本文整理汇总了PHP中Connection::escape方法的典型用法代码示例。如果您正苦于以下问题:PHP Connection::escape方法的具体用法?PHP Connection::escape怎么用?PHP Connection::escape使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类Connection
的用法示例。
在下文中一共展示了Connection::escape方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: save
public function save()
{
$connection = new Connection();
$sSQL = "INSERT INTO tblike(UserID, RecipeID)\n\t\t\t VALUES ('" . $connection->escape($this->iUserID) . "','" . $connection->escape($this->iRecipeID) . "')";
$bSuccess = $connection->query($sSQL);
if ($bSuccess == true) {
$this->iLikeID = $connection->get_insert_id();
} else {
die($sSQL . " fails!");
}
}
示例2: saveReply
public function saveReply()
{
$connection = new Connection();
$sSQL = "INSERT INTO tbcomment(Comment, UserID, OriginalID)\n VALUES ('" . $connection->escape($this->sComment) . "','" . $connection->escape($this->iUserID) . "','" . $connection->escape($this->iOriginalID) . "')";
$bSuccess = $connection->query($sSQL);
if ($bSuccess == true) {
$this->iCommentID = $connection->get_insert_id();
} else {
die($sSQL . " fails!");
}
}
示例3: _publicar
/**
* Subservice PUBLICAR
*
* @param Request $request
*/
public function _publicar($request)
{
$connection = new Connection();
$title = substr(trim($request->query), 0, 100);
$body = substr(trim($request->body), 0, 1000);
if ($title == '') {
$title = substr($body, 0, 100);
}
$title = $connection->escape($title);
$body = $connection->escape($body);
$title = str_replace("'", '\\' . "'", $title);
$body = str_replace("'", '\\' . "'", $body);
$hash = $this->utils->generateRandomHash();
$di = \Phalcon\DI\FactoryDefault::getDefault();
$wwwroot = $di->get('path')['root'];
// insert new ad with a year of life
$connection->deepQuery("INSERT INTO ads (title,description,owner,expiration_date) VALUES ('{$title}','{$body}','{$request->email}',DATE_ADD(CURRENT_DATE, INTERVAL 1 YEAR));");
// get id of the new ad inserted
$id = $connection->deepQuery("SELECT id FROM ads WHERE owner = '{$request->email}' ORDER BY time_inserted DESC LIMIT 100;");
$id = $id[0]->id;
// insert one image for the ad
foreach ($request->attachments as $at) {
if (isset($at->type) && strpos("jpg,jpeg,image/jpg,image/jpeg,image/png,png,image/gif,gif", $at->type) !== false && isset($at->path)) {
// save the image
$img = file_get_contents($at->path);
$filePath = "{$wwwroot}/public/ads/" . md5($id) . ".jpg";
file_put_contents($filePath, $img);
// optimize the image
$this->utils->optimizeImage($filePath);
// only first image
break;
}
}
// respond to the owner of the ad
$response = new Response();
$response->setResponseSubject("Su anuncio ha sido agregado");
$response->createFromTemplate('publish.tpl', array('id' => $id, 'userEmail' => $request->email));
// alert us about the new ad
$alert = new Response();
$alert->setResponseEmail("publicidad@apretaste.com");
$alert->setEmailLayout("email_simple.tpl");
$alert->setResponseSubject('Nueva publicidad en Apretaste');
$alert->createFromTemplate('notify.tpl', array('owner' => $request->email, 'title' => $title, 'body' => $body));
return array($response, $alert);
}
示例4: testEscape
public function testEscape()
{
$this->assertEquals("'Simon''s Cat'", $this->connection->escape("Simon's Cat"));
$this->assertEquals(12, $this->connection->escape(12));
$this->assertEquals("'0012'", $this->connection->escape('0012'));
$this->assertEquals('NULL', strtoupper($this->connection->escape(null)));
$this->assertEquals("''", strtoupper($this->connection->escape('')));
$this->assertEquals(1, $this->connection->escape(true));
}
示例5: save
public function save()
{
$connection = new Connection();
$sSQL = "INSERT INTO tbnewsletter(Email)\n VALUES ('" . $connection->escape($this->sEmail) . "')";
$bSuccess = $connection->query($sSQL);
if ($bSuccess == true) {
$this->iSubscriberID = $connection->get_insert_id();
} else {
die($sSQL . " fails!");
}
}
示例6: truncate
/**
* @param string $_table
*/
public function truncate($_table)
{
/* ## LOGGER ## */
if (isset($this->logger)) {
$this->logger->DEBUG('truncate: ' . $_table);
}
if (empty($_table)) {
throw new UndefinedTabelException('null');
}
$table = $this->connection->escape($_table);
$sql = 'TRUNCATE TABLE `' . $table . '`';
$result = $this->connection->send($sql);
}
示例7: loadByEmail
public function loadByEmail($sMemberEmail)
{
$oCon = new Connection();
$sSQL = "SELECT MemberID FROM tbmember WHERE MemberEmail='" . $oCon->escape($sMemberEmail) . "'";
$oResultSet = $oCon->query($sSQL);
$aRow = $oCon->fetchArray($oResultSet);
if ($aRow == true) {
$sID = $aRow["MemberID"];
$this->load($sID);
return true;
} else {
return false;
}
$oCon->close();
}
示例8: delete
/**
* @param string $_index
*/
public function delete($_index)
{
/* ## LOGGER ## */
if (isset($this->logger)) {
$this->logger->DEBUG('delete');
}
if (empty($_index)) {
throw new UndefinedRowException('null');
}
$table = $this->connection->escape($this->table);
$primary = $this->connection->escape($this->primary);
$index = $this->connection->escape($_index);
$sql = 'DELETE FROM `' . $table . '` WHERE `' . $primary . '` = \'' . $index . '\';';
$result = $this->connection->send($sql);
if ($this->connection->getAffectedRows() <= 0) {
throw new UndefinedRowException('undefined ' . $primary . '=' . $index);
}
}
示例9: save
public function save()
{
$connection = new Connection();
if ($this->iUserID == 0) {
// if new customer
$sSQL = "INSERT INTO tbuser (FirstName, LastName, Username, Address, Email, Telephone, Password, Admin)\n VALUES ('" . $connection->escape($this->sFirstName) . "','" . $connection->escape($this->sLastName) . "','" . $connection->escape($this->sUsername) . "','" . $connection->escape($this->sAddress) . "','" . $connection->escape($this->sEmail) . "','" . $connection->escape($this->iTelephone) . "','" . $connection->escape($this->sPassword) . "','" . $connection->escape($this->iAdmin) . "')";
$bSuccess = $connection->query($sSQL);
if ($bSuccess == true) {
$this->iUserID = $connection->get_insert_id();
} else {
die($sSQL . " fails");
}
} else {
// if updating an existing customer
$sSQL = "UPDATE tbuser\n SET UserID = '" . $connection->escape($this->iUserID) . "', FirstName ='" . $connection->escape($this->sFirstName) . "', LastName ='" . $connection->escape($this->sLastName) . "', Username = '" . $connection->escape($this->sUsername) . "', Address = '" . $connection->escape($this->sAddress) . "', Email = '" . $connection->escape($this->sEmail) . "', Telephone = '" . $connection->escape($this->iTelephone) . "', Password ='" . $this->sPassword . "', Admin ='" . $connection->escape($this->iAdmin) . "'\n WHERE UserID =" . $connection->escape($this->iUserID);
$bSuccess = $connection->query($sSQL);
if ($bSuccess == false) {
die($sSQL . " fails");
}
}
}
示例10: quoteIntoSql
/**
* TODO: This is exactly what I don't want to do. "Roll my own" SQL handler.
* However, the requirements for this package have led to this point for now.
*
* @param Connection $connection
* @return mixed
*/
protected function quoteIntoSql(Connection $connection)
{
$quotedSql = $this->sql;
$quotedParams = [];
foreach ($this->params as $key => $value) {
if (is_null($value)) {
$quotedParams[$key] = 'NULL';
} else {
if (is_integer($value)) {
$quotedParams[$key] = (int) $value;
} else {
if (in_array($value, $this->reserved_words)) {
$quotedParams[$key] = $value;
} else {
$quotedParams[$key] = '\'' . $connection->escape($value) . '\'';
}
}
}
}
return strtr($quotedSql, $quotedParams);
}
示例11: save
public function save()
{
$connection = new Connection();
if ($this->iRecipeID == 0) {
$sSQL = "INSERT INTO tbrecipe(Title, AuthorNotes, Ingredients, Directions, ImagePath, UserID, RecipeTypeID)\n VALUES ('" . $connection->escape($this->sTitle) . "','" . $connection->escape($this->sAuthorNotes) . "','" . $connection->escape($this->sIngredients) . "','" . $connection->escape($this->sDirections) . "','" . $connection->escape($this->sImagePath) . "','" . $connection->escape($this->iUserID) . "','" . $connection->escape($this->iRecipeTypeID) . "')";
$bSuccess = $connection->query($sSQL);
if ($bSuccess == true) {
$this->iRecipeID = $connection->get_insert_id();
} else {
die($sSQL . " fails!");
}
} else {
// update instead
$sSQL = "UPDATE tbrecipe\n SET Title = '" . $connection->escape($this->sTitle) . "',AuthorNotes ='" . $connection->escape($this->sAuthorNotes) . "',Ingredients='" . $connection->escape($this->sIngredients) . "',Directions='" . $connection->escape($this->sDirections) . "',ImagePath='" . $connection->escape($this->sImagePath) . "',UserID='" . $connection->escape($this->iUserID) . "', RecipeTypeID='" . $connection->escape($this->iRecipeTypeID) . "'\n WHERE RecipeID=" . $this->iRecipeID;
$bSuccess = $connection->query($sSQL);
if ($bSuccess == false) {
die($sSQL . " fails!");
}
}
}
示例12: save
public function save()
{
$connection = new Connection();
$a = date("Y-m-d");
$sSQL = "INSERT INTO tborder(OrderDate,OrderStatus, RecipientName, DeliveryAddress, BillingAddress, Payment, AccountName, CardNumber, ExpiryDate, Security, UserID)\n VALUES ('" . $connection->escape($a) . "','" . $connection->escape($this->sOrderStatus) . "','" . $connection->escape($this->sRecipientName) . "','" . $connection->escape($this->sDelivery) . "','" . $connection->escape($this->sBilling) . "','" . $connection->escape($this->sPayment) . "','" . $connection->escape($this->sAccountName) . "','" . $connection->escape($this->iCardNumber) . "','" . $connection->escape($this->sExpiry) . "','" . $connection->escape($this->iSecurity) . "','" . $connection->escape($this->iUserID) . "')";
$bSuccess = $connection->query($sSQL);
if ($bSuccess == true) {
$this->iOrderID = $connection->get_insert_id();
} else {
die($sSQL . " fails!");
}
}
示例13: __toString
public function __toString()
{
return sprintf("%s like '%s'", $this->field, Connection::escape($this->values[0]));
}
示例14: renderResponse
//.........这里部分代码省略.........
if ($pInviter !== false) {
if (trim($pInviter->name) !== '') {
$inviter = $pInviter->name;
}
}
$pGuest = $utils->getPerson($email);
$guest = $email;
if ($pGuest !== false) {
$guest = $pGuest->username;
}
$newGuest->createFromTemplate("invitationNewGuest.tpl", array("inviter" => $inviter, "guest" => $guest, "guest_email" => $email));
$newGuest->internal = true;
$responses[] = $newGuest;
break;
}
}
// mark all opened invitations to that email as used
$sql .= "UPDATE invitations SET used=1, used_time=CURRENT_TIMESTAMP WHERE email_invited='{$email}' AND used=0;";
}
// create a unique username and save the new person
$username = $utils->usernameFromEmail($email);
$sql .= "INSERT INTO person (email, username, last_access, source) VALUES ('{$email}', '{$username}', CURRENT_TIMESTAMP, '{$inviteSource}');";
// save details of first visit
$sql .= "INSERT INTO first_timers (email, source) VALUES ('{$email}', '{$fromEmail}');";
// check list of promotor's emails
$promoters = $connection->deepQuery("SELECT email FROM promoters WHERE email='{$fromEmail}' AND active=1;");
$prize = count($promoters) > 0;
if ($prize) {
// update the promotor
$sql .= "UPDATE promoters SET `usage`=`usage`+1, last_usage=CURRENT_TIMESTAMP WHERE email='{$fromEmail}';";
// add credit and tickets
$sql .= "UPDATE person SET credit=credit+5, source='promoter' WHERE email='{$email}';";
$sqlValues = "('{$email}', 'PROMOTER')";
$sql .= "INSERT INTO ticket(email, origin) VALUES " . str_repeat($sqlValues . ",", 9) . "{$sqlValues};";
}
// run the long query all at the same time
$connection->deepQuery($sql . "COMMIT;");
// send the welcome email
$welcome = new Response();
$welcome->setResponseEmail($email);
$welcome->setEmailLayout("email_simple.tpl");
$welcome->setResponseSubject("Bienvenido a Apretaste!");
$welcome->createFromTemplate("welcome.tpl", array("email" => $email, "prize" => $prize, "source" => $fromEmail));
$welcome->internal = true;
$responses[] = $welcome;
}
// create and configure to send email
$emailSender = new Email();
$emailSender->setRespondEmailID($messageID);
$emailSender->setEmailGroup($fromEmail);
// get params for the email and send the response emails
foreach ($responses as $rs) {
if ($rs->render) {
// save impressions in the database
$ads = $rs->getAds();
if ($userService->showAds && !empty($ads)) {
$sql = "";
if (!empty($ads[0])) {
$sql .= "UPDATE ads SET impresions=impresions+1 WHERE id='{$ads[0]->id}';";
}
if (!empty($ads[1])) {
$sql .= "UPDATE ads SET impresions=impresions+1 WHERE id='{$ads[1]->id}';";
}
$connection->deepQuery($sql);
}
// prepare the email variable
$emailTo = $rs->email;
$subject = $rs->subject;
$images = $rs->images;
$attachments = $rs->attachments;
$body = $render->renderHTML($userService, $rs);
// remove dangerous characters that may break the SQL code
$subject = trim(preg_replace('/\'|`/', "", $subject));
// send the response email
$emailSender->sendEmail($emailTo, $subject, $body, $images, $attachments);
}
}
// saves the openning date if the person comes from remarketing
$connection->deepQuery("UPDATE remarketing SET opened=CURRENT_TIMESTAMP WHERE opened IS NULL AND email='{$email}'");
// calculate execution time when the service stopped executing
$currentTime = new DateTime();
$startedTime = new DateTime($execStartTime);
$executionTime = $currentTime->diff($startedTime)->format('%H:%I:%S');
// get the user email domainEmail
$emailPieces = explode("@", $email);
$domain = $emailPieces[1];
// get the top and bottom Ads
$ads = isset($responses[0]->ads) ? $responses[0]->ads : array();
$adTop = isset($ads[0]) ? $ads[0]->id : "NULL";
$adBottom = isset($ads[1]) ? $ads[1]->id : "NULL";
// save the logs on the utilization table
$safeQuery = $connection->escape($query);
$sql = "INSERT INTO utilization\t(service, subservice, query, requestor, request_time, response_time, domain, ad_top, ad_bottom) VALUES ('{$serviceName}','{$subServiceName}','{$safeQuery}','{$email}','{$execStartTime}','{$executionTime}','{$domain}',{$adTop},{$adBottom})";
$connection->deepQuery($sql);
// return positive answer to prove the email was quequed
return true;
}
// false if no action could be taken
return false;
}
示例15: addService
/**
* Add a new service to the filesystem, database and create the specific service tables
*
* @author salvipascual
* @author kuma
* @param Service
* @param String , the path to the location of the zip
* @param String , the path to the location of the files
* @paran Boolean , if service are updating
* */
public function addService($service, $pathToZip, $pathToService, $updating = false)
{
$utils = $this->getUtils();
// get the path
$di = \Phalcon\DI\FactoryDefault::getDefault();
$wwwroot = $di->get('path')['root'];
// create a new connection
$connection = new Connection();
// save the new service in the database
$insertUserQuery = "\n\t\t\tINSERT INTO service (name,description,usage_text,creator_email,category,listed,ads) \n\t\t\tVALUES ('{$service['serviceName']}','{$service['serviceDescription']}','{$service['serviceUsage']}','{$service['creatorEmail']}','{$service['serviceCategory']}','{$service['listed']}','{$service['showAds']}')";
$connection->deepQuery($insertUserQuery);
// clear old alias
$sqlClear = "DELETE FROM service_alias WHERE alias <> '";
$sqlClear .= implode("' AND alias <> '", $service['serviceAlias']);
$sqlClear .= "' AND service = '{$service['serviceName']}' ;";
$connection->deepQuery($sqlClear);
// insert new alias
foreach ($service['serviceAlias'] as $alias) {
$connection->deepQuery("INSERT IGNORE INTO service_alias (service, alias) VALUES ('{$service['serviceName']}','{$alias}');");
}
// clear old ads
$connection->deepQuery("DELETE FROM ads WHERE related_service = '{$service['serviceName']}';");
// create the owner of ad
$sql = "INSERT IGNORE INTO person (email, username, credit) VALUES ('soporte@apretaste.com', 'soporteap', 1000000);";
$sql .= "UPDATE person SET credit = 1000000 WHERE email = 'soporte@apretaste.com';";
$connection->deepQuery($sql);
$serviceName = strtoupper($service['serviceName']);
$serviceDesc = $connection->escape($service['serviceDescription']);
$toaddress = $utils->getValidEmailAddress();
// create an Ad for new service
$body = "<p>Hola,<br/><br/>Nos alegra decir que tenemos un servicio nuevo en Apretatse. El servicio es {$serviceName} y {$serviceDesc}. ";
$body .= "Espero que le sea de su agrado, y si quiere saber mas al respecto, el enlace a continuacion le explicará como se usa y detallará más sobre el mismo.";
$body .= '<center><a href="mailto:' . $toaddress . '?subject=AYUDA ' . $serviceName . '">Conocer más sobre este servicio</a></center>';
$body .= "<br/><br/>Gracias por usar Apretaste.<p>";
if ($updating) {
$body = "<p>Hola,<br/><br/>Tenemos una actualización al servicio {$serviceName} en Apretaste!";
$body .= "Con las actualizaciones vienen mejoras, nuevas funciones y soluciones a problemas antiguos. Espero que le sea de su agrado, y si quiere saber mas al respecto, el enlace a continuacion le explicará como se usa y detallará más sobre el mismo.";
$body .= '<center><a href="mailto:' . $toaddress . '?subject=AYUDA ' . $serviceName . '">Conocer más sobre este servicio</a></center>';
$body .= "<br/><br/>Gracias por usar Apretaste.<p>";
}
$title = 'Presentando el servicio ' . $serviceName . ' a nuestros usuarios de Apretaste';
if ($updating) {
$title = 'Buenas noticias! Hemos realizado mejoras al servicio ' . $serviceName;
}
$sql = "INSERT INTO ads (title,description,owner,expiration_date,related_service) \n\t\t\t VALUES ('{$title}', '{$body}','soporte@apretaste.com', DATE_ADD(CURRENT_DATE, INTERVAL 1 WEEK), '{$service['serviceName']}');";
$connection->deepQuery($sql);
// copy files to the service folder and remove temp files
rename($pathToService, "{$wwwroot}/services/{$service['serviceName']}");
unlink($pathToZip);
}