当前位置: 首页>>代码示例>>PHP>>正文


PHP DBConnection::string_escape方法代码示例

本文整理汇总了PHP中DBConnection::string_escape方法的典型用法代码示例。如果您正苦于以下问题:PHP DBConnection::string_escape方法的具体用法?PHP DBConnection::string_escape怎么用?PHP DBConnection::string_escape使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在DBConnection的用法示例。


在下文中一共展示了DBConnection::string_escape方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: getLang

        } else {
            $message = getLang('reset_noemail');
        }
    }
}
$ShowQuestionForm = 0;
$SecretQuestion = '';
if ($_POST['_reqpass'] == 1 || $_POST['_pwdreset1'] == 1) {
    $pattern = '/^[\\_]*([a-z0-9]+(\\.|\\_*)?)+@([a-z][a-z0-9\\-]+(\\.|\\-*\\.))+[a-z]{2,6}$/i';
    $check = preg_match($pattern, $_POST['rform_email']);
    if ($check == 0) {
        $_POST['rform_email'] = '';
        $message = 'Invalid email';
    } else {
        $db = new DBConnection();
        $query = 'SELECT * FROM users WHERE user_email="' . $db->string_escape($_POST['rform_email']) . '" LIMIT 1';
        $res = $db->rq($query);
        $row = $db->fetch($res);
        if (!$row['user_secret_question']) {
            $message = getLang('reset_noquest');
        } else {
            $SecretQuestion = $row['user_secret_question'];
            $ShowQuestionForm = 1;
        }
    }
}
// $ShowQuestionForm=1;
if ($ShowQuestionForm == 1) {
    include 'parts/show_question.php';
} else {
    include 'parts/forgot_box.php';
开发者ID:sahartak,项目名称:v1poject,代码行数:31,代码来源:pwdreset.php

示例2: resetPasswordAnswer

    public function resetPasswordAnswer()
    {
        $db = new DBConnection();
        $return = array();
        $query = 'SELECT * FROM users WHERE user_email="' . $db->string_escape($_POST['rform_email']) . '" LIMIT 1';
        $res = $db->rq($query);
        $row = $db->fetch($res);
        if (!isset($row['user_secret_answer'])) {
            $return['error'] = getLang('reset_noansw');
        } else {
            if (strtolower(trim($_POST['rform_answer'])) == strtolower(trim($row['user_secret_answer']))) {
                $pattern = '/^[\\_]*([a-z0-9]+(\\.|\\_*)?)+@([a-z][a-z0-9\\-]+(\\.|\\-*\\.))+[a-z]{2,6}$/i';
                $check = preg_match($pattern, $_POST['rform_email']);
                if ($check == 0) {
                    $return['error'] = getLang('reset_invalid_email');
                } else {
                    $db = new DBConnection();
                    $query = 'SELECT u.*, ua1.advisor_names as user_advisor1, ua2.advisor_names as user_advisor2 FROM users u
							left join users_advisors ua1 on u.user_advisor1 = ua1.users_advisors_id
							left join users_advisors ua2 on u.user_advisor2 = ua2.users_advisors_id
							WHERE u.user_email="' . $_POST['rform_email'] . '" LIMIT 1';
                    $res = $db->rq($query);
                    $num_rows = $db->num_rows($res);
                    if ($num_rows > 0) {
                        $row = $db->fetch($res);
                        addLog('Front-end', 'Login', '' . $row['user_firstname'] . ' ' . $row['user_lastname'] . ' (' . $row['user_account_num'] . ')', 0, 'Password reset request.');
                        /*$possible = '0123456789abcdfghjklmnopqrstuvwxyzABCDFGHJKLMNOPQRSTUVWXYZ';
                        
                        						$newpass = '';
                        
                        						$i = 0;
                        
                        						for($i=0;$i<8;$i++) {
                        
                        							$newpass.= substr($possible, mt_rand(0, strlen($possible)-1), 1);
                        
                        						}
                        
                        						$query2='UPDATE users SET user_password="'.$newpass.'", user_passisset=0 WHERE users_id='.($row['users_id']+0).'';
                        
                        						$db->rq($query2);
                        						*/
                        $query3 = 'SELECT * FROM mail_templates mt LEFT JOIN global_settings gs ON mt.mail_templates_id=gs.variable_value WHERE variable="Forgot password"';
                        $res3 = $db->rq($query3);
                        $num_rows3 = $db->num_rows($res3);
                        if ($num_rows3 > 0) {
                            $row3 = $db->fetch($res3);
                            $query4 = 'SELECT * FROM global_settings WHERE section="mail_settings"';
                            $res4 = $db->rq($query4);
                            while (($row4 = $db->fetch($res4)) != FALSE) {
                                if ($row4['variable'] == 'mail_mandrill_host' && $row4['variable_value'] != '') {
                                    $smtp_host = $row4['variable_value'];
                                }
                                if ($row4['variable'] == 'mail_mandrill_port' && $row4['variable_value'] != '') {
                                    $smtp_port = $row4['variable_value'];
                                }
                                if ($row4['variable'] == 'mail_mandrill_user' && $row4['variable_value'] != '') {
                                    $smtp_user = $row4['variable_value'];
                                }
                                if ($row4['variable'] == 'mail_mandrill_password' && $row4['variable_value'] != '') {
                                    $smtp_password = $row4['variable_value'];
                                }
                            }
                            include 'nomad_mimemail.inc.php';
                            $mimemail = new nomad_mimemail();
                            $mimemail->set_charset("UTF-8");
                            if ($row3['mail_from'] != '') {
                                $mimemail->set_from($row3['mail_from_mail'], $row3['mail_from']);
                                $mimemail->set_reply_to($row3['mail_from_mail'], $row3['mail_from']);
                            } else {
                                $mimemail->set_from($row3['mail_from_mail']);
                                $mimemail->set_reply_to($row3['mail_from_mail']);
                            }
                            $search_for = array('{user_first_name}', '{user_last_name}', '{user_username}', '{user_password}', '{user_password_org}', '{user_account_num}', '{user_account_name}', '{user_admin_ref}', '{user_phone}', '{user_email}', '{user_mailing_address}', '{user_city}', '{user_state}', '{user_postal}', '{user_country}', '{user_advisor1}', '{user_advisor2}', '{user_app_date}');
                            $replace_with = array($row['user_firstname'], $row['user_lastname'], $row['user_username'], $row['user_password'], $row['user_password'], $row['user_account_num'], $row['user_account_name'], $row['user_ref'], $row['user_phone'], $row['user_email'], $row['user_mailing_address'], $row['user_city'], $row['user_state'], $row['user_postal'], $row['user_country'], $row['user_advisor1'], $row['user_advisor2'], $row['user_app_date']);
                            $row3['mail_html'] = str_replace($search_for, $replace_with, $row3['mail_html']);
                            $row3['mail_plain'] = str_replace($search_for, $replace_with, $row3['mail_plain']);
                            $t_search_for = array('{thanks}');
                            $t_replace_with_html = array(getLang('mails_thanks_html'));
                            $t_replace_with_plain = array(getLang('mails_thanks_plain'));
                            $row3['mail_html'] = str_replace($t_search_for, $t_replace_with_html, $row3['mail_html']);
                            $row3['mail_plain'] = str_replace($t_search_for, $t_replace_with_plain, $row3['mail_plain']);
                            $mimemail->set_subject($row3['mail_subject']);
                            $mimemail->set_html($row3['mail_html']);
                            $mimemail->set_text($row3['mail_plain']);
                            $mimemail->set_to($_POST['rform_email'], '' . $row['user_firstname'] . ' ' . $row['user_lastname'] . '');
                            if ($row3['mail_bcc']) {
                                $mimemail->set_bcc($row3['mail_bcc']);
                            }
                            $mimemail->set_smtp_host($smtp_host, $smtp_port);
                            $mimemail->set_smtp_auth($smtp_user, $smtp_password);
                            $mimemail->send();
                        }
                        $db->close();
                        $return['success'] = getLang('rform_newpass');
                    } else {
                        $return['error'] = getLang('reset_noemail');
                    }
                }
            } else {
//.........这里部分代码省略.........
开发者ID:sahartak,项目名称:v1poject,代码行数:101,代码来源:ajax_actions.php

示例3: DBConnection

<?php
require '../../vendor/autoload.php';

require_once('ulogin/config/all.inc.php');
require_once('ulogin/main.inc.php');
require_once('auth.php');

if($_SESSION['admin']['is_logged']!=1) {
	header('Location: index.php');
	exit();
}
usleep(150000);
require_once('../../classes/db.class.php');
	$db=new DBConnection();
	$validateStock=$db->string_escape($_GET['symbol']);
	$query='SELECT stocks_id FROM stocks WHERE stocks_symbol="'.$validateStock.'" LIMIT 1';
	$res=$db->rq($query);
	$num_rows=$db->num_rows($res);
	if ($num_rows==0){
		$valid = 'true';
	}else{
		$row=$db->fetch($res);
        
		if($row['stocks_id'] > 0 && isset($_SESSION['admin']['uedit']) && $row['stocks_id'] == $_SESSION['admin']['uedit']) {
			$valid = 'true';
		}else{
			$valid = 'false';
		}
	}
	$db->close();
echo $valid;
开发者ID:sahartak,项目名称:v1poject,代码行数:31,代码来源:validateStockSymbols.php

示例4: DBConnection

<?php
require '../../vendor/autoload.php';
require_once('ulogin/config/all.inc.php');
require_once('ulogin/main.inc.php');
require_once('auth.php');

if($_SESSION['admin']['is_logged']!=1) {
	header('Location: index.php');
	exit();
}
usleep(150000);
require_once('../../classes/db.class.php');
	$db=new DBConnection();
	$validateRef=$db->string_escape($_GET['ref']);
	$query='SELECT users_advisors_id FROM users_advisors WHERE advisor_ref="'.$validateRef.'" LIMIT 1';
	$res=$db->rq($query);
	$num_rows=$db->num_rows($res);
	if ($num_rows==0){
		$valid = 'true';
	}else{
		$row=$db->fetch($res);
		if($row['users_advisors_id']>0&&$row['users_advisors_id']==$_SESSION['admin']['uedit']) {
			$valid = 'true';
		}else{
			$valid = 'false';
		}
	}
	$db->close();
echo $valid;
?>
开发者ID:sahartak,项目名称:v1poject,代码行数:30,代码来源:validateRefAdvisors.php

示例5: header

<?php

session_start();
require '../vendor/autoload.php';
if ($_SESSION['user']['is_logged'] != 1) {
    header('Location: index.php');
    exit;
}
usleep(150000);
require_once '../classes/db.class.php';
$db = new DBConnection();
$validateEmail = $db->string_escape($_GET['user_email']);
$query = 'SELECT user_account_num FROM users WHERE user_email="' . $validateEmail . '" LIMIT 1';
$res = $db->rq($query);
$num_rows = $db->num_rows($res);
if ($num_rows == 0) {
    $valid = 'true';
} else {
    $row = $db->fetch($res);
    if ($row['user_account_num'] > 0 && $row['user_account_num'] == $_SESSION['user']['user_account_num']) {
        $valid = 'true';
    } else {
        $valid = 'false';
    }
}
$db->close();
echo $valid;
开发者ID:sahartak,项目名称:v1poject,代码行数:27,代码来源:validateEmailUsers.php

示例6: exit

require_once('../includes/ulogin/config/all.inc.php');
require_once('../includes/ulogin/main.inc.php');
require_once('../includes/auth.php');

if ($_SESSION['admin']['is_logged']!=1){
    echo 'ERROR';
    exit();
}
require_once ('../../classes/db.class.php');

$db=new DBConnection();

$searchColumns=array('commodities_groups_id','commodities_groups_name');
$searchLimit='';
if (isset($_GET['iDisplayStart'])&&$_GET['iDisplayLength']!='-1'){
    $searchLimit='LIMIT '.$db->string_escape($_GET['iDisplayStart']).', '.$db->string_escape($_GET['iDisplayLength']).'';
}

/* Ordering */
if (isset($_GET['iSortCol_0'])){
    $searchOrder="ORDER BY  ";
    for($i=0; $i<$db->string_escape($_GET['iSortingCols']); $i++ ){
	$addComma='';
	if($i!=0) $addComma.=', ';
	$searchOrder.=$addComma.fnColumnToField($db->string_escape($_GET['iSortCol_'.$i])).' '.$db->string_escape($_GET['iSortDir_'.$i]).'';
    }
}

$searchFor='';
if ($_GET['sSearch']!=''){
开发者ID:sahartak,项目名称:v1poject,代码行数:30,代码来源:tables_commodities_groups.php

示例7: addNewValue

function addNewValue($details_id=0) {
	$JSCripts=' onchange="setDetails();"';
	$db=new DBConnection();
	$pcontent='';
	$pcontent.='
<div class="mainHolder">
<div class="hintHolder ui-state-default"><b>Adding New Stock Values</b></div> 
<script type="text/javascript" src="../js/jquery.validate.js"></script>
<script type="text/javascript" src="js/forms/stockValues.js"></script>
<form name="addNewStockValue" method="POST" id="MainForms" action="">';

$query='SELECT * FROM stocks ORDER BY stocks_name ASC';
$res=$db->rq($query);
$num = 1;
$pcontent.='<div class="left">';
while (($row=$db->fetch($res))!=FALSE){
    
	if($details_id > 0) { 
		$details_id = $db->string_escape($details_id);
		$curval     = $db->getRow('stock_details','stocks_id="'.$row['stocks_id'].'" AND details_ref="'.$details_id.'"','value, volume, date');
	} else { 
		$curval = $db->getRow('stock_details','stocks_id="'.$row['stocks_id'].'" ORDER BY date DESC','value, volume');
	}
    
	if($curval){
	    $date = array_get($curval, 'date');
	    
		$pcontent.='<fieldset class="mainFormHolder">
			<legend>Share</legend>
			<div class="formsLeft">Share:</div>
			<div class="formsRight">
				<select name="stocks_id_'.$num.'" id="stocks_id_'.$num.'" class="text-input">';
				$pcontent.='<option value="'.$row['stocks_id'].'">'.$row['stocks_symbol'].' ('.$row['stocks_name'].')</option>';
			$pcontent.='
				</select>
			</div><br />
			<div class="formsLeft">Value:</div>
			<div class="formsRight">
				<input class="required text-input align-right" type="text" name="value_'.$num.'" id="value_'.$num.'" value="'.$curval['value'].'"'.$JSCripts.' />
			</div>
			<br />
			<div class="formsLeft">Volume:</div>
			<div class="formsRight">
				<input class="text-input align-right" type="text" name="volume_'.$num.'" id="volume_'.$num.'" value="'.$curval['volume'].'"'.$JSCripts.' />
			</div><br />
		</fieldset>';
	}
	$num++;
}
$pcontent.='</div><div class="left"><fieldset class="mainFormHolder">

	<legend>Date</legend>
	<div class="formsLeft">Value date:</div>
	<div class="formsRight"><input class="text-input" type="text" name="date_value" id="date_value" value="'.$date.'" /></div>
	<br />';
	if($details_id) { 
		$pcontent.='<input type="hidden" name="trade_ref" value="'.$details_id.'" />';
		$pcontent.='<input type="button" name="_delete" value="'.getLang('sform_delbtn').'" class="submitBtn ui-state-default" onclick="if(confirm(\'Are you sure you want to delete the values from this date?\')) location=\'?action=delete_values&sid='.($details_id).'\';" />';
	}
	$pcontent.='<input type="hidden" name="_form_submit" value="1" />
	<input type="hidden" name="_new_value" value="1" />
	<input type="submit" name="_submit" value="'.getLang('sform_savebtn').'" class="submitBtn ui-state-default" />
	';
	$pcontent.='
	<input type="button" name="_cancel" value="'.getLang('sform_backbtn').'" class="submitBtn ui-state-default" onclick="location=\'stocks.php\';" />
	</fieldset></div>
</form>
</div>';
	return $pcontent;
}
开发者ID:sahartak,项目名称:v1poject,代码行数:70,代码来源:stocks.php

示例8: header

<?php
require_once('template.php');
if(!$_SESSION['admin']['is_logged']) {
    header('Location: index.php');
    exit();
}
$_SESSION['admin']['selected_tab']=5;
unset($_SESSION['admin']['uedit']);
if(isset($_POST['_form_submit'])) {
    $db=new DBConnection();
    foreach ($_POST AS $k=>$x) $_POST[$k]=$db->string_escape($x);
    if(($_POST['cid']+0)>0) {
        $query='UPDATE commodities SET commodities_groups_id="'.$_POST['commodities_groups_id'].'",
		commodities_name="'.($_POST['commodities_name']).'", commodities_symbol="'.$_POST['commodities_symbol'].'", 
		commodities_contract_size="'.$db->string_escape($_POST['commodities_contract_size']).'", 
		commodities_unit="'.$db->string_escape($_POST['commodities_unit']).'", 
		commodities_status="'.$db->string_escape($_POST['commodities_status']).'",
		commodities_order_priority="'.$db->string_escape($_POST['commodities_order_priority']).'", 
		commodities_def_fee="'.$db->string_escape($_POST['commodities_def_fee']+0).'",
		commodities_def_prem="'.$db->string_escape($_POST['commodities_def_prem']+0).'"  
		WHERE commodities_id='.($_POST['cid']+0).'';
        $db->rq($query);
        
        addLog('Back-end','Back-end Settings, Commodities',0,''.$_SESSION['admin']['name'].' ('.$_SESSION['admin']['refnum'].')','Commodity edited ('.$_POST['commodities_symbol'].')');
    }else {
        $query='INSERT INTO commodities SET commodities_groups_id="'.$_POST['commodities_groups_id'].'",
		commodities_name="'.($_POST['commodities_name']).'", commodities_symbol="'.$_POST['commodities_symbol'].'", 
		commodities_contract_size="'.$db->string_escape($_POST['commodities_contract_size']).'", 
		commodities_unit="'.$db->string_escape($_POST['commodities_unit']).'", 
		commodities_status="'.$db->string_escape($_POST['commodities_status']).'",
		commodities_order_priority="'.$db->string_escape($_POST['commodities_order_priority']).'",
开发者ID:sahartak,项目名称:v1poject,代码行数:31,代码来源:commodities.php

示例9: DBConnection

<?php
require '../../vendor/autoload.php';

require_once('ulogin/config/all.inc.php');
require_once('ulogin/main.inc.php');
require_once('auth.php');

if(!isAppLoggedIn()) {
	header('Location: index.php');
	exit();
}
usleep(150000);
require_once('../../classes/db.class.php');
	$db=new DBConnection();
	$validateUsername=$db->string_escape($_GET['user_username']);
	$query='SELECT users_id FROM users WHERE user_username="'.$validateUsername.'" LIMIT 1';
	$res=$db->rq($query);
	$num_rows=$db->num_rows($res);
	if ($num_rows==0){
		$valid = 'true';
	}else{
		$row=$db->fetch($res);
		if($row['users_id']>0&&$row['users_id']==$_SESSION['admin']['uedit']) {
			$valid = 'true';
		}else{
			$valid = 'false';
		}
	}
	$db->close();
echo $valid;
?>
开发者ID:sahartak,项目名称:v1poject,代码行数:31,代码来源:validateUserUsername.php

示例10: addLog

    addLog('Front-end', 'Login', '' . $_SESSION['user']['user_firstname'] . ' ' . $_SESSION['user']['user_lastname'] . ' (' . $_SESSION['user']['user_account_num'] . ')', 0, 'User successfully logged out');
    unset($_SESSION['user']);
    if (!$_SESSION['admin']['is_logged']) {
        session_destroy();
    }
    header('Location: index.php');
    exit;
}
/**
 * Initialize the login
 */
if (isset($_POST['_login']) && $_POST['l_username'] != '' && $_POST['l_password'] != '') {
    $db = new DBConnection();
    $UserIP = GetHostByName($_SERVER["REMOTE_ADDR"]);
    $username = $_POST['l_username'];
    $username = $db->string_escape($username);
    $password = $_POST['l_password'];
    $password = $db->string_escape($password);
    $query = 'SELECT * FROM users WHERE user_username="' . $username . '" AND user_status=1 AND user_password!="" LIMIT 1';
    $res = $db->rq($query);
    $row = $db->fetch($res);
    $base_password = $row['user_password'];
    $validatePassword = FALSE;
    if ($password == $base_password) {
        $validatePassword = TRUE;
    }
    if ($validatePassword == TRUE && strtolower($row['user_username']) == strtolower($username)) {
        // if everything goes ok
        page_header_simple(1);
        echo '<img src="images/lploader.gif" border="0"><br /><b>System is loading, please wait...</b>';
        page_footer();
开发者ID:sahartak,项目名称:v1poject,代码行数:31,代码来源:common.old.php

示例11: DBConnection

<?php
require '../../vendor/autoload.php';

require_once('ulogin/config/all.inc.php');
require_once('ulogin/main.inc.php');
require_once('auth.php');

if($_SESSION['admin']['is_logged']!=1) {
	header('Location: index.php');
	exit();
}
usleep(150000);
require_once('../../classes/db.class.php');
	$db=new DBConnection();
	$validateSymbol=$db->string_escape($_GET['commodities_symbol']);
	$query='SELECT commodities_id FROM commodities WHERE commodities_symbol="'.$validateSymbol.'" LIMIT 1';
	$res=$db->rq($query);
	$num_rows=$db->num_rows($res);
	if ($num_rows==0){
		$valid = 'true';
	}else{
		$row=$db->fetch($res);
		if($row['commodities_id']>0&&$row['commodities_id']==$_SESSION['admin']['uedit']) {
			$valid = 'true';
		}else{
			$valid = 'false';
		}
	}
	$db->close();
echo $valid;
?>
开发者ID:sahartak,项目名称:v1poject,代码行数:31,代码来源:validateCommoditySymbol.php

示例12: time

    $_SESSION['UserSessionTime'] = time() + MAX_SESSION_TIME;
} else {
    if ($_SESSION['UserSessionTime'] < time()) {
        unset($_SESSION['user']);
        unset($_SESSION['UserSessionTime']);
        session_regenerate_id();
        session_destroy();
        exit;
    } else {
        $_SESSION['UserSessionTime'] = time() + MAX_SESSION_TIME;
    }
}
if ($_SESSION['user']['is_logged'] != 1) {
    header('Location: index.php');
    exit;
}
usleep(150000);
require_once '../classes/db.class.php';
$db = new DBConnection();
$validateBalance = $db->string_escape($_GET['tr_value']);
$validateBalance = str_replace(',', '', $validateBalance);
$query = 'SELECT user_balance FROM users WHERE user_account_num="' . $_SESSION['user']['user_account_num'] . '" LIMIT 1';
$res = $db->rq($query);
$row = $db->fetch($res);
if ($row['user_balance'] >= $validateBalance) {
    $valid = 'true';
} else {
    $valid = 'false';
}
$db->close();
echo $valid;
开发者ID:sahartak,项目名称:v1poject,代码行数:31,代码来源:validateBalance.php

示例13: DBConnection

if (isset($_GET['action'])){
	$cmd=($_GET['action']);
}else{
	$cmd='';
}

if (isset($_POST['_back'])) $cmd='';
$page_content='';
switch ($cmd) {
	case 'new' :
		$page_content=addNewAdvisor();
		break;
	case 'edit' :
		if ($_GET['ref']!=''&&($_GET['advid']+0)==0){
			$db=new DBConnection();
			$query='SELECT users_advisors_id FROM users_advisors WHERE advisor_ref="'.$db->string_escape($_GET['ref']).'" LIMIT 1';
			$res=$db->rq($query);
			$row=$db->fetch($res);
			$_GET['advid']=($row['users_advisors_id']+0);
		}
		$page_content=addNewAdvisor($_GET['advid']+0);
		break;
	case 'delete' :
		if ($_SESSION['admin']['is_logged']==1){
			$db=new DBConnection();
			$getCurrentData=$db->getRow('users_advisors', 'users_advisors_id="'.$_GET['advid'].'"');
			
			$query='DELETE FROM users_advisors WHERE users_advisors_id='.($_GET['advid']+0);
			$db->rq($query);

			addLog('Back-end','Advisors',''.$getCurrentData['advisor_names'].' ('.$getCurrentData['advisor_ref'].')',''.$_SESSION['admin']['name'].' ('.$_SESSION['admin']['refnum'].')','Advisor deleted');
开发者ID:sahartak,项目名称:v1poject,代码行数:31,代码来源:users_advisors.php

示例14: foreach

        $referenceNumber = $_GET['buyref'];
	}elseif ($_GET['sellref']!=''){
		$whatmail='Trade sell details';
        $referenceNumber = $_GET['sellref'];
	}elseif ($_GET['tdref']!=''){
		$whatmail='Transfer deposit details';
        $referenceNumber = $_GET['tdref'];
	}elseif ($_GET['twref']!=''){
		$whatmail='Transfer withdraw details';
        $referenceNumber = $_GET['twref'];
	}else{
		$whatmail='Other';
	}

    foreach ($_POST as $k => $x){
        $_POST[$k] = $db->string_escape($x);
    }

    $mysql_fields='';
    $comma='';
    $count=0;
    foreach ($_POST as $k => $x) {
        if($k != '_submit' && $k != '_preview' && $k != '_form_submit' && $k != 'mail_templates_id' && $k != 'user_account_num' && $k != 'mail_html' && $k != 'mail_plain') {
            if($count != 0){
                $comma=', ';
            }
            
            $mysql_fields.=''.$comma.''.$k.'="'.($x).'"';
            $count++;
        }
    }
开发者ID:sahartak,项目名称:v1poject,代码行数:31,代码来源:mails_singleuser.php

示例15: header

<?php
require_once('template.php');
if(!$_SESSION['admin']['is_logged']) {
    header('Location: index.php');
    exit();
}

$_SESSION['admin']['selected_tab']=5;
unset($_SESSION['admin']['uedit']);
if(isset($_POST['_form_submit'])) {
    $db=new DBConnection();
    foreach ($_POST AS $k=>$x) $_POST[$k]=$db->string_escape($x);
    if(($_POST['edid']+0)>0) {
    	$expiry_short=convertTradeDates(strtotime($_POST['expiry_date']));
    	$query='UPDATE expiry_dates SET expiry_date="'.$_POST['expiry_date'].'", expiry_short="'.$expiry_short.'" WHERE expiry_dates_id='.($_POST['edid']+0).'';
		$db->rq($query);
		
		addLog('Back-end','Back-end Settings, Commodities - exp. dates',0,''.$_SESSION['admin']['name'].' ('.$_SESSION['admin']['refnum'].')','Commodity expiry date edited ('.$_POST['expiry_date'].')');
    }else{
    	$expiry_short=convertTradeDates(strtotime($_POST['expiry_date']));
    	$query='INSERT INTO expiry_dates SET expiry_date="'.$_POST['expiry_date'].'", expiry_short="'.$expiry_short.'"';
		$db->rq($query);
		
		addLog('Back-end','Back-end Settings, Commodities - exp. dates',0,''.$_SESSION['admin']['name'].' ('.$_SESSION['admin']['refnum'].')','Commodity expiry date added ('.$_POST['expiry_date'].')');
    }

    $db->close();
    header('Location: expiry_dates.php');
    exit();
}
开发者ID:sahartak,项目名称:v1poject,代码行数:30,代码来源:expiry_dates.php


注:本文中的DBConnection::string_escape方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。