本文整理汇总了PHP中Security::xss_clean方法的典型用法代码示例。如果您正苦于以下问题:PHP Security::xss_clean方法的具体用法?PHP Security::xss_clean怎么用?PHP Security::xss_clean使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类Security的用法示例。
在下文中一共展示了Security::xss_clean方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: action_point
public function action_point()
{
$xy = Security::xss_clean($this->request->param('id', 0));
$e = explode('-', $xy);
$x = round($e[0]);
$y = round($e[1]);
}示例2: action_questions
public function action_questions()
{
$list = ORM::factory('Expert_Question')->where('is_answered', '=', 1);
$search = Security::xss_clean(Arr::get($_POST, 'search', ''));
if (!empty($search)) {
$list->and_where('question', 'LIKE', '%' . $search . '%');
}
$list = $list->order_by('date', 'DESC');
$paginate = Paginate::factory($list)->paginate(NULL, NULL, 10)->render();
$list = $list->find_all();
$this->set('search', $search);
$this->set('list', $list);
$this->set('paginate', $paginate);
if ($this->request->method() == Request::POST) {
if (Auth::instance()->logged_in()) {
try {
$user_id = Auth::instance()->get_user()->id;
$question = ORM::factory('Expert_Question');
$question->user_id = $user_id;
$question->question = Arr::get($_POST, 'question', '');
$question->date = date('Y-m-d H:i:s');
$question->save();
} catch (ORM_Validation_Exception $e) {
}
} else {
Message::success(i18n::get('You have to login'));
}
}
$this->add_cumb('Question-answer', '/');
}示例3: action_spam
public function action_spam()
{
$id = (int) $this->request->param('id', 0);
$question = ORM::factory('Feedback_Question', $id);
$user_id = $this->user->id;
if (!$question->loaded()) {
$this->redirect('manage/feedback');
}
$token = Arr::get($_POST, 'token', false);
$return = Security::xss_clean(Arr::get($_GET, 'r', 'manage/expert'));
$this->set('return', Url::media($return));
if ($this->request->method() == Request::POST && Security::token() === $token) {
$question->is_spam = ($question->is_spam + 1) % 2;
$question->spam_mod_id = $user_id;
$question->save();
if ($question->is_spam == 1) {
Message::success(i18n::get('The question is marked as spam'));
} else {
Message::success(i18n::get('Marked "Spam" is removed from the question'));
}
$this->redirect($return);
} else {
if ($question->loaded()) {
$this->set('question', $question)->set('token', Security::token(true));
} else {
$this->redirect('manage/expert');
}
}
}示例4: before
public function before()
{
parent::before();
$this->detect_language();
/* Вспомогательный класс */
$this->api = new Api();
$this->auth_token = $this->request->headers('tokenAuth');
/* Обрабатываем POST со строкой json */
$this->post = json_decode($HTTP_RAW_POST_DATA = file_get_contents('php://input'), true);
/* Инициализация параметров limit и offset для запроса, по умолчанию limit = 10, offset = 0 */
$this->offset = Security::xss_clean(Arr::get($this->post, 'offset', 0));
$this->limit = Security::xss_clean(Arr::get($this->post, 'limit', 10));
//Инициализация типа для запроса и id Для запроса
$option = Security::xss_clean(Arr::get($this->post, 'option', array()));
$this->entryType = strtolower(Security::xss_clean(Arr::get($option, 'entryType', '')));
$this->entryId = Security::xss_clean(Arr::get($option, 'entryId', ''));
/* строка поиска */
$this->searchText = Security::xss_clean(Arr::get($option, 'searchText', ''));
/* текст коммента */
$this->text = Security::xss_clean(Arr::get($this->post, 'text', ''));
$this->id = (int) $this->request->param('id', 0);
/* обновление времени жизни токена если он существует и если его ещё надо обновлять (живой ли?) */
if (!empty($this->auth_token)) {
if ($this->api->token_expires($this->auth_token)) {
$token_auth = Security::xss_clean(Arr::get($this->post, 'tokenAuth', ''));
$this->api->update_token($token_auth);
}
}
}示例5: action_edit
public function action_edit()
{
$id = $this->request->param('id', 0);
$thank = ORM::factory('Thank', $id);
$errors = NULL;
$uploader = View::factory('storage/image')->set('user_id', $this->user->id)->render();
if ($post = $this->request->post()) {
try {
if ($id == 0) {
$last = ORM::factory('Thank')->order_by('order', 'Desc')->find();
$thank->order = $last->order + 1;
}
$post['date'] = date('Y-m-d H:i:s');
$thank->name = Security::xss_clean(Arr::get($post, 'name', ''));
$thank->text = Security::xss_clean(Arr::get($post, 'text', ''));
$thank->values($post, array('image', 'published', 'date'))->save();
$this->redirect('manage/thanks/view/' . $thank->id);
} catch (ORM_Validation_Exception $e) {
$errors = $e->errors($e->alias());
$this->set('errors', $errors);
}
}
$this->set('uploader', $uploader);
$this->set('item', $thank);
}示例6: action_index
public function action_index()
{
header('Access-Control-Allow-Origin: *');
$search = Security::xss_clean(isset($_GET['search']) ? $_GET['search'] : '');
if (!empty($search)) {
$query_b = '%' . $search . '%';
$this->searchText = Database::instance()->escape($search);
$query_a = DB::expr(' AGAINST(' . $this->searchText . ') ');
$list = ORM::factory('Publication')->distinct('true')->where(DB::expr('MATCH(title_' . $this->language . ')'), '', $query_a)->or_where(DB::expr('MATCH(desc_' . $this->language . ')'), '', $query_a)->or_where(DB::expr('MATCH(text_' . $this->language . ')'), '', $query_a)->or_where('title_' . $this->language, 'like', $query_b)->and_where('published', '=', 1)->limit($this->limit)->offset($this->offset)->find_all();
} else {
$list = ORM::factory('Publication')->where('title_' . $this->language, '<>', '')->where('published', '=', 1)->order_by('order', 'DESC');
$this->data['page_count'] = Paginate::factory($list)->paginate(NULL, NULL, 10)->page_count();
$list = $list->find_all();
}
$pub = array();
$this->data['search'] = $search;
foreach ($list as $k => $v) {
$pub['id'] = $v->id;
$pub['url'] = 'http://' . $_SERVER['HTTP_HOST'] . '/' . $this->language . URL::site('api/smartpublications/view/' . $v->id);
$pub['title'] = $v->title;
$pub['desc'] = strip_tags($v->desc);
$pub['image'] = 'http://' . $_SERVER['HTTP_HOST'] . URL::media('/images/w205-h160/' . $v->picture->file_path);
$this->data['publications'][] = $pub;
}
$this->response->body(json_encode($this->data));
}示例7: action_edit
public function action_edit()
{
$id = $this->request->param('id', 0);
$leader = ORM::factory('Leader', $id);
$errors = NULL;
$uploader = View::factory('storage/image')->set('user_id', $this->user->id)->render();
if ($post = $this->request->post()) {
try {
$leader->name = Security::xss_clean(Arr::get($post, 'name', ''));
$leader->post = Security::xss_clean(Arr::get($post, 'post', ''));
$leader->contact = Security::xss_clean(Arr::get($post, 'contact', ''));
$leader->phone = Security::xss_clean(Arr::get($post, 'phone', ''));
$leader->fax = Security::xss_clean(Arr::get($post, 'fax', ''));
$leader->contact_name = Security::xss_clean(Arr::get($post, 'contact_name', ''));
$leader->text = Security::xss_clean(Arr::get($post, 'text', ''));
$leader->values($post, array('image', 'published'))->save();
$this->redirect('manage/leaders/view/' . $leader->id);
} catch (ORM_Validation_Exception $e) {
$errors = $e->errors($e->alias());
$this->set('errors', $errors);
}
}
$this->set('uploader', $uploader);
$this->set('item', $leader);
}示例8: action_index
public function action_index()
{
$qv = ORM::factory('qv')->order_by('id')->find_all();
$this->set('qv', $qv);
if ($this->request->method() == Request::POST) {
$input1 = Security::xss_clean(Arr::get($_POST, '1', 0));
$input2 = Security::xss_clean(Arr::get($_POST, '2', 0));
$input3 = Security::xss_clean(Arr::get($_POST, '3', 0));
$input4 = Security::xss_clean(Arr::get($_POST, '4', 0));
$input5 = Security::xss_clean(Arr::get($_POST, '5', 0));
$input6 = Security::xss_clean(Arr::get($_POST, '6', 0));
$input7 = Security::xss_clean(Arr::get($_POST, '7', 0));
$input8 = Security::xss_clean(Arr::get($_POST, '8', 0));
$input9 = Security::xss_clean(Arr::get($_POST, '9', 0));
$input10 = Security::xss_clean(Arr::get($_POST, '10', 0));
$input11 = Security::xss_clean(Arr::get($_POST, '11', 0));
$input12 = Security::xss_clean(Arr::get($_POST, '12', 0));
$input13 = Security::xss_clean(Arr::get($_POST, '13', 0));
$input14 = Security::xss_clean(Arr::get($_POST, '14', 0));
$input15 = Security::xss_clean(Arr::get($_POST, '15', 0));
$input16 = Security::xss_clean(Arr::get($_POST, '16', 0));
$input17 = Security::xss_clean(Arr::get($_POST, '17', 0));
$input18 = Security::xss_clean(Arr::get($_POST, '18', 0));
$input19 = Security::xss_clean(Arr::get($_POST, '19', 0));
$input20 = Security::xss_clean(Arr::get($_POST, '20', 0));
}
}示例9: action_edit
public function action_edit()
{
$id = $this->request->param('id', 0);
$slider = ORM::factory('Slider', $id);
$type = Arr::get($_GET, 'type', 'slider');
$uploader = View::factory('storage/image')->set('user_id', $this->user->id)->render();
$this->set('uploader', $uploader);
$this->set('slider', $slider)->set('r', Url::media('manage/sliders?type=' . $type))->set('type', $type);
if ($post = $this->request->post()) {
if ($id == 0) {
$slider_last = ORM::factory('Slider')->order_by('order', 'desc')->find();
if (!empty($slider_last->id)) {
$slider->order = $slider_last->order + 1;
} else {
$slider->order = 1;
}
$slider->link_ru = Security::xss_clean(Arr::get($post, 'link', ''));
$slider->link_kz = Security::xss_clean(Arr::get($post, 'link', ''));
$slider->link_en = Security::xss_clean(Arr::get($post, 'link', ''));
} else {
$slider->link = Security::xss_clean(Arr::get($post, 'link', ''));
}
$slider->type = $type;
$slider->title = Security::xss_clean(Arr::get($post, 'title', ''));
$slider->values($post, array('image', 'is_active'))->save();
$event = $id ? 'edit' : 'create';
$loger = new Loger($event, $slider->link);
$loger->log($slider);
$this->redirect('manage/sliders?type=' . $type);
}
}示例10: action_edit
public function action_edit()
{
$id = $this->request->param('id', 0);
$infograph = ORM::factory('Infograph', $id);
$language = $infograph->loaded() ? $infograph->language : $this->language;
$this->set('language', $language);
$errors = NULL;
$uploader = View::factory('storage/image')->set('user_id', $this->user->id)->render();
if ($post = $this->request->post()) {
try {
$post['date'] = date('Y-m-d H:i:s', strtotime($post['date']));
$infograph->title = Security::xss_clean(Arr::get($post, 'title', ''));
if ($infograph->id == 0) {
$new_order = ORM::factory('Infograph')->find_all();
foreach ($new_order as $val) {
$val->order = $val->order + 1;
$val->save();
}
}
$infograph->values($post, array('image', 'published', 'language', 'date'))->save();
$event = $id ? 'edit' : 'create';
$loger = new Loger($event, $infograph->title);
$loger->log($infograph);
$this->redirect('manage/infographs/view/' . $infograph->id);
} catch (ORM_Validation_Exception $e) {
$errors = $e->errors($e->alias());
$this->set('errors', $errors);
}
}
$this->set('uploader', $uploader);
$this->set('item', $infograph);
}示例11: action_load
/**
* Load pages from database, static view files,
* or display 404 error page.
*/
public function action_load()
{
Kohana::$log->add(Kohana::DEBUG, 'Executing Controller_Cms_Page::action_load');
$page = Request::instance()->param('page');
$page = Security::xss_clean($page);
// Check if page is in cache
if (Kohana::$caching === TRUE and $file = Kohana::cache('page_' . $page)) {
$this->template->content = $file;
return;
}
// Default values
$contents = NULL;
$found = FALSE;
// Check if page is in database
$db = DB::select('title', 'text')->from('pages')->where('slug', '=', $page)->execute();
if ($db->count() == 1) {
$contents = $db->current();
$contents = $contents['text'];
$found = TRUE;
} else {
if (Kohana::find_file('views', 'static/' . $page)) {
$contents = new View('static/' . $page);
$found = TRUE;
} else {
Kohana::$log->add(Kohana::ERROR, 'Page controller error loading non-existent page, ' . $page);
$contents = new View('errors/404');
}
}
if (Kohana::$caching === TRUE and $found) {
Kohana::cache('page_' . $page, $contents);
}
$this->template->content = $contents;
}示例12: paginate
public function paginate($page = null, $link = null, $count = null)
{
if ($page == null) {
$page = Arr::get($_GET, 'page', 1);
}
if (!empty($_GET['item_count'])) {
$this->count = (int) Arr::get($_GET, 'item_count');
$count = $this->count;
} else {
if ($count == null) {
$count = $this->count;
} else {
$this->count = (int) $count;
}
}
if ($link == null) {
$link = Request::initial()->uri();
}
$count = (int) $count;
$page = (int) $page;
$start = $page * $count - $count;
$max_page = $this->page_count();
if ($page < 1) {
$page = 1;
} else {
$page = min($page, $max_page);
}
$prev = $page == 1 ? false : true;
$next = $page == $max_page ? false : true;
$this->orm->limit($count)->offset($start);
$this->view_vars = array('page' => $page, 'max_page' => $max_page, 'key' => $this->config->get('key', 'page'), 'count' => $count, 'link' => Security::xss_clean(HTML::chars($link)), 'next' => $next, 'prev' => $prev);
return Security::xss_clean(HTML::chars($this));
}示例13: action_index
public function action_index()
{
$opinionId = Security::xss_clean(Arr::get($this->post, 'opinionId', ''));
$voteValue = strtolower(Security::xss_clean(Arr::get($this->post, 'voteValue', '')));
if (!empty($opinionId) and !empty($voteValue)) {
$user = ORM::factory('User', $this->user_id);
$opinion = ORM::factory('Debate_Opinion', $opinionId);
$poll_user = ORM::factory('Debate_Poll')->where('user_id', '=', $this->user_id)->and_where('branch_id', '=', $opinionId)->find();
if ($poll_user->loaded()) {
$this->data['error'] = 'You have already voted';
$this->response->body(json_encode($this->data));
} elseif ($opinion->debate->author_id == $this->user_id or $opinion->debate->opponent_email == $user->email) {
$this->data['error'] = 'Member can not vote';
$this->response->body(json_encode($this->data));
} else {
$poll = ORM::factory('Debate_Poll');
$poll->branch_id = $opinionId;
$poll->variant = 1;
$poll->user_id = $this->user_id;
$poll->save();
switch ($voteValue) {
case 'like':
$opinion->plus += 1;
break;
case 'dislike':
$opinion->minus += 1;
break;
}
$opinion->save();
$this->response->body(json_encode(true));
}
}
}示例14: action_index
public function action_index()
{
$list = ORM::factory('Material')->where('is_moderator', '=', 1)->and_where('is_journal', '=', 0);
$sort = Security::xss_clean(Arr::get($_GET, 'sort', 'work'));
switch ($sort) {
case "work":
$list->and_where('status', '=', 2);
$this->set('sort', 'work');
break;
case "accept":
$list->and_where('status', '=', 1);
$this->set('sort', 'accept');
break;
case "reject":
$list->and_where('status', '=', 0);
$this->set('sort', 'reject');
break;
default:
$this->set('sort', 'all');
}
$list->order_by('date', 'DESC');
$paginate = Paginate::factory($list)->paginate(NULL, NULL, 10)->render();
$list = $list->find_all();
$this->set('materials', $list);
$this->set('paginate', $paginate);
}示例15: verify
/**
* Verify the Facebook credentials.
*
* @throws Kohana_Exception
* @param string the service name
* @return boolean
*/
public function verify($service = MMI_API::SERVICE_FACEBOOK)
{
$access_token = NULL;
if (!array_key_exists('fragment', $_GET)) {
$this->_convert_fragment_to_parameter();
} else {
$fragment = urldecode(Security::xss_clean($_GET['fragment']));
parse_str($fragment, $parms);
$access_token = Arr::get($parms, 'access_token');
unset($parms);
}
// Ensure the access token is set
if (empty($access_token)) {
MMI_Log::log_error(__METHOD__, __LINE__, 'Access token parameter missing');
throw new Kohana_Exception('Access token parameter missing in :method.', array(':method' => __METHOD__));
}
// Load existing data from the database
$auth_config = $this->_auth_config;
$username = Arr::get($auth_config, 'username');
$model;
if (!empty($username)) {
$model = Model_MMI_API_Tokens::select_by_service_and_username($service, $username, FALSE);
} else {
$consumer_key = Arr::get($auth_config, 'api_key');
$model = Model_MMI_API_Tokens::select_by_service_and_consumer_key($service, $consumer_key, FALSE);
}
$success = FALSE;
$previously_verified = FALSE;
if ($model->loaded()) {
// Check if the credentials were previously verified
$previously_verified = $model->verified;
$success = $previously_verified;
}
if (!$previously_verified) {
// Create an access token
$token = new OAuthToken($access_token, $service . '-' . time());
// Update the token credentials in the database
$svc = MMI_API::factory($service);
if (isset($token) and $svc->is_valid_token($token)) {
$encrypt = Encrypt::instance();
$model->service = $service;
$model->consumer_key = 'consumer-' . $service;
$model->consumer_secret = $encrypt->encode($service . '-' . time());
$model->token_key = $token->key;
$model->token_secret = $encrypt->encode($token->secret);
unset($encrypt);
$model->verified = 1;
$model->verification_code = $service . '-' . time();
$model->username = $username;
if (array_key_exists('expires_in', $_GET)) {
$model->attributes = array('expires_in' => urldecode(Security::xss_clean($_GET['expires_in'])));
}
$success = MMI_Jelly::save($model, $errors);
if (!$success and $this->_debug) {
MMI_Debug::dead($errors);
}
}
}
return $success;
}