当前位置: 首页>>代码示例>>PHP>>正文


PHP database::escape方法代码示例

本文整理汇总了PHP中database::escape方法的典型用法代码示例。如果您正苦于以下问题:PHP database::escape方法的具体用法?PHP database::escape怎么用?PHP database::escape使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在database的用法示例。


在下文中一共展示了database::escape方法的12个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: cleanData

	public static function cleanData ($data, $type = 'standard')
	{
		$magicquotes = (get_magic_quotes_gpc() == 1 ? true : false);
		if (is_array($data))
		{
			foreach ($data as $k => $v)
			{
				$data[$k] = janitor::cleanData($v, $type);
			}
		} else
		{
			# Actual processing
			switch ($type)
			{
				case "standard":
					$data = ($magicquotes ? $data : addslashes($data));
					break;
				case "sql":
					$data = ($magicquotes ? database::escape(stripslashes($data)) : database::escape($data));
					break;
				case "html":
					$data = htmlentities(
					($magicquotes ? database::escape(stripslashes($data)) : database::escape($data)));
					break;
				case "integer":
					$data = intval($data);
					break;
			}
		}
		return $data;
	}
开发者ID:radiosilence,项目名称:quickbox,代码行数:31,代码来源:janitor.class.php

示例2: escape

 /**
  * @en SQL query escaping
  * @ru Экранирование части SQL запроса
  *
  * @param mixed $var
  *
  * @return string
  */
 public function escape($var)
 {
     return $this->database->escape($var);
 }
开发者ID:ThisNameWasFree,项目名称:rude-univ,代码行数:12,代码来源:rude-query.php

示例3: addslashes

    $deleteQuery = "DELETE FROM files WHERE subq_id='" . $sq_id . "'";
    $databaseObj->send_sql($deleteQuery);
    $deletesubque = "DELETE FROM submissionqueue WHERE subq_id='" . $sq_id . "'";
    $databaseObj->send_sql($deletesubque);
}
if (isset($_POST['hid'])) {
    $course_id = addslashes(strip_tags($_POST['hid']));
    // Connect to the database
    $db = new database();
    $db->setup(DB_USER, DB_PASS, DB_HOST, DB_NAME);
    $flag = false;
    $subq_id = 0;
    $s_id = addslashes(strip_tags($_SESSION['cwid']));
    $wrongtype = 0;
    foreach ($_FILES as $x => $x_value) {
        $mime = $databaseObj->escape($_FILES[$x]['type']);
        if ($mime != 'application/pdf') {
            $databaseObj->__destruct();
            header('location:waiver.php');
        }
    }
    foreach ($_FILES as $x => $x_value) {
        if (isset($_FILES[$x])) {
            // Make sure the file was sent without errors
            if ($_FILES[$x]['error'] == 0) {
                /*echo $_FILES['uploaded_file']['name'];
                  echo $_FILES['uploaded_file']['type'];
                  echo file_get_contents($_FILES  ['uploaded_file']['tmp_name']);*/
                // Gather all required data
                if ($flag == false) {
                    $q = "INSERT INTO submissionqueue (s_id, time_stamp, status, comments) VALUES ('{$s_id}', '" . time() . "', 'Pending', ' ')";
开发者ID:sagarshah16,项目名称:waiver-system,代码行数:31,代码来源:add_file.php

示例4: getSuggestions

    function getSuggestions($keyword)
    {
        //get DB
        if (defined('_JEXEC')) {
            $dbi = JDatabase::getInstance(array('driver' => DB_DRIVER, 'host' => DB_HOST, 'user' => DB_USER, 'password' => DB_PASSWORD, 'database' => DB_DATABASE, 'prefix' => DB_PREFIX));
        } else {
            $dbi = new database(DB_HOST, DB_USER, DB_PASSWORD, DB_DATABASE, DB_PREFIX, DB_OFFLINE);
        }
        // escape the keyword string
        if (get_magic_quotes_gpc()) {
            //Addded by AW
            $keyword = stripslashes($keyword);
        }
        $keyword = $dbi->escape($keyword);
        //$patterns = array('/\s+/', '/"+/', '/%+/');
        //$replace = array('');
        //$keyword = preg_replace($patterns, $replace, $keyword);
        //set SQL BIG SELECT option to ensure it is set to true
        $dbi->setQuery("SET OPTION SQL_BIG_SELECTS=1");
        $dbi->query();
        // build the SQL query that gets the matching functions from the database
        $tit = "title";
        $id = "id";
        $link = "link";
        // execute the SQL query
        $output = '<?xml version="1.0" encoding="UTF-8" standalone="yes"?>';
        $output .= '<response>';
        $filter = '=""';
        if ($keyword != '') {
            $filter = ' LIKE "' . $keyword . '%"';
        }
        // if the keyword is empty build a SQL query that will return no results
        $query = '';
        if (defined('_JEXEC')) {
            $query = 'SELECT ' . $tit . ',' . $link . ',' . $id . '
			 FROM
			(SELECT c.' . $tit . ' ,m.' . $link . ',m.id,c.created
			FROM #__content c
			JOIN
			(
			 SELECT  ' . $link . ',' . $id . ' 
			 FROM #__menu
			 WHERE ' . $link . ' like "index.php?option=com_content&view=article&id=%"
			 AND published = 1
			
			) as m on m.' . $link . ' = concat("index.php?option=com_content&view=article&id=",c.' . $id . ')
			WHERE  c.' . $tit . $filter . '
				
			UNION 
		
			SELECT i.' . $tit . ' as title,concat(concat(concat("index.php?option=com_content&amp;view=article&amp;catid=",c.' . $id . '),"&amp;id="),cast(i.' . $id . ' as char(11)))
			 as link, mc.' . $id . '  as id,i.created
			 FROM #__content AS i
			 JOIN #__categories AS c ON i.catid = c.' . $id . '
			 JOIN #__menu AS mc ON
			 mc.' . $link . ' = concat("index.php?option=com_content&view=category&layout=blog&id=",c.' . $id . ')
			 OR mc.' . $link . ' = concat("index.php?option=com_content&view=category&id=",c.' . $id . ')
			 
			WHERE mc.published=1
			AND i.' . $tit . $filter . '
					 
			UNION   
			
			select i.' . $tit . ',concat(concat(concat("index.php?option=com_content&amp;view=article&amp;catid=",c.' . $id . '),"&amp;id="),cast(i.' . $id . ' as char(11))) as link, 0 as id,i.created
			 FROM #__content i
			 LEFT join #__menu  m on m.link = concat("index.php?option=com_content&view=article&id=",i.' . $id . ')
			 JOIN #__categories AS c ON i.catid = c.' . $id . '
			 LEFT JOIN #__menu AS mc ON
			 mc.' . $link . ' = concat("index.php?option=com_content&view=category&layout=blog&id=",c.' . $id . ')
			 OR  mc.' . $link . ' = concat("index.php?option=com_content&view=category&id=",c.' . $id . ')
			 
			 WHERE m.' . $id . ' is null
			 AND mc.' . $id . ' is null
			 AND state = 1
			 AND i.' . $tit . $filter . '
			 
			UNION
			 
			SELECT c.' . $tit . ',m.link,m.id,"0000-00-00 00:00:00" as created
			FROM #__menu AS m 
			JOIN #__categories AS c ON
			m.' . $link . ' = concat("index.php?option=com_content&view=category&layout=blog&id=",c.' . $id . ')
			OR m.' . $link . ' =  concat("index.php?option=com_content&view=category&id=",c.' . $id . ')
					 
			WHERE m.published = 1
			AND m.parent_id = 1
			AND c.' . $tit . $filter . '
			
			
			UNION 
		 
			SELECT c.title,concat("index.php?option=com_content&amp;view=categories&amp;id=",cast(c.' . $id . ' as char(11))) as link,0 as id,"0000-00-00 00:00:00" as created
			FROM #__categories AS c 
			JOIN #__menu AS m ON
	 		m.' . $link . ' =  concat("index.php?option=com_content&view=categories&id=",c.' . $id . ')
			WHERE m.published = 1
			AND c.' . $tit . $filter . '
			
			ORDER BY created desc) a
			WHERE ' . $tit . $filter;
//.........这里部分代码省略.........
开发者ID:fur81,项目名称:zofaxiopeu,代码行数:101,代码来源:suggest.class.php

示例5: database

<?php

//get
//votePost.php?p_id=1&up
//votePost.php?p_id=1&down
require_once "include/databaseClassMySQLi.php";
require_once "include/session.php";
header('Content-Type: application/json');
$db = new database();
$results = array();
if (isset($_POST['p_id']) && $_POST['p_id'] != '') {
    $p_id = $db->escape($_POST['p_id']);
    if (isset($_POST['up'])) {
        $query = 'select value from post_votes where p_id=\'' . $p_id . '\' and u_id=\'' . $session->uid . '\'';
        $db->send_sql($query);
        $row = $db->next_row();
        if ($row === false || empty($row)) {
            $query = 'insert into post_votes (p_id, u_id, value) values(\'' . $p_id . '\', \'' . $session->uid . '\', 1)';
            $db->send_sql($query);
            $query = 'update posts set votes = votes + 1 where p_id=' . $p_id;
            $db->send_sql($query);
        } else {
            $query = 'update post_votes set value=1 where p_id=\'' . $p_id . '\' and u_id=\'' . $session->uid . '\'';
            $db->send_sql($query);
            $value = $row['value'];
            if ($value == -1) {
                $query = 'update posts set votes = votes + 2 where p_id=\'' . $p_id . '\'';
                $db->send_sql($query);
            }
        }
    } else {
开发者ID:NicholasAntonov,项目名称:stevens-comments,代码行数:31,代码来源:votePost.php

示例6: database

<?php

//get
//post.php?start=0&count=20
//post.php
require_once "include/databaseClassMySQLi.php";
require_once "include/session.php";
header('Content-Type: application/json');
$db = new database();
$results = array();
if (isset($_GET['start']) && isset($_GET['count'])) {
    $start = $db->escape($_GET['start']);
    $count = $db->escape($_GET['count']);
    if (!is_numeric($start) || !is_numeric($count)) {
        $start = 0;
        $count = 20;
    }
} else {
    $start = 0;
    $count = 20;
}
//value = whether the use voted 1 or -1 or null
if (isset($_GET['top'])) {
    $query = 'select posts.p_id, users.u_id, for_name, name, post, date, showName, votes, a.value, ownage_id from posts natural join users left join (select value, p_id from post_votes where u_id=\'' . $session->uid . '\') a on posts.p_id=a.p_id where hidden=0 order by votes desc limit ' . $start . ', ' . $count;
} else {
    $query = 'select posts.p_id, users.u_id, for_name, name, post, date, showName, votes, a.value, ownage_id from posts natural join users left join (select value, p_id from post_votes where u_id=\'' . $session->uid . '\') a on posts.p_id=a.p_id where hidden=0 order by date desc limit ' . $start . ', ' . $count;
}
$db->send_sql($query);
while (($row = $db->next_row()) !== false && !empty($row)) {
    if ($row['showName'] == 0) {
        $row['name'] = "anon";
开发者ID:NicholasAntonov,项目名称:stevens-comments,代码行数:31,代码来源:post.php

示例7: database

//userPost.php?post=postcontent&showName=1
//userPost.php?post=postcontent
//POST
//delete
//userPost.php?delete=p_id
//get
//userPost.php?start=0&count=10
//userPost.php
require_once "include/session.php";
require_once "include/databaseClassMySQLi.php";
header('Content-Type: application/json');
$db = new database();
$results = array();
if (isset($_POST['post']) && isset($_POST['for_name']) && $_POST['post'] != '') {
    if (isset($_POST['showName'])) {
        $showName = $db->escape($_POST['showName']);
        if ($showName === true || $showName === 'true') {
            $showName = 1;
        } else {
            $showName = 0;
        }
    } else {
        $showName = 0;
    }
    if ($session->checkLoggedIn() === true) {
        $db->send_sql("insert into ownage(u_id) values ('{$session->uid}')");
        $ownage = $db->insert_id();
        date_default_timezone_set('UTC');
        $post = $db->escape($_POST['post']);
        $for_name = $db->escape($_POST['for_name']);
        $query = 'insert into posts(u_id, post, showName, ownage_id, for_name) values (\'' . $session->uid . '\', \'' . $post . '\',  \'' . $showName . '\', \'' . $ownage . '\', \'' . $for_name . '\')';
开发者ID:NicholasAntonov,项目名称:stevens-comments,代码行数:31,代码来源:userPost.php

示例8: database

<?php

//post
//comment.php?p_id=1&comment=content&showName=1
//comment.php?p_id=1&comment=content
//get
//userPost.php?post=p_id=1
//userPost.php?post=p_id=1&start=0&count=1
require_once "include/session.php";
require_once "include/databaseClassMySQLi.php";
header('Content-Type: application/json');
$db = new database();
$results = array();
if (isset($_POST['comment']) && isset($_POST['p_id']) && $_POST['comment'] != '' && $_POST['p_id'] != '') {
    $p_id = $db->escape($_POST['p_id']);
    if (isset($_POST['showName'])) {
        $showName = $db->escape($_POST['showName']);
        if ($showName === true || $showName === 'true') {
            $showName = 1;
        } else {
            $showName = 0;
        }
    } else {
        $showName = 0;
    }
    if ($session->checkLoggedIn() === true) {
        $db->send_sql("insert into ownage(u_id) values ('{$session->uid}')");
        $ownage = $db->insert_id();
        date_default_timezone_set('UTC');
        $comment = $db->escape($_POST['comment']);
        $query = "insert into comments(u_id, p_id, comment, showName, ownage_id) values ('{$session->uid}', '{$p_id}', '{$comment}', '{$showName}', {$ownage})";
开发者ID:NicholasAntonov,项目名称:stevens-comments,代码行数:31,代码来源:comment.php

示例9: json_encode

<?php

require_once 'include/databaseClassMySQLi.php';
require_once "include/session.php";
$db = new database();
header('Content-Type: application/json');
$result = array();
if (isset($_POST['name']) && isset($_POST['password']) && isset($_POST['email']) && $_POST['name'] != '' && $_POST['password'] != '' && $_POST['email'] != '') {
    $name = $db->escape($_POST['name']);
    $password = $db->escape($_POST['password']);
    $email = $db->escape($_POST['email']);
    $query = 'select email from users where email=\'' . $email . '\'';
    $db->send_sql($query);
    $row = $db->next_row();
    if (!($row === false || empty($row))) {
        array_push($result, "Email is already taken");
    } else {
        if (count($result) == 0) {
            $query = 'insert into users(name, password, email) values (\'' . $name . '\', \'' . password_hash($password, PASSWORD_DEFAULT) . '\', \'' . $email . '\')';
            $db->send_sql($query);
            array_push($result, "Success");
            $session->login($email, $password);
        }
    }
} else {
    array_push($result, "Missing a field");
}
echo json_encode($result);
开发者ID:NicholasAntonov,项目名称:stevens-comments,代码行数:28,代码来源:register.php

示例10: database

    include "databaseClassMySQLi.php";
    //include("projconfig.php");
    $databaseObj = new database();
    $databaseObj->setup(DB_USER, DB_PASS, DB_HOST, DB_NAME);
    if (isset($_POST)) {
        foreach ($_POST as $key => $value) {
            if (is_array($value)) {
                $jsonData = "{\\\"{$key}\\\":[";
                $numfiles = sizeof($value);
                foreach ($value as $element) {
                    $jsonData = $jsonData . '\\"' . $element . '\\"';
                    if ($numfiles != 1) {
                        $jsonData = $jsonData . ', ';
                    }
                    $numfiles = $numfiles - 1;
                }
                $jsonData = $jsonData . ']}';
                $jsonDataString = $databaseObj->escape($jsonData);
                //echo $jsonDataString;
                $query = "insert into submissiontype(course_id, submission_type, refreshOnUpdate) values ('{$course_id}','{$jsonDataString}',false)";
                $result = $databaseObj->send_sql($query);
            }
        }
    }
    echo "Course designed successfully";
} else {
    header("location:designCourse.php");
}
?>
    </body>
</html>
开发者ID:sagarshah16,项目名称:waiver-system,代码行数:31,代码来源:insert.php

示例11: getEscaped

 /**
  * Get a database escaped string. For LIKE statemends: $db->Quote( $db->getEscaped( $text, true ) . '%', false )
  *
  * @param  string  $text
  * @param  boolean $escapeForLike : escape also % and _ wildcards for LIKE statements with % or _ in search strings  (since CB 1.2.3)
  * @return string
  */
 function getEscaped($text, $escapeForLike = false)
 {
     if (checkJversion() >= 2) {
         $result = $this->_db->escape($text);
     } else {
         $result = $this->_db->getEscaped($text);
     }
     if ($escapeForLike) {
         $result = str_replace(array('%', '_'), array("\\%", "\\_"), $result);
     }
     return $result;
 }
开发者ID:rogatnev-nikita,项目名称:cloudinterpreter,代码行数:19,代码来源:cb.database.php

示例12: database

//message.php?to=ownage_id&message=content&showName=1
//message.php?to=ownage_id&message=content
//GET
//delete
//message.php?delete=m_id
//get
//message.php?start=0&count=10
//message.php
require_once "include/session.php";
require_once "include/databaseClassMySQLi.php";
header('Content-Type: application/json');
$db = new database();
$results = array();
if (isset($_POST['message']) && isset($_POST['to'])) {
    if (isset($_POST['showName'])) {
        $showName = $db->escape($_POST['showName']);
        if ($showName === true || $showName === 'true') {
            $showName = 1;
        } else {
            $showName = 0;
        }
    } else {
        $showName = 0;
    }
    if ($session->checkLoggedIn() === true) {
        $db->send_sql("insert into ownage(u_id) values ('{$session->uid}')");
        $ownage = $db->insert_id();
        date_default_timezone_set('UTC');
        $message = $db->escape($_POST['message']);
        $to = $db->escape($_POST['to']);
        $query = 'insert into messages(to_ownage, ownage_id, message, showName) values (\'' . $to . '\', \'' . $ownage . '\', \'' . $message . '\', \'' . $showName . '\')';
开发者ID:NicholasAntonov,项目名称:stevens-comments,代码行数:31,代码来源:message.php


注:本文中的database::escape方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。