当前位置: 首页>>代码示例>>PHP>>正文


PHP Security::sqlsecure方法代码示例

本文整理汇总了PHP中Security::sqlsecure方法的典型用法代码示例。如果您正苦于以下问题:PHP Security::sqlsecure方法的具体用法?PHP Security::sqlsecure怎么用?PHP Security::sqlsecure使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在Security的用法示例。


在下文中一共展示了Security::sqlsecure方法的8个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: change_issuer

function change_issuer($Ticket_Number, $issuer)
{
    global $GO_SECURITY, $hlpdsk_prefix, $prefix;
    $acl_read = get_cross_value("{$prefix}{$hlpdsk_prefix}_tickets", 'acl_read', "where ticket_number='{$Ticket_Number}'");
    if (!$GO_SECURITY->user_in_acl($issuer, $acl_read)) {
        $GO_SECURITY->add_user_to_acl($issuer, $acl_read);
    }
    $last_issuer_uid = Ticket::get_ticket_issuer_uid($Ticket_Number);
    $new_issuer_uid = Security::sqlsecure($issuer);
    if ($last_issuer_uid != $new_issuer_uid) {
        $last_issuer = Security::get_uname($last_issuer_uid);
        $result = Ticket::change_issuer($Ticket_Number, $new_issuer_uid);
        $new_issuer = Security::get_uname($new_issuer_uid);
        $comment = "Ticket re-issued from \\'{$last_issuer}\\'  to: \\'{$new_issuer}\\' ";
        add_task($Ticket_Number, $comment);
        notify_change($Ticket_Number, $comment);
    }
}
开发者ID:BackupTheBerlios,项目名称:hpt-obm-svn,代码行数:18,代码来源:change_ticket.php

示例2: mod_globals

 function mod_globals($mod_varname = FALSE, $mod_definition = FALSE, $mod_action = "show_form")
 {
     global $prefix, $hlpdsk_prefix, $tts, $name, $cmdOk, $admin_tabtable;
     switch ($mod_action) {
         case "update":
             if ($mod_varname) {
                 $mod_varname = Security::sqlsecure($mod_varname);
                 $mod_definition = Security::sqlsecure($mod_definition);
                 $query = "update {$prefix}{$hlpdsk_prefix}_config set definition='{$mod_definition}' where varname='{$mod_varname}'";
                 if ($tts->query($query, $tts)) {
                     return TRUE;
                 }
             }
             return FALSE;
             break;
         case "insert":
             if ($mod_varname) {
                 $mod_varname = Security::sqlsecure($mod_varname);
                 $mod_definition = Security::sqlsecure($mod_definition);
                 $query = "insert into {$prefix}{$hlpdsk_prefix}_config (varname,definition) values ('{$mod_varname}','{$mod_definition}')";
                 #echo "$query";exit();
                 if ($tts->query($query, $tts)) {
                     return TRUE;
                 }
             }
             return FALSE;
             break;
         case "delete":
             if ($mod_varname) {
                 $mod_varname = Security::sqlsecure($mod_varname);
                 $mod_definition = Security::sqlsecure($mod_definition);
                 $query = "delete from {$prefix}{$hlpdsk_prefix}_config  where varname='{$mod_varname}'";
                 if ($tts->query($query, $tts)) {
                     return TRUE;
                 }
             }
             return FALSE;
             break;
     }
     $response = "<form action=\"admin.php?admin_tabtable={$admin_tabtable}&func=mod_globals\" method=POST>";
     $response .= "<table border=1><tr>";
     $response .= "<td><font class=content>varname<input name=mod_varname type=text></td>";
     $response .= "<td><font class=content>definition<textarea name=mod_definition style=\"HEIGHT: 145px; WIDTH: 500px\"></textarea></td>" . "<td><font class=content>delete<input name=mod_action type=radio value=\"delete\"></td>" . "<td><font class=content>add<input name=mod_action type=radio value=\"insert\"></td>" . "<td><font class=content>modify<input name=mod_action type=radio value=\"update\" checked></td>";
     $response .= "</tr></table>";
     $button = new button();
     $button_submit = $button->get_button($cmdOk, "javascript:this.form.submit();");
     $response .= $button_submit . "</form>";
     return $response;
 }
开发者ID:BackupTheBerlios,项目名称:hpt-obm-svn,代码行数:49,代码来源:opentts.php

示例3: menu

}
$my_ticket->due_date = $due_date;
$my_ticket->end_date = $end_date;
$my_ticket->post_date = $post_date;
$my_ticket->change_date = $change_date;
if (isset($_POST['complete'])) {
    $my_ticket->complete = Security::sqlsecure($_POST['complete']);
}
if (isset($_POST['t_priv_msg'])) {
    $my_ticket->notify_priv_msg = Security::sqlsecure($_POST['t_priv_msg']);
}
if (isset($_POST['t_email'])) {
    $my_ticket->notify_email = Security::sqlsecure($_POST['t_email']);
}
if (isset($_POST['project_id'])) {
    $my_ticket->project_id = Security::sqlsecure($_POST['project_id']);
}
$acl_read = $GO_SECURITY->get_new_acl('ticket read');
$acl_write = $GO_SECURITY->get_new_acl('ticket write');
$my_ticket->acl_read = $acl_read;
$my_ticket->acl_write = $acl_write;
$GO_SECURITY->add_user_to_acl($GO_SECURITY->user_id, $acl_read);
$GO_SECURITY->add_user_to_acl($my_ticket->assigned_id, $acl_write);
$my_ticket->sql_insert();
$Ticket_Number = $my_ticket->ticket_nr;
$textmenu = menu("Show_Tickets", '');
eval($textmenu);
$tabtable = new tabtable('newticket_tabtable', 'Adding new ticket ...', '100%', '400');
$tabtable->print_head();
$statusbar = new statusbar();
$statusbar->info_text = "Adding new ticket";
开发者ID:BackupTheBerlios,项目名称:hpt-obm-svn,代码行数:31,代码来源:entry_proc.php

示例4: querydb

 function querydb($extra_condition = "")
 {
     global $agent, $t_showall, $search, $strtosearch, $orderby, $name, $tts, $prefix, $hlpdsk_prefix, $limit, $limit_rows, $search_status, $submit, $temptime, $hlpdsk_theme, $field, $filter_field, $filter_value, $show_hidden, $hidden_check, $GO_SECURITY;
     $querytext = "select  *  from {$prefix}{$hlpdsk_prefix}_tickets ";
     if ($limit == "") {
         $limit = 0;
     }
     if ($limit_rows == "") {
         $limit_rows = -1;
     }
     $query_limit = " limit {$limit},{$limit_rows} ";
     $query_condition = "where 1 {$extra_condition}";
     $strtosearch = Security::sqlsecure($strtosearch);
     if (isset($submit)) {
         $search = 1;
         if ($field) {
             $field = Security::sqlsecure($field);
             $query_condition .= " and  (  {$field}='{$strtosearch}')";
         } else {
             $array_to_search = split(" ", $strtosearch);
             $query_condition .= " and ( ";
             foreach ($array_to_search as $to_search) {
                 $query_condition .= " (t_subject like '%{$to_search}%' or t_description like '%{$to_search}%') and";
             }
             $query_condition = substr($query_condition, 0, -3);
             $query_condition .= " ) ";
         }
     }
     if (is_array($search_status)) {
         $search_condition = '';
         foreach (array_keys($search_status) as $check_key) {
             $search_condition .= "t_status={$check_key} ";
         }
         # show only open tickets
         if (trim($search_condition) != "") {
             $query_condition .= " and (" . str_replace(" ", " or ", trim($search_condition)) . ")";
         }
     }
     if ($show_hidden == 'on') {
     } else {
         $query_condition .= " and t_stage=1 ";
     }
     if ($strtosearch) {
         $search_uid = Security::get_uid("{$strtosearch}");
     } else {
         $search_uid = "";
     }
     if ($search_uid != "") {
         $query_condition = "where 1  and (t_assigned='{$search_uid}' or  t_from='{$search_uid}') ";
     }
     # FILTERS
     if (isset($filter_field)) {
         foreach ($filter_field as $key => $value) {
             $query_condition .= " and ( {$value}='{$filter_value[$key]}') ";
         }
     }
     # END OF SEARCH CONDITIONS
     if (strcmp($orderby, "")) {
         $query_order_by = " {$orderby} DESC";
     } else {
         $query_order_by = " order by Ticket_Number DESC";
     }
     #
     $response_raw[0]['querytext'] = $querytext . $query_condition . $query_order_by . $query_limit;
     $tts->query($response_raw[0]['querytext']);
     $response_raw[0]['recordcount'] = $tts->num_rows();
     $response_raw[0]['querytotal'] = $response_raw[0]['recordcount'];
     if ($response_raw[0]['recordcount'] == 0) {
         return serialize($response_raw);
     }
     $row = 1;
     if (Security::is_action_allowed("view_all_tickets")) {
         $tts->query($response_raw[0]['querytext']);
         while ($tts->next_record()) {
             $response_raw[$row]['ticket_number'] = $tts->f('ticket_number');
             $response_raw[$row]['t_status'] = $tts->f('t_status');
             $response_raw[$row]['t_priority'] = $tts->f('t_priority');
             $response_raw[$row]['t_from'] = $tts->f('t_from');
             $response_raw[$row]['t_subject'] = $tts->f('t_subject');
             $response_raw[$row]['t_assigned'] = $tts->f('t_assigned');
             $response_raw[$row]['t_stage'] = $tts->f('t_stage');
             $response_raw[$row]['t_category'] = $tts->f('t_category');
             $response_raw[$row]['post_date'] = $tts->f('post_date');
             $response_raw[$row]['due_date'] = $tts->f('due_date');
             $response_raw[$row]['end_date'] = $tts->f('end_date');
             $response_raw[$row]['complete'] = $tts->f('complete');
             $response_raw[$row]['change_date'] = $tts->f('change_date');
             $response_raw[$row]['activity_id'] = $tts->f('activity_id');
             $response_raw[$row]['project_id'] = $tts->f('project_id');
             $row++;
         }
     } else {
         $tts->query($response_raw[0]['querytext']);
         while ($tts->next_record()) {
             if ($GO_SECURITY->user_in_acl(whoami(), $tts->f('acl_read')) or $GO_SECURITY->user_in_acl(whoami(), $tts->f('acl_write'))) {
                 $response_raw[$row]['ticket_number'] = $tts->f('ticket_number');
                 $response_raw[$row]['t_status'] = $tts->f('t_status');
                 $response_raw[$row]['t_priority'] = $tts->f('t_priority');
                 $response_raw[$row]['t_from'] = $tts->f('t_from');
                 $response_raw[$row]['t_subject'] = $tts->f('t_subject');
//.........这里部分代码省略.........
开发者ID:BackupTheBerlios,项目名称:hpt-obm-svn,代码行数:101,代码来源:search.php

示例5: change_activity_id

 function change_activity_id($Ticket_Number, $activity_id)
 {
     global $tts, $user, $name, $prefix, $hlpdsk_prefix;
     $activity_id = Security::sqlsecure($activity_id);
     $Ticket_Number = Security::sqlsecure($Ticket_Number);
     $query = "update {$prefix}{$hlpdsk_prefix}_tickets set activity_id='{$activity_id}' where ticket_number='{$Ticket_Number}'";
     if ($tts->query($query)) {
         return TRUE;
     } else {
         return FALSE;
     }
 }
开发者ID:BackupTheBerlios,项目名称:hpt-obm-svn,代码行数:12,代码来源:ticket.php

示例6: showrecords

function showrecords()
{
    global $Ticket_Number, $name, $tts, $prefix, $hlpdsk_prefix, $hlpdsk_theme, $nuke_user_table, $nuke_user_last_name_fieldname, $nuke_username_fieldname, $hours, $mins, $javascript, $nuke_user_id_fieldname, $nuke_user_first_name_fieldname, $datepicker, $cmdOk, $cmdReset, $GO_SECURITY, $acl_read, $acl_write, $GO_LANGUAGE;
    require $GO_LANGUAGE->get_language_file('opentts');
    $acl_read = get_cross_value("{$prefix}{$hlpdsk_prefix}_tickets", 'acl_read', "where ticket_number='{$Ticket_Number}'");
    $acl_write = get_cross_value("{$prefix}{$hlpdsk_prefix}_tickets", 'acl_write', "where ticket_number='{$Ticket_Number}'");
    if ($GO_SECURITY->user_in_acl(whoami(), $acl_read) or $GO_SECURITY->user_in_acl(whoami(), $acl_write) or Security::is_action_allowed("view_all_tickets")) {
        $query_condition = " ";
    } else {
        $query_condition = " and (t_from='" . whoami() . "' or t_assigned='" . whoami() . "')";
    }
    $querytext = "select * from {$prefix}{$hlpdsk_prefix}_tickets where Ticket_Number='{$Ticket_Number}' {$query_condition} ";
    $tts->query($querytext);
    $recordcount = $tts->num_rows();
    $row = 0;
    if ($recordcount = 0) {
        return 'missing';
    }
    while ($tts->next_record()) {
        $post_date = $tts->f('post_date');
        $due_date = $tts->f('due_date');
        $end_date = $tts->f('end_date');
        $complete = $tts->f('complete');
        $t_from = $tts->f('t_from');
        $t_stage = $tts->f('t_stage');
        $t_category = $tts->f('t_category');
        $t_priority = $tts->f('t_priority');
        $t_subject = htmlspecialchars($tts->f('t_subject'));
        $t_description = htmlspecialchars($tts->f('t_description'));
        #$t_description=str_replace("\n"," <br> ",$t_description);
        $t_assigned = $tts->f('t_assigned');
        $t_email = $tts->f('t_email');
        $t_sms = $tts->f('t_sms');
        $t_status = $tts->f('t_status');
        $change_date = htmlspecialchars($tts->f('change_date'));
        $activity_id = $tts->f('activity_id');
        $project_id = $tts->f('project_id');
        $due_date = date("Y/m/d H:i", $due_date);
        $end_date = date("Y/m/d H:i", $end_date);
        $action_changes = $javascript;
        if ($t_sms == "on") {
            $t_sms = " CHECKED";
        }
        if ($t_email == "on") {
            $t_email = " CHECKED";
        }
        if ($GO_SECURITY->user_in_acl(whoami(), $acl_write)) {
            $button = new button();
            $action_changes .= $button->get_button($cmdOk, "javascript:document.change_status.submit()");
            $action_changes .= $button->get_button($cmdReset, "javascript:document.change_status.reset()");
        } else {
            $action_changes .= '';
        }
        $action_changes .= "</form></center>";
        $tts_lang_ticket_number = "Ticket Number:";
        $tts_lang_post_date_value = date("{$_SESSION['GO_SESSION']['date_format']} H:i", $post_date);
        $fullname = opentts::get_fullname($t_from);
        if (Security::is_action_allowed("imperson", 0, $acl_write)) {
            $select = new select('user', 'change_status', 't_from', $t_from);
            $tts_lang_issuer = $select->get_link("{$tts_lang_issuer}");
            $tts_lang_issuer_value = $select->get_field();
        } else {
            $tts_lang_issuer_value = "{$fullname}";
        }
        $stage_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_stages", "stage_name", " where stage_id='{$t_stage}'"));
        $category_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_categories", "category_name", " where category_id='{$t_category}'"));
        $project_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_projects", "project_name", " where project_id='{$project_id}'"));
        $select_complete = "<select name='complete' class=textbox>" . "<option value='0' >0%</option>" . "<option value='10'>10%</option>" . "<option value='20'>20%</option>" . "<option value='30'>30%</option>" . "<option value='40'>40%</option>" . "<option value='50'>50%</option>" . "<option value='60'>60%</option>" . "<option value='70'>70%</option>" . "<option value='80'>80%</option>" . "<option value='90'>90%</option>" . "<option value='100'>100%</option>" . "</select>";
        $t_assigned_name = Security::whatsmyname($t_assigned);
        if (Security::is_action_allowed("change_subject", 0, $acl_write)) {
            $tts_lang_subject_value = "<input name=t_subject value=\"" . Security::sqlsecure($t_subject) . "\" class=textbox max=80 size=80>";
        } else {
            $tts_lang_subject_value = "<input name=t_subject value=\"" . Security::sqlsecure($t_subject) . "\" class=textbox max=80 size=80 readonly>";
        }
        $tts_lang_description_value = "<textarea name=t_description cols=80 rows=12 class=textbox readonly>" . Security::sqlsecure($t_description) . "</textarea>";
        $tts_lang_change_date_VALUE = date("{$_SESSION['GO_SESSION']['date_format']} H:i", $change_date);
        $tts_lang_email = "Email {$tts_lang_issuer}: <input type=checkbox name=t_email_issuer value=1><br>Email {$tts_lang_assigned} <input type=checkbox name=t_email_agent value=1>";
        $post_changes = "<form name=\"change_status\" method=\"POST\" action=\"change_ticket.php?Ticket_Number={$Ticket_Number}&func=change_status\">";
        if (Security::is_action_allowed("change_project", 0, $acl_write)) {
            $project_name = select_option("{$project_id}", fill_select("project_id", "{$prefix}{$hlpdsk_prefix}_projects", "project_id", "project_name", " order by project_id"));
            $tts_lang_project_value = "{$project_name}";
        } else {
            $project_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_projects", "project_name", " where project_id='{$project_id}'"));
            $tts_lang_project_value = "{$project_name}";
        }
        $fullname = opentts::get_fullname($t_assigned);
        if (Security::is_action_allowed("change_assigned", 0, $acl_write)) {
            $select = new select('user', 'change_status', 't_assigned', $t_assigned);
            $tts_lang_assign_to = $select->get_link("{$tts_lang_assign_to}");
            $tts_lang_assign_to_value = $select->get_field();
        } else {
            $tts_lang_assign_to_value = "{$fullname}";
        }
        if (Security::is_action_allowed("change_end_date", 0, $acl_write)) {
            $time = strtotime($end_date);
            #$end_date_d_m_y=date("Y/m/d",$time);
            $end_date_h = date("H", $time);
            $end_date_i = date("i", $time);
            $today = date($_SESSION['GO_SESSION']['date_format'], $time);
            $end_date = $datepicker->get_date_picker('end_date_d_m_y', $_SESSION['GO_SESSION']['date_format'], $today);
//.........这里部分代码省略.........
开发者ID:BackupTheBerlios,项目名称:hpt-obm-svn,代码行数:101,代码来源:showline.php

示例7: set_default_agent

 function set_default_agent($uid)
 {
     global $tts, $prefix, $hlpdsk_prefix, $name;
     $uid = Security::sqlsecure($uid);
     $query = "update {$prefix}{$hlpdsk_prefix}_groups_members set uid_default=0 where gid=2";
     if ($tts->query($query, $tts)) {
         $query = "update {$prefix}{$hlpdsk_prefix}_groups_members set uid_default=1 where gid=2 and  uid='{$uid}'";
         if ($tts->query($query, $tts)) {
             return TRUE;
         }
     }
     return FALSE;
 }
开发者ID:BackupTheBerlios,项目名称:hpt-obm-svn,代码行数:13,代码来源:security.php

示例8: get_task_assigned

 function get_task_assigned($ticket_number)
 {
     global $prefix, $hlpdsk_prefix;
     $ticket_number = Security::sqlsecure($ticket_number);
     return get_cross_value("{$prefix}{$hlpdsk_prefix}_tickets", "t_assigned", " where ticket_number='{$ticket_number}'");
 }
开发者ID:BackupTheBerlios,项目名称:hpt-obm-svn,代码行数:6,代码来源:task.php


注:本文中的Security::sqlsecure方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。