当前位置: 首页>>代码示例>>PHP>>正文

PHP DBManager::escapeString方法代码示例

本文整理汇总了PHP中DBManager::escapeString方法的典型用法代码示例。如果您正苦于以下问题:PHP DBManager::escapeString方法的具体用法?PHP DBManager::escapeString怎么用?PHP DBManager::escapeString使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在DBManager的用法示例。


在下文中一共展示了DBManager::escapeString方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: executeInner

 public function executeInner()
 {
     // instantiate db
     $dbManager = new DBManager();
     // make comments safe and nicely formatted
     // TODO: strip tags with exceptions (see examples at http://us2.php.net/manual/en/function.strip-tags.php)
     // allowable tags <b><strong><u><i><a><em> possibly allowable <ul><ol><li>
     // TODO: convert "safe" tags to safe implementations, ex <strong style="foo"></strong> becomes <strong></strong>
     // TODO: sanitize anchor tags, ex <a href="javascript://"> is killed and <a href="foo"> becomes <a href="foo" target="_blank">
     // escape strings for insert
     $name = $dbManager->escapeString($this->name);
     $contents = $dbManager->escapeString($this->contents);
     // do query
     $result = mysql_query("INSERT INTO blogcomments SET blogid=" . $this->blogId . ",name='{$name}', message='{$contents}'");
     // check if successful
     if ($result) {
         $this->addNotice("Successfully posted a blog entry from \"" . $this->name . "\".");
         // TODO: determine why trend micro firewall causing this to hang and why email not sending even when not hanging
         //$this->notifyAdmins();
     } else {
         $this->addError("An error occured attempting to add a blog post. " . $dbManager->getLastError());
     }
     // return success regardless since returned to the same place and error displayed
     return GlobalConstants::SUCCESS;
 }
开发者ID:Rkandel23,项目名称:ubar,代码行数:25,代码来源:PostBlogComment.php

示例2: executeInner

 protected function executeInner()
 {
     // update user in database
     $userid = $this->getUser()->getUserid();
     // instantiate db
     $dbManager = new DBManager();
     // escape strings for insert
     $email = $dbManager->escapeString($this->email);
     $result = null;
     if (!Str::nullOrEmpty($this->password)) {
         // they put something in for password, update it
         $password = md5($this->password);
         $result = mysql_query("UPDATE users SET email='{$email}', password='{$password}' WHERE userid = {$userid}");
     } else {
         // just update email
         $result = mysql_query("UPDATE users SET email='{$email}' WHERE userid = {$userid}");
     }
     // check if successful
     if (!$result) {
         $this->addError("An error occured attempting update user info. " . $dbManager->getLastError());
         return GlobalConstants::USER_INPUT;
     }
     $this->addNotice("Successfully updated user info for \"" . $this->email . "\".");
     // get new user object
     $result = mysql_query("SELECT * FROM users WHERE userid = {$userid}");
     $user = mysql_fetch_object($result, 'User');
     // update user object in session
     $_SESSION[ValidateCredentials::USER_KEY] = $user;
     // return success regardless since returned to the same place and error displayed
     return GlobalConstants::SUCCESS;
 }
开发者ID:Rkandel23,项目名称:ubar,代码行数:31,代码来源:UpdateAccount.php

示例3: executeInner

 public function executeInner()
 {
     // instantiate db
     $dbManager = new DBManager();
     // escape strings for insert
     $title = $dbManager->escapeString($this->postTitle);
     $contents = $dbManager->escapeString($this->contents);
     // do query
     $result = mysql_query("UPDATE blog SET title='{$title}', message='{$contents}' WHERE blogid = " . $this->blogId);
     // check if successful
     if ($result) {
         $this->addNotice("blog.notice.blogUpdated", array('id' => $this->blogId));
     } else {
         $this->addError("blog.error.failedBlogUpdate", array("error" => $dbManager->getLastError()));
     }
     // return success regardless since returned to the same place and error displayed
     return GlobalConstants::SUCCESS;
 }
开发者ID:Rkandel23,项目名称:ubar,代码行数:18,代码来源:PostBlogUpdate.php

示例4: executeInner

 protected function executeInner()
 {
     $dbManager = new DBManager();
     // prepare input for query
     $email = $dbManager->escapeString($this->email);
     // get user info from db
     $result = mysql_query("SELECT * FROM users WHERE email ='" . $email . "'");
     // if does not exist, add error and return user error
     if (mysql_num_rows($result) == 0) {
         $this->addError("login.error.invalidEmail", array("email" => $this->email), "email");
         return GlobalConstants::USER_ERROR;
     }
     // convert result into user object
     $user = mysql_fetch_object($result, 'User');
     // check md5 of submitted password and what is stored in the db
     if (!$user->validatePassword($this->password)) {
         $this->addError("login.error.invalidPassword", null, "email");
         return GlobalConstants::USER_ERROR;
     }
     $this->addNotice("login.notice.credentialsValid", array("email" => $this->email));
     // push user object into session
     $_SESSION[self::USER_KEY] = $user;
 }
开发者ID:Rkandel23,项目名称:ubar,代码行数:23,代码来源:ValidateCredentials.php


注:本文中的DBManager::escapeString方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。