本文整理汇总了PHP中DB::esc方法的典型用法代码示例。如果您正苦于以下问题:PHP DB::esc方法的具体用法?PHP DB::esc怎么用?PHP DB::esc使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类DB的用法示例。
在下文中一共展示了DB::esc方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: logout
public static function logout()
{
DB::query("DELETE FROM webchat_users WHERE name = '" . DB::esc($_SESSION['user']['name']) . "'");
$_SESSION = array();
unset($_SESSION);
return array('status' => 1);
}示例2: _HCM_linkuser
function _HCM_linkuser($jmeno = "")
{
$name = DB::esc(_anchorStr($jmeno, false));
$query = DB::query("SELECT id FROM `" . _mysql_prefix . "-users` WHERE username='" . $name . "'");
if (DB::size($query) != 0) {
$query = DB::row($query);
return _linkUser($query['id']);
}
}示例3: action_show
function action_show()
{
if (isset($_GET['id']) && $_GET['id'] > 0) {
$id = DB::esc(intval($_GET['id']));
$this->data = $this->model->getAdvert($id);
$this->view->setData($this->data);
$this->view->setTitle($this->data['title']);
$this->view->display('advert_view.php');
} else {
$this->action_404();
}
}示例4: action_category
function action_category()
{
if (isset($_GET['id']) && $_GET['id'] > 0) {
$id = DB::esc(intval($_GET['id']));
$category = new Category($id, $this->model);
$this->view->setData(array("category" => $category));
$this->view->setTitle($category->getName());
$this->view->display('category_view.php');
} else {
$this->action_404();
}
}示例5: explodeParameters
private static function explodeParameters($paramsArray)
{
if (!empty($paramsArray)) {
$params = $paramsArray;
$pairs = explode('&', $params);
foreach ($pairs as $pair) {
$part = explode('=', $pair);
// SQL Injection protection !!!
self::$params[$part[0]] = DB::esc(urldecode($part[1]));
}
}
}示例6: getDetails
public function getDetails()
{
$q = "SELECT r.id AS id, u.username AS user1, v.username AS user2, w.name AS grp, title, text, completed, begin, end, created, modified\n FROM reminders AS r \n LEFT OUTER JOIN users AS u ON r.user_id = u.id\n LEFT OUTER JOIN users AS v ON r.backup_user_id = v.id\n LEFT OUTER JOIN roles AS w ON r.group_id = w.id\n WHERE r.id = " . DB::esc($this->id);
$results = DB::query($q);
if (!$results) {
throw new Exception(DB::getMySQLiObject()->error);
}
$output = null;
if ($results) {
while ($output[] = mysqli_fetch_assoc($results)) {
}
}
if (!is_null($output) && end($output) == null) {
array_pop($output);
}
return $output;
}示例7: exportData
/**
* Export database data
* @param array|null $tables array of table names (with prefix) or null (= all)
* @return array temporary file array(handle, path) containing the data
*/
public function exportData($tables = null)
{
// find all tables
if (!isset($tables)) {
$tables = $this->_get_tables();
}
// get temporary file
$file = _tmpFile();
// vars
$null = chr(0);
$nullv = chr(1);
$prefix_len = strlen(_mysql_prefix) + 1;
// headers
$ver = _checkVersion('database', null, true);
$ver = end($ver);
fwrite($file[0], $ver . $null);
// data
for ($i = 0; isset($tables[$i]); ++$i) {
// query
$q = DB::query('SELECT * FROM `' . $tables[$i] . '`');
if (DB::size($q) === 0) {
// skip empty tables
DB::free($q);
continue;
}
// table header
$collist = true;
fwrite($file[0], substr($tables[$i], $prefix_len) . $null);
while ($r = DB::row($q)) {
// column list for table header (once)
if ($collist) {
$collist = false;
fwrite($file[0], implode($null, array_keys($r)) . $null . $null);
}
// row data
foreach ($r as $c) {
fwrite($file[0], (isset($c) ? DB::esc($c) : $nullv) . $null);
}
}
fwrite($file[0], $null);
DB::free($q);
$r = null;
}
// return
return $file;
}示例8: get
public function get($group = null)
{
if (is_null($group)) {
$results = DB::query("\n SELECT id, handle_number, handle_name, description, gps_status\n FROM handles\n ORDER BY handle_name ASC\n ");
} elseif (is_numeric($group)) {
$group_id = DB::esc($group);
$results = DB::query("\n SELECT id, handle_number, handle_name, description, gps_status\n FROM handles\n WHERE group_id = {$group_id}\n ORDER BY handle_name ASC\n ");
} else {
return false;
}
while ($data[] = mysqli_fetch_assoc($results)) {
}
if (!is_null($data) && end($data) == null) {
array_pop($data);
}
return $data;
}示例9: addAdvert
public function addAdvert($title, $type, $tel, $email, $content, $category, $holder)
{
$title = DB::esc($_POST["title"]);
$tel = DB::esc($_POST["tel"]);
$email = DB::esc($_POST["email"]);
$content = DB::esc($_POST["content"]);
$category = DB::esc($_POST["category"]);
$holder = DB::esc($_POST["holder"]);
$type = DB::esc($_POST["type"]);
$date = date("Y-m-d");
$res = DB::query("INSERT INTO adverts (id_holder,title,content,type,category_id,date,tel,email) " . "VALUES({$holder},'{$title}','{$content}',{$type},{$category},'{$date}','{$tel}','{$email}')");
if ($res) {
$json_data = array("result" => TRUE, "msg" => "Оголошення додано.");
} else {
$json_data = array("result" => FALSE, "msg" => "Виникла помилка. Спробуйте ще раз");
}
echo json_encode($json_data);
}示例10: handlerForm
protected function handlerForm()
{
$login = strip_tags(DB::esc($_POST['login']));
$password = strip_tags(DB::esc($_POST['password']));
if (!empty($login) && !empty($password)) {
$password = md5($password);
$query = "SELECT id FROM users WHERE login='{$login}' AND password= '{$password}'";
$result = DB::query($query);
$this->getMessageQueryErr($result, __FUNCTION__);
if ($result->num_rows == 1) {
$_SESSION['user'] = TRUE;
header("Location:?option=admin");
} else {
exit("Такого пользователя нет");
}
} else {
exit("Поля не заполнены");
}
}示例11: get
public function get($options = 'empty')
{
if (is_array($options)) {
$dbresult = DB::query("SELECT id,name FROM roles WHERE name = '" . DB::esc($options['role']) . "'");
if ($dbresult->num_rows == 1) {
$role_result = $dbresult->fetch_array();
$this->role_id = $role_result['id'];
} else {
throw new Exception('unknown chat');
}
$q = "SELECT * FROM (\r\n \t\t\tSELECT t.id, t.text, t.created, users.username, users.avatar\r\n \tFROM chatlines AS t INNER JOIN users ON t.user_id = users.id";
if ($options['first_id'] && is_numeric($options['first_id'])) {
$first_id = DB::esc($options['first_id']);
$limit_paging = DB::esc($options['limit_paging']);
$q .= " WHERE t.id < {$first_id}";
$q .= " AND t.role_id = " . $this->role_id;
$q .= " ORDER BY t.id DESC LIMIT {$limit_paging}) t";
$q .= " ORDER BY id ASC";
} else {
$since = DB::esc($options['since']);
$q .= $since ? " WHERE t.created >= '" . $since . "'" : "";
$q .= " AND t.role_id = " . $this->role_id;
$q .= " ORDER BY t.id DESC LIMIT 20) t";
$q .= " ORDER BY id ASC";
}
$results = DB::query($q);
} else {
throw new Exception('Invalid arguments for getChats');
}
$data[] = array('timestamp' => date('Y-m-d G:i:s'), 'limit' => 'true');
while ($data[] = mysqli_fetch_assoc($results)) {
}
if (!is_null($data) && end($data) == null) {
array_pop($data);
}
if ($limit_paging && count($data) < $limit_paging + 1) {
$data[0]['limit'] = 'false';
}
$data[0]['query'] = $q;
return $data;
}示例12: setTicket
public function setTicket($tick_no)
{
$q = "UPDATE messages SET ticket_id = " . DB::esc($tick_no) . "\n WHERE id = " . DB::esc($this->id);
$res = DB::query($q);
if (!$res) {
throw new Exception(DB::getMySQLiObject()->error);
}
}示例13: intval
// filtr skupiny
$grouplimit = "";
$grouplimit2 = "1";
if (isset($_GET['group'])) {
$group = intval($_GET['group']);
if ($group != -1) {
$grouplimit = " AND `" . _mysql_prefix . "-groups`.id=" . $group;
$grouplimit2 = "`group`=" . $group;
}
} else {
$group = -1;
}
// aktivace vyhledavani
if (isset($_GET['search']) and $_GET['search'] != "") {
$search = true;
$searchword = DB::esc($_GET['search']);
} else {
$search = false;
}
// filtry - vyber skupiny, vyhledavani
$output .= '
<table class="wintable">
<tr>
<td>
<form class="cform" action="index.php" method="get">
<input type="hidden" name="p" value="users-list" />
<input type="hidden" name="search"' . _restoreGetValue('search', '') . ' />
<strong>' . $_lang['admin.users.list.groupfilter'] . ':</strong> ' . _admin_authorSelect("group", $group, "id!=2", null, $_lang['global.all'], true) . '
</select> <input type="submit" value="' . $_lang['global.apply'] . '" />
</form>示例14: _xsrfProtect
$search_query = '';
$root = 1;
$art = 1;
$post = 1;
$image = 0;
}
/* --- modul --- */
if (_template_autoheadings == 1) {
$module .= "<h1>" . $_lang['mod.search'] . "</h1>";
}
$module .= "\n<p class='bborder'>" . $_lang['mod.search.p'] . "</p>\n\n<form action='index.php' method='get'>\n<input type='hidden' name='m' value='search' />\n" . _xsrfProtect() . "\n<input type='text' name='q' class='inputmedium' value='" . _htmlStr($search_query) . "' /> <input type='submit' value='" . $_lang['mod.search.submit'] . "' /><br />\n" . $_lang['mod.search.where'] . ": \n<label><input type='checkbox' name='root' value='1'" . _checkboxActivate($root) . " /> " . $_lang['mod.search.where.root'] . "</label> \n<label><input type='checkbox' name='art' value='1'" . _checkboxActivate($art) . " /> " . $_lang['mod.search.where.articles'] . "</label> \n<label><input type='checkbox' name='post' value='1'" . _checkboxActivate($post) . " /> " . $_lang['mod.search.where.posts'] . "</label> \n<label><input type='checkbox' name='img' value='1'" . _checkboxActivate($image) . " /> " . $_lang['mod.search.where.images'] . "</label>\n</form>\n\n";
/* --- vyhledavani --- */
if ($search_query != '' && _xsrfCheck(true)) {
if (mb_strlen($search_query) >= 3) {
// priprava
$search_query_sql = DB::esc('%' . $search_query . '%');
$results = array();
// polozka: array(link, titulek, perex)
$public = !_loginindicator;
// funkce na skladani vyhledavaciho dotazu
function _tmpSearchQuery($alias, $cols)
{
$output = '(';
for ($i = 0, $last = sizeof($cols) - 1; isset($cols[$i]); ++$i) {
$output .= $alias . '.' . $cols[$i] . ' LIKE \'' . $GLOBALS['search_query_sql'] . '\'';
if ($i !== $last) {
$output .= ' OR ';
}
}
$output .= ')';
return $output;示例15: save
public function save()
{
DB::query("\n\t\t\tINSERT INTO webchat_lines (author, gravatar, text, room, room_do, tss, czyt)\n\t\t\tVALUES (\n\t\t\t\t'" . DB::esc($this->author) . "',\n\t\t\t\t'" . DB::esc($this->gravatar) . "',\n\t\t\t\t'" . DB::esc($this->text) . "',\n\t\t\t\t'" . $this->room . "',\n\t\t\t\t'" . $this->room_od . "',\n\t\t\t\t'" . time() . "',\n\t\t\t\t'" . $this->czyt . "'\n\t\t)");
// Returns the MySQLi object of the DB class
return DB::getMySQLiObject();
}