本文整理汇总了PHP中Security::remove_XSS方法的典型用法代码示例。如果您正苦于以下问题:PHP Security::remove_XSS方法的具体用法?PHP Security::remove_XSS怎么用?PHP Security::remove_XSS使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类Security
的用法示例。
在下文中一共展示了Security::remove_XSS方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: __construct
/**
* constructor
* @path the path to a folder
* @calculateSubdir force to get the subdirectories information
*/
function __construct($path = null, $calculateSubdir = true)
{
$this->calculateSubdir = $calculateSubdir;
if (defined('CONFIG_SYS_FOLDER_SHOWN_ON_TOP')) {
$this->forceFolderOnTop = CONFIG_SYS_FOLDER_SHOWN_ON_TOP;
}
if (!is_null($path)) {
$this->currentFolderPath = $path;
} elseif (isset($_GET[$this->folderPathIndex]) && file_exists(base64_decode($_GET[$this->folderPathIndex])) && !is_file(base64_decode($_GET[$this->folderPathIndex]))) {
$this->currentFolderPath = api_htmlentities(Security::remove_XSS($_GET[$this->folderPathIndex]));
} elseif (isset($_SESSION[$this->lastVisitedFolderPathIndex]) && file_exists($_SESSION[$this->lastVisitedFolderPathIndex]) && !is_file($_SESSION[$this->lastVisitedFolderPathIndex])) {
$this->currentFolderPath = $_SESSION[$this->lastVisitedFolderPathIndex];
} else {
$this->currentFolderPath = CONFIG_SYS_DEFAULT_PATH;
}
$this->currentFolderPath = isUnderRoot($this->getCurrentFolderPath()) ? backslashToSlash(addTrailingSlash($this->getCurrentFolderPath())) : $this->currentFolderPath;
$this->currentFolderPath = base64_encode($this->currentFolderPath);
if ($this->calculateSubdir) {
// keep track of this folder path in session
$_SESSION[$this->lastVisitedFolderPathIndex] = $this->currentFolderPath;
}
if (is_dir($this->getCurrentFolderPath())) {
$file = new file($this->getCurrentFolderPath());
$folderInfo = $file->getFileInfo();
if (sizeof($folderInfo)) {
//for Chamilo in a name folder, replace num user by user names
if (preg_match('/sf_user_/', basename($this->getCurrentFolderPath()))) {
$userinfo = api_get_user_info(substr(basename($this->getCurrentFolderPath()), 8));
$this->currentFolderInfo['name'] = $userinfo['complete_name'];
} else {
$this->currentFolderInfo['name'] = str_replace('_', ' ', basename($this->getCurrentFolderPath()));
//for Chamilo. Prevent long directory name
}
if (preg_match('/shared_folder/', basename($this->getCurrentFolderPath()))) {
$this->currentFolderInfo['name'] = get_lang('UserFolders');
}
if (preg_match('/shared_folder_session_/', basename($this->getCurrentFolderPath()))) {
$session = explode('_', basename($this->getCurrentFolderPath()));
$session = strtolower($session[sizeof($session) - 1]);
$this->currentFolderInfo['name'] = get_lang('UserFolders') . ' (' . api_get_session_name($session) . ')*';
}
//end Chamilo
$this->currentFolderInfo['subdir'] = 0;
$this->currentFolderInfo['file'] = 0;
$this->currentFolderInfo['ctime'] = $folderInfo['ctime'];
$this->currentFolderInfo['mtime'] = $folderInfo['mtime'];
$this->currentFolderInfo['is_readable'] = $folderInfo['is_readable'];
$this->currentFolderInfo['is_writable'] = $folderInfo['is_writable'];
$this->currentFolderInfo['path'] = $this->getCurrentFolderPath();
$this->currentFolderInfo['path_base64'] = base64_encode($this->getCurrentFolderPath());
$this->currentFolderInfo['friendly_path'] = transformFilePath($this->getCurrentFolderPath());
$this->currentFolderInfo['type'] = 'folder';
$this->currentFolderInfo['cssClass'] = 'folder';
//$this->currentFolderInfo['flag'] = $folderInfo['flag'];
}
}
if ($calculateSubdir && !file_exists($this->getCurrentFolderPath())) {
die(ERR_FOLDER_NOT_FOUND . $this->getCurrentFolderPath());
}
}
示例2: read
/**
* Read file and returns an array filled up with its' content.
*
* @return array of objects
*/
protected function read()
{
$result = array();
$path = $this->path;
if (!is_readable($path)) {
return array();
}
$items = \Import::csv_reader($path);
foreach ($items as $item) {
$item = (object) $item;
$title = isset($item->title) ? trim($item->title) : '';
$content = isset($item->content) ? trim($item->content) : '';
$type = isset($item->type) ? trim($item->type) : '';
$title = \Security::remove_XSS($title);
$content = \Security::remove_XSS($content);
$type = \Security::remove_XSS($type);
$is_blank_line = empty($title) && empty($content) && empty($type);
if ($is_blank_line) {
continue;
}
$type = CourseDescriptionType::repository()->find_one_by_name($type);
$type_id = $type ? $type->id : 0;
$description = CourseDescription::create();
$description->title = $title;
$description->content = $content;
$description->description_type = $type_id;
$result[] = $description;
}
return $result;
}
示例3: check_download_survey
/**
* @package chamilo.survey
* @author Arnaud Ligot <arnaud@cblue.be>
* @version $Id: $
*
* A small peace of code to enable user to access images included into survey
* which are accessible by non authenticated users. This file is included
* by document/download.php
*/
function check_download_survey($course, $invitation, $doc_url)
{
require_once 'survey.lib.php';
// Getting all the course information
$_course = CourseManager::get_course_information($course);
$course_id = $_course['real_id'];
// Database table definitions
$table_survey = Database::get_course_table(TABLE_SURVEY);
$table_survey_question = Database::get_course_table(TABLE_SURVEY_QUESTION);
$table_survey_question_option = Database::get_course_table(TABLE_SURVEY_QUESTION_OPTION);
$table_survey_invitation = Database::get_course_table(TABLE_SURVEY_INVITATION);
// Now we check if the invitationcode is valid
$sql = "SELECT * FROM {$table_survey_invitation} WHERE c_id = {$course_id} AND invitation_code = '" . Database::escape_string($invitation) . "'";
$result = Database::query($sql);
if (Database::num_rows($result) < 1) {
Display::display_error_message(get_lang('WrongInvitationCode'), false);
Display::display_footer();
exit;
}
$survey_invitation = Database::fetch_assoc($result);
// Now we check if the user already filled the survey
if ($survey_invitation['answered'] == 1) {
Display::display_error_message(get_lang('YouAlreadyFilledThisSurvey'), false);
Display::display_footer();
exit;
}
// Very basic security check: check if a text field from a survey/answer/option contains the name of the document requested
// Fetch survey ID
// If this is the case there will be a language choice
$sql = "SELECT * FROM {$table_survey} WHERE c_id = {$course_id} AND code='" . Database::escape_string($survey_invitation['survey_code']) . "'";
$result = Database::query($sql);
if (Database::num_rows($result) > 1) {
if ($_POST['language']) {
$survey_invitation['survey_id'] = $_POST['language'];
} else {
echo '<form id="language" name="language" method="POST" action="' . api_get_self() . '?course=' . Security::remove_XSS($_GET['course']) . '&invitationcode=' . Security::remove_XSS($_GET['invitationcode']) . '">';
echo ' <select name="language">';
while ($row = Database::fetch_assoc($result)) {
echo '<option value="' . $row['survey_id'] . '">' . $row['lang'] . '</option>';
}
echo '</select>';
echo ' <input type="submit" name="Submit" value="' . get_lang('Ok') . '" />';
echo '</form>';
display::display_footer();
exit;
}
} else {
$row = Database::fetch_assoc($result);
$survey_invitation['survey_id'] = $row['survey_id'];
}
$sql = "SELECT count(*) FROM {$table_survey} WHERE c_id = {$course_id} AND survey_id = " . $survey_invitation['survey_id'] . "\n\t\t\t\t\t\t\t\tand (\n\t\t\t\t\t\t\t\t\ttitle LIKE '%{$doc_url}%'\n\t\t\t\t\t\t\t\t\tor subtitle LIKE '%{$doc_url}%'\n\t\t\t\t\t\t\t\t\tor intro LIKE '%{$doc_url}%'\n\t\t\t\t\t\t\t\t\tor surveythanks LIKE '%{$doc_url}%'\n\t\t\t\t\t\t\t\t)\n\t\tunion select count(*) from {$table_survey_question} where c_id = {$course_id} AND survey_id = " . $survey_invitation['survey_id'] . "\n\t\t\t\t\t\t\t\tand (\n\t\t\t\t\t\t\t\t\tsurvey_question LIKE '%{$doc_url}%'\n\t\t\t\t\t\t\t\t\tor survey_question_comment LIKE '%{$doc_url}%'\n\t\t\t\t\t\t\t\t)\n\t\tunion select count(*) from {$table_survey_question_option} where c_id = {$course_id} AND survey_id = " . $survey_invitation['survey_id'] . "\n\t\t\t\t\t\t\t\tand (\n\t\t\t\t\t\t\t\t\toption_text LIKE '%{$doc_url}%'\n\t\t\t\t\t\t\t\t)";
$result = Database::query($sql);
if (Database::num_rows($result) == 0) {
Display::display_error_message(get_lang('WrongInvitationCode'), false);
Display::display_footer();
exit;
}
return $_course;
}
示例4: modify_filter
/**
* Filter for sortable table to display edit icons for class
*/
function modify_filter($class_id)
{
$class_id = Security::remove_XSS($class_id);
$result = '<a href="class_information.php?id=' . $class_id . '">' . Display::return_icon('synthese_view.gif', get_lang('Info')) . '</a>';
$result .= ' <a href="class_edit.php?idclass=' . $class_id . '">' . Display::return_icon('edit.png', get_lang('Edit')) . '</a>';
$result .= ' <a href="subscribe_user2class.php?idclass=' . $class_id . '">' . Display::return_icon('add_multiple_users.gif', get_lang('AddUsersToAClass')) . '</a>';
$result .= ' <a href="class_list.php?action=delete_class&class_id=' . $class_id . '" onclick="javascript: if(!confirm(' . "'" . addslashes(get_lang("ConfirmYourChoice")) . "'" . ')) return false;">' . Display::return_icon('delete.png', get_lang('Delete')) . '</a>';
return $result;
}
示例5: build_simple_search
protected function build_simple_search()
{
if (isset($_GET['search']) && !empty($_GET['search'])) {
$this->setDefaults(array('keyword' => Security::remove_XSS($_GET['search'])));
}
$renderer =& $this->defaultRenderer();
$renderer->setCustomElementTemplate('<span>{element}</span> ');
$this->addElement('text', 'keyword', '');
$this->addButtonSearch(get_lang('Search'), 'submit');
}
示例6: heartbeat
/**
* Refreshes the chat windows (usually called every x seconds through AJAX)
* @return void (prints JSON array of chat windows)
*/
public function heartbeat()
{
$to_user_id = api_get_user_id();
$minutes = 60;
$now = time() - $minutes * 60;
$now = api_get_utc_datetime($now);
//OR sent > '$now'
$sql = "SELECT * FROM " . $this->table . "\n WHERE to_user = '" . intval($to_user_id) . "' AND ( recd = 0 ) ORDER BY id ASC";
$result = Database::query($sql);
$chat_list = array();
while ($chat = Database::fetch_array($result, 'ASSOC')) {
$chat_list[$chat['from_user']]['items'][] = $chat;
}
$items = array();
foreach ($chat_list as $from_user_id => $rows) {
$rows = $rows['items'];
$user_info = api_get_user_info($from_user_id, true);
//Cleaning tsChatBoxes
unset($_SESSION['tsChatBoxes'][$from_user_id]);
foreach ($rows as $chat) {
$chat['message'] = Security::remove_XSS($chat['message']);
$item = array('s' => '0', 'f' => $from_user_id, 'm' => $chat['message'], 'username' => $user_info['complete_name'], 'id' => $chat['id']);
$items[$from_user_id]['items'][] = $item;
$items[$from_user_id]['user_info']['user_name'] = $user_info['complete_name'];
$items[$from_user_id]['user_info']['online'] = $user_info['user_is_online'];
$_SESSION['openChatBoxes'][$from_user_id] = api_strtotime($chat['sent'], 'UTC');
}
$_SESSION['chatHistory'][$from_user_id]['items'][] = $item;
$_SESSION['chatHistory'][$from_user_id]['user_info']['user_name'] = $user_info['complete_name'];
$_SESSION['chatHistory'][$from_user_id]['user_info']['online'] = $user_info['user_is_online'];
}
if (!empty($_SESSION['openChatBoxes'])) {
foreach ($_SESSION['openChatBoxes'] as $user_id => $time) {
if (!isset($_SESSION['tsChatBoxes'][$user_id])) {
$now = time() - $time;
$time = api_convert_and_format_date($time, DATE_TIME_FORMAT_SHORT_TIME_FIRST);
$message = sprintf(get_lang('SentAtX'), $time);
if ($now > 180) {
$item = array('s' => '2', 'f' => $user_id, 'm' => $message);
if (isset($_SESSION['chatHistory'][$user_id])) {
$_SESSION['chatHistory'][$user_id]['items'][] = $item;
}
$_SESSION['tsChatBoxes'][$user_id] = 1;
}
}
}
}
//print_r($_SESSION['chatHistory']);
$sql = "UPDATE " . $this->table . " SET recd = 1 WHERE to_user = '" . $to_user_id . "' AND recd = 0";
Database::query($sql);
if ($items != '') {
//$items = substr($items, 0, -1);
}
echo json_encode(array('items' => $items));
}
示例7: get_description_data
/**
* Get all data of course description by session id,
* first you must set session_id property with the object CourseDescription
* @return array
*/
public function get_description_data()
{
$tbl_course_description = Database::get_course_table(TABLE_COURSE_DESCRIPTION);
$condition_session = api_get_session_condition($this->session_id, true, true);
$course_id = api_get_course_int_id();
$sql = "SELECT * FROM {$tbl_course_description}\n\t\t WHERE c_id = {$course_id} {$condition_session}\n\t\t ORDER BY id ";
$rs = Database::query($sql);
$data = array();
while ($description = Database::fetch_array($rs)) {
$data['descriptions'][$description['id']] = Security::remove_XSS($description, STUDENT);
}
return $data;
}
示例8: print_course_last_visit
/**
* Shows statistics about the time of last visit to each course.
*/
static function print_course_last_visit()
{
$access_url_rel_course_table = Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
$current_url_id = api_get_current_access_url_id();
$columns[0] = 'c_id';
$columns[1] = 'access_date';
$sql_order[SORT_ASC] = 'ASC';
$sql_order[SORT_DESC] = 'DESC';
$per_page = isset($_GET['per_page']) ? intval($_GET['per_page']) : 10;
$page_nr = isset($_GET['page_nr']) ? intval($_GET['page_nr']) : 1;
$column = isset($_GET['column']) ? intval($_GET['column']) : 0;
$date_diff = isset($_GET['date_diff']) ? intval($_GET['date_diff']) : 60;
if (!in_array($_GET['direction'], array(SORT_ASC, SORT_DESC))) {
$direction = SORT_ASC;
} else {
$direction = isset($_GET['direction']) ? $_GET['direction'] : SORT_ASC;
}
$form = new FormValidator('courselastvisit', 'get');
$form->addElement('hidden', 'report', 'courselastvisit');
$form->add_textfield('date_diff', get_lang('Days'), true);
$form->addRule('date_diff', 'InvalidNumber', 'numeric');
$form->addElement('style_submit_button', 'submit', get_lang('Search'), 'class="search"');
if (!isset($_GET['date_diff'])) {
$defaults['date_diff'] = 60;
} else {
$defaults['date_diff'] = Security::remove_XSS($_GET['date_diff']);
}
$form->setDefaults($defaults);
$form->display();
$values = $form->exportValues();
$date_diff = $values['date_diff'];
$table = Database::get_main_table(TABLE_STATISTIC_TRACK_E_LASTACCESS);
$tableCourse = Database::get_main_table(TABLE_MAIN_COURSE);
if (api_is_multiple_url_enabled()) {
$sql = "SELECT access_date, c.code FROM {$table} s , {$access_url_rel_course_table} u, {$tableCourse} c\n WHERE c.id = u.c_id AND c.id = s.c_id AND access_url_id='" . $current_url_id . "' " . "GROUP BY access_cours_code " . "HAVING s.c_id <> '' " . "AND DATEDIFF( '" . date('Y-m-d h:i:s') . "' , access_date ) <= " . $date_diff;
} else {
$sql = "SELECT access_date, c.code FROM {$table} , {$tableCourse} c\n WHERE c_id = c.id\n GROUP BY c_id\n HAVING c_id <> ''AND\n DATEDIFF( '" . date('Y-m-d h:i:s') . "' , access_date ) <= " . $date_diff;
}
$res = Database::query($sql);
$number_of_courses = Database::num_rows($res);
$sql .= ' ORDER BY ' . $columns[$column] . ' ' . $sql_order[$direction];
$from = ($page_nr - 1) * $per_page;
$sql .= ' LIMIT ' . $from . ',' . $per_page;
echo '<p>' . get_lang('LastAccess') . ' >= ' . $date_diff . ' ' . get_lang('Days') . '</p>';
$res = Database::query($sql);
if (Database::num_rows($res) > 0) {
$courses = array();
while ($obj = Database::fetch_object($res)) {
$course = array();
$course[] = '<a href="' . api_get_path(WEB_PATH) . 'courses/' . $obj->code . '">' . $obj->code . ' <a>';
//Allow sort by date hiding the numerical date
$course[] = '<span style="display:none;">' . $obj->access_date . '</span>' . api_convert_and_format_date($obj->access_date);
$courses[] = $course;
}
$parameters['date_diff'] = $date_diff;
$parameters['report'] = 'courselastvisit';
$table_header[] = array(get_lang("CourseCode"), true);
$table_header[] = array(get_lang("LastAccess"), true);
Display::display_sortable_table($table_header, $courses, array('column' => $column, 'direction' => $direction), array(), $parameters);
} else {
echo get_lang('NoSearchResults');
}
}
示例9: get_lang
if (!empty($production_list) || !empty($file_list) || $count_pending_invitations > 0) {
//Pending invitations
if (!isset($_GET['u']) || isset($_GET['u']) && $_GET['u'] == api_get_user_id()) {
if ($count_pending_invitations > 0) {
$invitations = '<div><h3>' . get_lang('PendingInvitations') . '</h3></div>';
for ($i = 0; $i < $count_pending_invitations; $i++) {
$user_invitation_id = $pending_invitations[$i]['user_sender_id'];
$invitations .= '<div id="dpending_' . $user_invitation_id . '" class="friend_invitations">';
$invitations .= '<div style="float:left;width:60px;" >';
$invitations .= '<img style="margin-bottom:5px;"' . ' src="' . $list_get_path_web[$i]['dir'] . '/' . $list_get_path_web[$i]['file'] . '"' . ' width="60px">';
$invitations .= '</div>';
$invitations .= '<div style="padding-left:70px;">';
$user_invitation_info = api_get_user_info($user_invitation_id);
$invitations .= '<a href="' . api_get_path(WEB_PATH) . 'main/social/profile.php' . '?u=' . $user_invitation_id . '">' . api_get_person_name($user_invitation_info['firstname'], $user_invitation_info['lastname']) . '</a>';
$invitations .= '<br />';
$invitations .= Security::remove_XSS(cut($pending_invitations[$i]['content'], 50), STUDENT, true);
$invitations .= '<br />';
$invitations .= '<a id="btn_accepted_' . $user_invitation_id . '"' . ' class="btn btn-default" onclick="register_friend(this)" href="javascript:void(0)">' . get_lang('SocialAddToFriends') . '</a>';
$invitations .= '<div id="id_response"></div>';
$invitations .= '</div>';
$invitations .= '</div>';
}
$socialRightInformation .= SocialManager::social_wrapper_div($invitations, 4);
}
}
// Productions
$production_list = UserManager::build_production_list($user_id);
$product_content = '';
if (!empty($production_list)) {
$product_content .= '<div><h3>' . get_lang('MyProductions') . '</h3></div>';
$product_content .= $production_list;
示例10: header
if (isset($_POST['group_members']) && count($_POST['group_members']) > $max_member && $max_member != GroupManager::MEMBER_PER_GROUP_NO_LIMIT) {
Display::addFlash(Display::return_message(get_lang('GroupTooMuchMembers'), 'warning'));
header('Location: group.php?' . api_get_cidreq(true, false));
} else {
Display::addFlash(Display::return_message(get_lang('GroupSettingsModified'), 'success'));
header('Location: group.php?' . api_get_cidreq(true, false) . '&category=' . $cat['id']);
}
exit;
}
$action = isset($_GET['action']) ? $_GET['action'] : null;
switch ($action) {
case 'empty':
if (api_is_allowed_to_edit(false, true)) {
GroupManager::unsubscribe_all_users($group_id);
Display::display_confirmation_message(get_lang('GroupEmptied'));
}
break;
}
$defaults = $current_group;
$defaults['group_members'] = $selected_users;
$action = isset($_GET['action']) ? $_GET['action'] : '';
$defaults['action'] = $action;
if (!empty($_GET['keyword']) && !empty($_GET['submit'])) {
$keyword_name = Security::remove_XSS($_GET['keyword']);
echo '<br/>' . get_lang('SearchResultsFor') . ' <span style="font-style: italic ;"> ' . $keyword_name . ' </span><br>';
}
Display::display_header($nameTools, 'Group');
$form->setDefaults($defaults);
echo GroupManager::getSettingBar('member');
$form->display();
Display::display_footer();
示例11: esc_url
/**
* Checks and cleans a URL.
*
* A number of characters are removed from the URL. If the URL is for displaying
* (the default behaviour) ampersands are also replaced. The 'clean_url' filter
* is applied to the returned cleaned URL.
*
* @since wordpress 2.8.0
* @uses wp_kses_bad_protocol() To only permit protocols in the URL set
* via $protocols or the common ones set in the function.
*
* @param string $url The URL to be cleaned.
* @param array $protocols Optional. An array of acceptable protocols.
* Defaults to 'http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet', 'mms', 'rtsp', 'svn' if not set.
* @param string $_context Private. Use esc_url_raw() for database usage.
* @return string The cleaned $url after the 'clean_url' filter is applied.
*/
function esc_url($url, $protocols = null, $_context = 'display')
{
//$original_url = $url;
if ('' == $url) {
return $url;
}
$url = preg_replace('|[^a-z0-9-~+_.?#=!&;,/:%@$\\|*\'()\\x80-\\xff]|i', '', $url);
$strip = array('%0d', '%0a', '%0D', '%0A');
$url = _deep_replace($strip, $url);
$url = str_replace(';//', '://', $url);
/* If the URL doesn't appear to contain a scheme, we
* presume it needs http:// appended (unless a relative
* link starting with /, # or ? or a php file).
*/
if (strpos($url, ':') === false && !in_array($url[0], array('/', '#', '?')) && !preg_match('/^[a-z0-9-]+?\\.php/i', $url)) {
$url = 'http://' . $url;
}
return Security::remove_XSS($url);
/*// Replace ampersands and single quotes only when displaying.
if ( 'display' == $_context ) {
$url = wp_kses_normalize_entities( $url );
$url = str_replace( '&', '&', $url );
$url = str_replace( "'", ''', $url );
}
if ( '/' === $url[0] ) {
$good_protocol_url = $url;
} else {
if ( ! is_array( $protocols ) )
$protocols = wp_allowed_protocols();
$good_protocol_url = wp_kses_bad_protocol( $url, $protocols );
if ( strtolower( $good_protocol_url ) != strtolower( $url ) )
return '';
}
/**
* Filter a string cleaned and escaped for output as a URL.
*
* @since 2.3.0
*
* @param string $good_protocol_url The cleaned URL to be returned.
* @param string $original_url The URL prior to cleaning.
* @param string $_context If 'display', replace ampersands and single quotes only.
*/
//return apply_filters( 'clean_url', $good_protocol_url, $original_url, $_context );98
}
示例12: get_lang
$actionsRight = Display::url(Display::return_icon('printer.png', get_lang('Print'), array(), 32), 'javascript: void(0);', array('onclick' => 'javascript: window.print();'));
$actionsRight .= Display::url(Display::return_icon('export_csv.png', get_lang('ExportAsCSV'), array(), 32), api_get_self() . '?export=csv');
}
$toolbar = Display::toolbarAction('toolbar-session', $content = array(0 => $actionsLeft, 1 => $actionsRight));
echo $toolbar;
echo Display::page_header(get_lang('YourSessionsList'));
} else {
$a_sessions = Tracking::get_sessions_coached_by_user($id_coach);
}
$form = new FormValidator('search_course', 'get', api_get_path(WEB_CODE_PATH) . 'mySpace/session.php');
$form->addElement('text', 'keyword', get_lang('Keyword'));
$form->addButtonSearch(get_lang('Search'));
$keyword = '';
if ($form->validate()) {
$keyword = $form->getSubmitValue('keyword');
}
$form->setDefaults(array('keyword' => $keyword));
$url = api_get_path(WEB_AJAX_PATH) . 'model.ajax.php?a=get_sessions_tracking&keyword=' . Security::remove_XSS($keyword);
$columns = array(get_lang('Title'), get_lang('Date'), get_lang('NbCoursesPerSession'), get_lang('NbStudentPerSession'), get_lang('Details'));
// Column config
$columnModel = array(array('name' => 'name', 'index' => 'name', 'width' => '255', 'align' => 'left'), array('name' => 'date', 'index' => 'date', 'width' => '150', 'align' => 'left', 'sortable' => 'false'), array('name' => 'course_per_session', 'index' => 'course_per_session', 'width' => '150', 'sortable' => 'false'), array('name' => 'student_per_session', 'index' => 'student_per_session', 'width' => '100', 'sortable' => 'false'), array('name' => 'details', 'index' => 'details', 'width' => '100', 'sortable' => 'false'));
$extraParams = array('autowidth' => 'true', 'height' => 'auto');
$js = '<script>
$(function() {
' . Display::grid_js('session_tracking', $url, $columns, $columnModel, $extraParams, array(), null, true) . '
});
</script>';
echo $js;
$form->display();
echo Display::grid_html('session_tracking');
Display::display_footer();
示例13:
<?php
/* For licensing terms, see /license.txt */
//require_once '../inc/global.inc.php';
$type = $_REQUEST['type'];
$src = Security::remove_XSS($_REQUEST['src']);
if (empty($type) || empty($src)) {
api_not_allowed();
}
switch ($type) {
case 'youtube':
$src = 'http://www.youtube.com/embed/' . $src;
$iframe = '<iframe class="youtube-player" type="text/html" width="640" height="385" src="' . $src . '" frameborder="0"></iframe>';
break;
case 'vimeo':
$src = 'http://player.vimeo.com/video/' . $src;
$iframe = '<iframe src="' . $src . '" width="640" height="385" frameborder="0" webkitAllowFullScreen mozallowfullscreen allowFullScreen></iframe>';
break;
}
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title></title>
</head>
<body>
<div id="content" style="width: 700px ;margin-left:auto; margin-right:auto;">
<br />
<?php
echo $iframe;
示例14: display_myminimonthcalendar
/**
* Show the mini calender of the given month
*/
function display_myminimonthcalendar($agendaitems, $month, $year, $monthName)
{
global $DaysShort, $course_path;
//Handle leap year
$numberofdays = array(0, 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31);
if ($year % 400 == 0 or $year % 4 == 0 and $year % 100 != 0) {
$numberofdays[2] = 29;
}
//Get the first day of the month
$dayone = getdate(mktime(0, 0, 0, $month, 1, $year));
//Start the week on monday
$startdayofweek = $dayone['wday'] != 0 ? $dayone['wday'] - 1 : 6;
$g_cc = isset($_GET['courseCode']) ? $_GET['courseCode'] : '';
$backwardsURL = api_get_self() . "?coursePath=" . Security::remove_XSS($course_path) . "&courseCode=" . Security::remove_XSS($g_cc) . "&month=" . ($month == 1 ? 12 : $month - 1) . "&year=" . ($month == 1 ? $year - 1 : $year);
$forewardsURL = api_get_self() . "?coursePath=" . Security::remove_XSS($course_path) . "&courseCode=" . Security::remove_XSS($g_cc) . "&month=" . ($month == 12 ? 1 : $month + 1) . "&year=" . ($month == 12 ? $year + 1 : $year);
echo "<table class=\"data_table\">", "<tr>", "<th width=\"10%\"><a href=\"", $backwardsURL, "\">" . Display::return_icon('action_prev.png', get_lang('Previous')) . "</a></th>";
echo "<th width=\"80%\" colspan=\"5\">", $monthName, " ", $year, "</th>", "<th width=\"10%\"><a href=\"", $forewardsURL, "\">" . Display::return_icon('action_next.png', get_lang('Next')) . "</a></th>", "</tr>";
echo "<tr>";
for ($ii = 1; $ii < 8; $ii++) {
echo "<td class=\"weekdays\">", $DaysShort[$ii % 7], "</td>";
}
echo "</tr>";
$curday = -1;
$today = getdate();
while ($curday <= $numberofdays[$month]) {
echo "<tr>";
for ($ii = 0; $ii < 7; $ii++) {
if ($curday == -1 && $ii == $startdayofweek) {
$curday = 1;
}
if ($curday > 0 && $curday <= $numberofdays[$month]) {
$bgcolor = $ii < 5 ? $class = 'class="days_week"' : ($class = 'class="days_weekend"');
$dayheader = "{$curday}";
if ($curday == $today['mday'] && $year == $today['year'] && $month == $today['mon']) {
$dayheader = "{$curday}";
$class = "class=\"days_today\"";
}
echo "<td " . $class . ">";
if (!empty($agendaitems[$curday])) {
echo "<a href=\"" . api_get_self() . "?action=view&view=day&day=" . $curday . "&month=" . $month . "&year=" . $year . "\">" . $dayheader . "</a>";
} else {
echo $dayheader;
}
// "a".$dayheader." <span class=\"agendaitem\">".$agendaitems[$curday]."</span>";
echo "</td>";
$curday++;
} else {
echo "<td> </td>";
}
}
echo "</tr>";
}
echo "</table>";
}
示例15: str_replace
$cleanUrl = str_replace('/', '-', $url);
$adminExtraContentDir = api_get_path(SYS_PATH) . "home/{$cleanUrl}/admin/";
}
}
// Displaying the header
$message = '';
if (api_is_platform_admin()) {
if (is_dir(api_get_path(SYS_ARCHIVE_PATH)) && !is_writable(api_get_path(SYS_ARCHIVE_PATH))) {
$message = Display::return_message(get_lang('ArchivesDirectoryNotWriteableContactAdmin'), 'warning');
}
/* ACTION HANDLING */
if (!empty($_POST['Register'])) {
api_register_campus(!$_POST['donotlistcampus']);
$message = Display::return_message(get_lang('VersionCheckEnabled'), 'confirmation');
}
$keyword_url = Security::remove_XSS(empty($_GET['keyword']) ? '' : $_GET['keyword']);
}
if (isset($_GET['msg']) && isset($_GET['type'])) {
if (in_array($_GET['msg'], array('ArchiveDirCleanupSucceeded', 'ArchiveDirCleanupFailed'))) {
switch ($_GET['type']) {
case 'error':
$message = Display::return_message(get_lang($_GET['msg']), 'error');
break;
case 'confirmation':
$message = Display::return_message(get_lang($_GET['msg']), 'confirm');
}
}
}
$blocks = array();
// Instantiate Hook Event for Admin Block
$hook = HookAdminBlock::create();