\\r", "\\'", '\\"', "\\Z");
return str_replace($search, $replace, $string);
}
$_dao = new CRM_Core_DAO();
}
return $_dao->escape($string);
}