本文整理汇总了PHP中DBManager::escapeString方法的典型用法代码示例。如果您正苦于以下问题:PHP DBManager::escapeString方法的具体用法?PHP DBManager::escapeString怎么用?PHP DBManager::escapeString使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类DBManager
的用法示例。
在下文中一共展示了DBManager::escapeString方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: executeInner
public function executeInner()
{
// instantiate db
$dbManager = new DBManager();
// make comments safe and nicely formatted
// TODO: strip tags with exceptions (see examples at http://us2.php.net/manual/en/function.strip-tags.php)
// allowable tags <b><strong><u><i><a><em> possibly allowable <ul><ol><li>
// TODO: convert "safe" tags to safe implementations, ex <strong style="foo"></strong> becomes <strong></strong>
// TODO: sanitize anchor tags, ex <a href="javascript://"> is killed and <a href="foo"> becomes <a href="foo" target="_blank">
// escape strings for insert
$name = $dbManager->escapeString($this->name);
$contents = $dbManager->escapeString($this->contents);
// do query
$result = mysql_query("INSERT INTO blogcomments SET blogid=" . $this->blogId . ",name='{$name}', message='{$contents}'");
// check if successful
if ($result) {
$this->addNotice("Successfully posted a blog entry from \"" . $this->name . "\".");
// TODO: determine why trend micro firewall causing this to hang and why email not sending even when not hanging
//$this->notifyAdmins();
} else {
$this->addError("An error occured attempting to add a blog post. " . $dbManager->getLastError());
}
// return success regardless since returned to the same place and error displayed
return GlobalConstants::SUCCESS;
}
示例2: executeInner
protected function executeInner()
{
// update user in database
$userid = $this->getUser()->getUserid();
// instantiate db
$dbManager = new DBManager();
// escape strings for insert
$email = $dbManager->escapeString($this->email);
$result = null;
if (!Str::nullOrEmpty($this->password)) {
// they put something in for password, update it
$password = md5($this->password);
$result = mysql_query("UPDATE users SET email='{$email}', password='{$password}' WHERE userid = {$userid}");
} else {
// just update email
$result = mysql_query("UPDATE users SET email='{$email}' WHERE userid = {$userid}");
}
// check if successful
if (!$result) {
$this->addError("An error occured attempting update user info. " . $dbManager->getLastError());
return GlobalConstants::USER_INPUT;
}
$this->addNotice("Successfully updated user info for \"" . $this->email . "\".");
// get new user object
$result = mysql_query("SELECT * FROM users WHERE userid = {$userid}");
$user = mysql_fetch_object($result, 'User');
// update user object in session
$_SESSION[ValidateCredentials::USER_KEY] = $user;
// return success regardless since returned to the same place and error displayed
return GlobalConstants::SUCCESS;
}
示例3: executeInner
public function executeInner()
{
// instantiate db
$dbManager = new DBManager();
// escape strings for insert
$title = $dbManager->escapeString($this->postTitle);
$contents = $dbManager->escapeString($this->contents);
// do query
$result = mysql_query("UPDATE blog SET title='{$title}', message='{$contents}' WHERE blogid = " . $this->blogId);
// check if successful
if ($result) {
$this->addNotice("blog.notice.blogUpdated", array('id' => $this->blogId));
} else {
$this->addError("blog.error.failedBlogUpdate", array("error" => $dbManager->getLastError()));
}
// return success regardless since returned to the same place and error displayed
return GlobalConstants::SUCCESS;
}
示例4: executeInner
protected function executeInner()
{
$dbManager = new DBManager();
// prepare input for query
$email = $dbManager->escapeString($this->email);
// get user info from db
$result = mysql_query("SELECT * FROM users WHERE email ='" . $email . "'");
// if does not exist, add error and return user error
if (mysql_num_rows($result) == 0) {
$this->addError("login.error.invalidEmail", array("email" => $this->email), "email");
return GlobalConstants::USER_ERROR;
}
// convert result into user object
$user = mysql_fetch_object($result, 'User');
// check md5 of submitted password and what is stored in the db
if (!$user->validatePassword($this->password)) {
$this->addError("login.error.invalidPassword", null, "email");
return GlobalConstants::USER_ERROR;
}
$this->addNotice("login.notice.credentialsValid", array("email" => $this->email));
// push user object into session
$_SESSION[self::USER_KEY] = $user;
}