当前位置: 首页>>代码示例>>PHP>>正文


PHP Security::escape方法代码示例

本文整理汇总了PHP中Security::escape方法的典型用法代码示例。如果您正苦于以下问题:PHP Security::escape方法的具体用法?PHP Security::escape怎么用?PHP Security::escape使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在Security的用法示例。


在下文中一共展示了Security::escape方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: resetPassword

 public function resetPassword($user, $key, $password)
 {
     $db = new Database();
     $user = Security::escape($user);
     $oldKey = Security::escape($key);
     $password = Security::escape($password);
     $key = Security::generateKey();
     $password = Security::encode($password);
     $req = "SELECT * FROM accounts WHERE username = ? AND userKey = ?";
     $result = $db->execute($req, array($user, $oldKey));
     $stmt = $result->fetch();
     $req = "UPDATE accounts SET userKey = ? WHERE id = ?";
     $db->execute($req, array($key, $stmt['id']));
     $req = "UPDATE passwords SET password = ? WHERE account = ?";
     $db->execute($req, array($password, $stmt['id']));
 }
开发者ID:alexandre-le-borgne,项目名称:-PHP-DUT-S3-Projet,代码行数:16,代码来源:UserModel.php

示例2: lister

 /**
  * Creates a list (an array) of objects of the class, based on the value of a certain field. Offsets, limits, types of search, sort orders and groupings can be specified as well
  *
  * @param string $sender the class used
  * @param string $field the field used to select the values that we want
  * @param string $value the value that the field should have
  * @param string $order the field by which we should sort the list (if specified)
  * @param string $offset an offset used to skip a number of objects (if specified)
  * @param string $limit used to limit the number of returned objects (if specified)
  * @param string $search if set, this overrides the value and is used instead. uses LIKE '%search%' in sql instead of =
  * @param string $way the sort order (asc or desc)
  * @param string $group any group by clause
  * @uses Security::escape()
  * @uses function classToTable to get the correct tablename for the class (the sender parameter)
  * @uses DB::query to get a list of matching ids
  * @uses function loadByIds to load all objects that are to be returned from the function
  * @return array an array of objects based on the parameters
  */
 protected static function lister($sender, $field = null, $value = null, $order = null, $offset = null, $limit = null, $search = null, $way = null, $group = null)
 {
     // returnerar en lista med objekt där ett visst fält ($field) har ett visst värde ($value)
     global $db;
     $value = Security::escape($value);
     $table = self::classToTable($sender);
     $sql = "select * from {$table} ";
     if ($field != null && $search != null) {
         $sql .= "where {$field} like '%{$search}%' ";
     } elseif ($field != "" && $value != "") {
         $sql .= "where {$field} = '{$value}' ";
     }
     if ($group) {
         $sql .= "group by " . $group . " ";
     }
     if ($order) {
         $sql .= "order by " . $order . " ";
     }
     if ($way) {
         $sql .= $way . " ";
     }
     if ($offset == null && $limit != null) {
         $sql .= "limit 0," . $limit . " ";
     } elseif ($offset) {
         $sql .= "limit " . $offset . "," . $limit . " ";
     }
     $res = $db->query($sql);
     $objects = array();
     while ($row = mysql_fetch_assoc($res)) {
         $objects[$row["id"]] = self::__getObj($sender, $row);
     }
     if (defined("DEBUG") && DEBUG && isset($_GET["mobject_debug"])) {
         echo "\n<!--\n";
         echo "    Running query for {$sender} objects.\n";
         echo "    SQL: {$sql}\nResults:\n";
         var_dump($objects);
         echo "\n-->\n";
     }
     return $objects;
 }
开发者ID:krillo,项目名称:motiomera,代码行数:58,代码来源:Mobject.php

示例3: startOrongo

<?php

/**
 * @author Jaco Ruit
 */
require '../startOrongo.php';
startOrongo();
if (isset($_POST['username']) && isset($_POST['password']) && !isset($_SESSION['orongo-id']) && !isset($_SESSION['orongo-session-id'])) {
    $username = Security::escape($_POST['username']);
    $password = Security::hash($_POST['password']);
    if (User::usernameExists($username)) {
        $userID = User::getUserID($username);
        $goodLogin = User::isGoodPassword($userID, $password);
        if ($goodLogin) {
            if (!User::userIsActivated($userID)) {
                header("Location: ../orongo-login.php?msg=7");
                exit;
            } else {
                $_SESSION['orongo-id'] = $userID;
                $_SESSION['orongo-session-id'] = Session::createSession($userID);
                header("Location: ../orongo-admin/");
                exit;
            }
        } else {
            header("Location: ../orongo-login.php?msg=0");
            exit;
        }
    } else {
        header("Location: ../orongo-login.php?msg=0");
        exit;
    }
开发者ID:JacoRuit,项目名称:orongocms,代码行数:31,代码来源:action_Login.php

示例4: header

     exit;
 }
 if ($_POST['password'] != $_POST['password_again']) {
     header("Location: " . orongoURL("orongo-register.php?msg=0"));
     exit;
 }
 if (strlen($_POST['username']) < 4 || strlen($_POST['username']) > 20) {
     header("Location: " . orongoURL("orongo-register.php?msg=2"));
     exit;
 }
 if (strlen($_POST['password']) < 6) {
     header("Location: " . orongoURL("orongo-register.php?msg=3"));
     exit;
 }
 $name = Security::escape($_POST['username']);
 $email = Security::escape($_POST['email']);
 $password = Security::hash($_POST['password']);
 if (User::usernameExists($name) == false) {
     $user = null;
     try {
         $user = User::registerUser($name, $email, $password, RANK_USER);
     } catch (Exception $e) {
         header("Location: " . orongoURL("orongo-login.php?msg=3"));
         exit;
     }
     $activationLink = User::generateActivationURL($user->getID());
     $mail = MailFactory::generateActivationEmail($user->getName(), $activationLink);
     $sendEmail = mail($user->getEmail(), $mail['subject'], $mail['message'], $mail['headers']);
     if (!$sendEmail) {
         header("Location: " . orongoURL("orongo-login.php?msg=3"));
         exit;
开发者ID:JacoRuit,项目名称:orongocms,代码行数:31,代码来源:action_Register.php

示例5: define

define("OK", 31);
function errorDie($paramError, $paramErrorCode)
{
    $arrayToJs = array();
    $arrayToJs["response"] = $paramError;
    $arrayToJs["response_code"] = $paramErrorCode;
    die(json_encode($arrayToJs));
}
if (!isset($_POST['article']) || !is_numeric($_POST['article'])) {
    errorDie("No article!", NO_ARTICLE);
    exit;
}
if (!isset($_POST['content'])) {
    errorDie("Comment has no content!", NO_CONTENT);
    exit;
}
if (strlen($_POST['content']) < 3) {
    errorDie("Content is too short!", TOO_SHORT);
    exit;
}
$user = getUser();
if ($user == null) {
    errorDie("You need to be logged in in order to post comments.", NOT_LOGGED_IN);
    exit;
}
$comment = Comment::createComment(Security::escape($_POST['article']), $user);
$comment->setContent(Security::escape($_POST['content']));
$succesArray = array();
$succesArray["response"] = "Comment posted!";
$succesArray["response_code"] = OK;
die(json_encode($succesArray));
开发者ID:JacoRuit,项目名称:orongocms,代码行数:31,代码来源:postComment.php

示例6: foreach

    exit;
}
foreach ($lastCommentArr as $comment) {
    if ($comment instanceof Comment == false) {
        continue;
    }
    if ($comment->getID() <= $_POST['last_comment_id']) {
        errorDie("No new comments! ", NO_NEW_COMMENTS);
        exit;
    } else {
        $newLCID = $comment->getID();
    }
}
$newComments = null;
try {
    $newComments = orongo_query("action=fetch&object=comment&max=1000000&offset=" . Security::escape($_POST['offset']) . "&order=comment.id,asc&where=article.id:" . Security::escape($_POST['article']));
} catch (Exception $e) {
    die("500");
}
$newComments = array_reverse($newComments);
$html = "";
if (getStyle()->doCommentHTML()) {
    try {
        $html = getStyle()->getCommentsHTML($newComments);
    } catch (Exception $e) {
        foreach ($newComments as $comment) {
            $html .= $comment->toHTML();
        }
    }
} else {
    foreach ($newComments as $comment) {
开发者ID:JacoRuit,项目名称:orongocms,代码行数:31,代码来源:loadComments.php

示例7: PopSmarty

<?php

require_once $_SERVER["DOCUMENT_ROOT"] . "/php/init.php";
Security::demand(USER, null, false);
$smarty = new PopSmarty();
$mid = Security::escape($_GET['id']);
$do = Security::escape($_GET['do']);
$medlem_to_send = Medlem::loadById($mid);
$smarty->assign("medlem_to_send", $medlem_to_send);
$smarty->assign("mid", $mid);
if ($do == 'send') {
    $smarty->assign("is_replay", false);
    if (isset($_GET['re'])) {
        $id = Security::escape($_GET['re']);
        $mail_to_read = MotiomeraMail::loadById($id);
        $smarty->assign("is_replay", true);
        $text_message_decoded = str_replace("<br>", "", $mail_to_read->getMsg());
        $text_message_decoded = str_replace("<br />", "", $mail_to_read->getMsg());
        $text_message = "\n\n********************\n";
        $text_message .= $text_message_decoded;
        $smarty->assign("text_message", $text_message);
        $smarty->assign("mail_to_read", $mail_to_read);
    }
    $action = "send";
} else {
    if ($do == 'sent') {
        $action = "sent";
    }
}
$smarty->assign("action", $action);
$smarty->display('send_mail.tpl');
开发者ID:krillo,项目名称:motiomera,代码行数:31,代码来源:send_mail.php

示例8: isset

<?php

include $_SERVER["DOCUMENT_ROOT"] . "/php/init.php";
Security::demand(USER);
$id_to_remove = Security::escape($_POST['id_to_remove']);
MotiomeraMail::removeMail($id_to_remove);
/*
$send_to = Security::escape($_POST['mid']);
$amne = isset($_POST['amne']) ? Security::escape($_POST['amne']) : "";
$msg = isset($_POST['msg']) ? $_POST['msg'] : "";
$sent_from = $USER->getId();
$date = date("Y-m-d H:i:s");

$mm_mail = new MotiomeraMail($amne, $msg, $sent_from, $send_to, $date, 0, 0);

header("Location: /pages/mail.php?do=sent&mid=" . $send_to);
*/
开发者ID:krillo,项目名称:motiomera,代码行数:17,代码来源:delete_mail.php

示例9:

<?php

include $_SERVER["DOCUMENT_ROOT"] . "/php/init.php";
Security::demand(USER);
$my_id = Security::escape($_POST['my_id']);
$action = Security::escape($_POST['todo']);
$folder_name = Security::escape($_POST['folder_name']);
if ($action == 'create') {
    $motiomeraMail_Folders = new MotiomeraMail_Folders($my_id);
    $folder_created = $motiomeraMail_Folders->createFolder(utf8_encode($folder_name));
    if ($folder_created) {
        echo '1';
        exit;
    }
    echo '0';
    exit;
}
开发者ID:krillo,项目名称:motiomera,代码行数:17,代码来源:mailfoldermanager.php

示例10: Tagg

     if (isset($_GET["id"])) {
         // uppdatera bilden
         $db->nonquery("\tUPDATE\n\t\t\t\t\t\t\t\tmm_fotoalbumbild\n\t\t\t\t\t\t\tSET\n\t\t\t\t\t\t\t\tnamn = '" . Security::escape($_POST["namn"]) . "',\n\t\t\t\t\t\t\t\tbeskrivning = '" . Security::escape($_POST["beskrivning"]) . "',\n\t\t\t\t\t\t\t\tfotoalbum_id = '" . Security::escape($_POST["fotoalbum"]) . "'\n\t\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t\tid = '" . $_GET["id"] . "'\n\t\t\t");
         if (!empty($_POST['kid']) || !empty($_GET['id'])) {
             $tag = new Tagg(array('objekt_table' => 'mm_fotoalbumbild', 'objekt_id' => $_GET["id"], 'objekt_namn' => $_POST['namn'], 'tag_table' => 'mm_kommun', 'tag_id' => $_POST['kid'], 'medlem_id' => $USER->getId()));
         }
         $urlHandler->redirect("Fotoalbum", URL_VIEW, $_GET["fid"]);
     } else {
         // uppdatera namn & beskrivningar på fotona
         foreach ($_POST["namn"] as $id => $namn) {
             if (isset($_POST["fotoalbum"][$id])) {
                 $album_sql = ", fotoalbum_id = '" . Security::escape($_POST["fotoalbum"][$id]) . "'";
             } else {
                 $album_sql = "";
             }
             $db->nonquery("\tUPDATE\n\t\t\t\t\t\t\t\t\tmm_fotoalbumbild\n\t\t\t\t\t\t\t\tSET\n\t\t\t\t\t\t\t\t\tnamn = '" . Security::escape($_POST["namn"][$id]) . "',\n\t\t\t\t\t\t\t\t\tbeskrivning = '" . Security::escape($_POST["beskrivning"][$id]) . "'\n\t\t\t\t\t\t\t\t\t{$album_sql}\n\t\t\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t\t\tid = '" . $id . "'\n\t\t\t\t");
         }
         if (!empty($_POST['kid'])) {
             $tag = new Tagg(array('objekt_table' => 'mm_fotoalbumbild', 'objekt_id' => $id, 'objekt_namn' => $_POST['namn'], 'tag_table' => 'mm_kommun', 'tag_id' => $_POST['kid'], 'medlem_id' => $USER->getId()));
         }
         $urlHandler->redirect("Fotoalbum", URL_LIST);
     }
     break;
 case "anslagstavlarad":
     if (isset($_POST["aid"])) {
         $anslagstavla = Anslagstavla::loadById($_POST["aid"]);
         $anslagstavla->addRad($_POST["atext"]);
     }
     break;
 case "newkeys":
     if (isset($_GET['foretagsid']) && isset($_GET['orderid']) && isset($_GET['numkeys']) && (int) $_GET['numkeys'] > 0 && Security::authorized(ADMIN)) {
开发者ID:krillo,项目名称:motiomera,代码行数:31,代码来源:save.php

示例11: PopSmarty

<?php

require_once $_SERVER["DOCUMENT_ROOT"] . "/php/init.php";
Security::demand(USER, null, false);
$smarty = new PopSmarty();
$id = Security::escape($_GET['id']);
$is_inbox = isset($_GET['is_inbox']) ? Security::escape($_GET['is_inbox']) : false;
$mail_to_read = MotiomeraMail::loadById($id);
if (!isset($USER) || !($mail_to_read->getToId() == $USER->getId() or $mail_to_read->getSentFrom() == $USER->getId())) {
    throw new UserException('Ett fel har uppstått', 'Mailet du försöker läsa är inte skickat till dig.');
}
if (isset($is_inbox) && $is_inbox == '1') {
    $mail_to_read->setIsRead(1);
}
$smarty->assign("id", $id);
$smarty->assign("is_inbox", $is_inbox);
$smarty->assign("mail_to_read", $mail_to_read);
$smarty->assign("my_id", $USER->getId());
global $SETTINGS;
$fromMedlem = Medlem::loadById($mail_to_read->getSentFrom());
$smarty->assign("medlem", $fromMedlem);
$reserverade_anvandare = $SETTINGS["reserverade_anvandare"];
foreach ($reserverade_anvandare as $k => $anv) {
    $reserverade_anvandare[$k] = strtolower($anv);
}
if (isset($SETTINGS["reserverade_anvandare"])) {
    $replyable = in_array(strtolower($fromMedlem->getANamn()), $reserverade_anvandare) ? 0 : 1;
} else {
    $replyable = 1;
}
$smarty->assign("replyable", $replyable);
开发者ID:krillo,项目名称:motiomera,代码行数:31,代码来源:read_mail.php

示例12:

<?php

include $_SERVER["DOCUMENT_ROOT"] . "/php/init.php";
Security::demand(USER);
$folder_id = Security::escape($_GET['folder_id']);
$move_to = Security::escape($_GET['move_to']);
$nrofmails = Security::escape($_GET['nrofmails']);
if ($nrofmails > 0) {
    for ($i = 0; $i < $nrofmails; $i++) {
        $getvar = 'mail_id_' . $i;
        $mail_id = Security::escape($_GET[$getvar]);
        $motiomeraMail = MotiomeraMail::loadById($mail_id);
        $motiomeraMail->setToInFolder($move_to);
    }
}
header("Location: /pages/mail.php?do=inbox&folder_id=" . $folder_id);
开发者ID:krillo,项目名称:motiomera,代码行数:16,代码来源:movemailtofolder.php

示例13: escape

 public function escape($string)
 {
     return Security::escape($string);
 }
开发者ID:alexandre-le-borgne,项目名称:-PHP-DUT-S3-Projet,代码行数:4,代码来源:View.php

示例14: PopSmarty

<?php

require_once $_SERVER["DOCUMENT_ROOT"] . "/php/init.php";
Security::demand(USER, null, false);
$smarty = new PopSmarty();
$id = Security::escape($USER->getId());
$myself = Medlem::loadById($id);
$my_contacts = $myself->getUsersThatHasMeAsContact(0);
$smarty->assign("my_contacts", $my_contacts);
$smarty->assign("my_id", $USER->getId());
$smarty->display('write_new.tpl');
开发者ID:krillo,项目名称:motiomera,代码行数:11,代码来源:write_new.php

示例15:

<?php

include $_SERVER["DOCUMENT_ROOT"] . "/php/init.php";
Security::demand(USER);
$my_id = Security::escape($_POST['my_id']);
$multiple = Security::escape($_POST['multiple']);
if ($multiple == 0) {
    $folder_id = Security::escape($_POST['folder_id']);
    MotiomeraMail::removeMailFromFolder($folder_id, $my_id);
} else {
    $nroffolders = Security::escape($_POST['nroffolders']);
    for ($i = 0; $i < $nroffolders; $i++) {
        $postvar = 'folder_id_' . $i;
        $folder_id = Security::escape($_POST[$postvar]);
        MotiomeraMail::removeMailFromFolder($folder_id, $my_id);
    }
}
开发者ID:krillo,项目名称:motiomera,代码行数:17,代码来源:removefolder.php


注:本文中的Security::escape方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。