本文整理汇总了PHP中db::escape方法的典型用法代码示例。如果您正苦于以下问题:PHP db::escape方法的具体用法?PHP db::escape怎么用?PHP db::escape使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类db
的用法示例。
在下文中一共展示了db::escape方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: send_key_to_db
/**
* Send key to db
*/
public function send_key_to_db()
{
if (!self::$flag_key_sent_to_db) {
$db = new db($this->db_link);
// todo: disable logging in db
$db->query("SELECT set_config('sm.numbers.crypt.key', '" . $db->escape($this->key) . "', false)");
$db->query("SELECT set_config('sm.numbers.crypt.options', '" . $db->escape($this->cipher) . "', false)");
// todo: enable logging in db
self::$flag_key_sent_to_db = true;
}
return true;
}
示例2: __set
public function __set($name, $value)
{
$s_name = db::escape($name);
$s_val = db::escape($value);
$s_uid = db::escape($this->_uid);
return db::execute("REPLACE INTO 202_config (var_name, var_value, user_id)\n VALUES ('{$s_name}', '{$s_val}', '{$s_uid}')");
}
示例3: deleteCard
/**
* Deletes a card
*
* @param mixed $addressBookId
* @param string $cardUri
* @return bool
*/
function deleteCard($addressBookId, $cardUri)
{
debug_log("deleteContactObject( {$addressBookId} , {$cardUri} )");
if (!$this->user->rights->societe->contact->supprimer) {
return false;
}
if (strpos($cardUri, '-ct-') > 0) {
$contactid = $cardUri * 1;
// cardUri starts with contact id
} else {
$sql .= "SELECT `fk_object` FROM " . MAIN_DB_PREFIX . "socpeople_cdav\n\t\t\t\t\tWHERE `uuidext`= '" . $this->db->escape($cardUri) . "'";
// cardUri comes from external apps
$result = $this->db->query($sql);
if ($result !== false && ($row = $this->db->fetch_array($result)) !== false) {
$contactid = $row['fk_object'] * 1;
} else {
return false;
}
// not found
}
$sql = "UPDATE " . MAIN_DB_PREFIX . "socpeople SET ";
$sql .= " statut = 0, tms = NOW(), fk_user_modif = " . $this->user->id;
$sql .= " WHERE rowid = " . $contactid;
$res = $this->db->query($sql);
return true;
}
示例4: update_visitor_log
public static function update_visitor_log($uid, $force_update = false)
{
$http_referer = session::$db->escape(session::get_http_referer());
$user_agent = session::$db->escape(session::get_user_agent());
$ip_address = session::$db->escape(get_ip_address());
if (!($forum_fid = get_forum_fid())) {
$forum_fid = 0;
}
$current_datetime = date(MYSQL_DATETIME, time());
$uid = is_numeric($uid) && $uid > 0 ? session::$db->escape($uid) : 'NULL';
if (!($search_id = session::is_search_engine())) {
$search_id = 'NULL';
}
if (!$force_update) {
$sql = "SELECT UNIX_TIMESTAMP(MAX(LAST_LOGON)) FROM VISITOR_LOG WHERE FORUM = {$forum_fid} ";
$sql .= "AND ((UID = {$uid} AND {$uid} IS NOT NULL) OR (SID = {$search_id} AND {$search_id} IS NOT NULL) ";
$sql .= "OR (IPADDRESS = '{$ip_address}' AND {$uid} IS NULL AND {$search_id} IS NULL))";
if (!($result = session::$db->query($sql))) {
return false;
}
list($last_logon) = $result->fetch_row();
}
if (!isset($last_logon) || $last_logon < time() - HOUR_IN_SECONDS) {
$sql = "REPLACE INTO VISITOR_LOG (FORUM, UID, LAST_LOGON, IPADDRESS, REFERER, USER_AGENT, SID) ";
$sql .= "VALUES ('{$forum_fid}', {$uid}, CAST('{$current_datetime}' AS DATETIME), '{$ip_address}', ";
$sql .= "'{$http_referer}', '{$user_agent}', {$search_id})";
if (!session::$db->query($sql)) {
return false;
}
}
return true;
}
示例5: getSqlWhere
/**
* Returns condition code for sql query
*
* @param bool should returned condition code start with WHERE (false) or AND (true)?
* @return string the condition code
*/
function getSqlWhere($append = false)
{
if ($this->searchtext != '') {
if ($append == true) {
$condition = ' AND ';
} else {
$condition = ' WHERE ';
}
$searchfield = explode('.', $this->searchfield);
foreach ($searchfield as $id => $field) {
if (substr($field, -1, 1) != '`') {
$field .= '`';
}
if ($field[0] != '`') {
$field = '`' . $field;
}
$searchfield[$id] = $field;
}
$searchfield = implode('.', $searchfield);
$searchtext = str_replace('*', '%', $this->searchtext);
$condition .= $searchfield . ' LIKE "' . $this->db->escape($searchtext) . '" ';
} else {
$condition = '';
}
return $condition;
}
示例6: setCronLog
public function setCronLog($_cronlog = 0)
{
$_cronlog = (int) $_cronlog;
if ($_cronlog != 0 && $_cronlog != 1) {
$_cronlog = 0;
}
$this->db->query('UPDATE `' . TABLE_PANEL_SETTINGS . "` \n\t\t\t\t SET `value`='" . $this->db->escape($_cronlog) . "' \n\t\t\t\t WHERE `settinggroup`='logger' \n\t\t\t\t AND `varname`='log_cron'");
return true;
}
示例7: logAction
public function logAction($action = USR_ACTION, $type = LOG_NOTICE, $text = null)
{
if (parent::isEnabled()) {
if (parent::getSeverity() <= 1 && $type == LOG_NOTICE) {
return;
}
if (!isset($this->userinfo['loginname']) || $this->userinfo['loginname'] == '') {
$name = 'unknown';
} else {
$name = " (" . $this->userinfo['loginname'] . ")";
}
$now = time();
if ($text != null && $text != '') {
$this->db->query("INSERT INTO `panel_syslog` (`type`, `date`, `action`, `user`, `text`)\n VALUES ('" . (int) $type . "', '" . $now . "', '" . (int) $action . "', '" . $this->db->escape($name) . "', '" . $this->db->escape($text) . "')");
} else {
$this->db->query("INSERT INTO `panel_syslog` (`type`, `date`, `action`, `userid`, `text`)\n VALUES ('" . (int) $type . "', '" . $now . "', '" . (int) $action . "', '" . $this->db->escape($name) . "', 'No text given!!! Check scripts!')");
}
}
}
示例8: write
public function write($sessionId, $data)
{
if ($this->new) {
Db::query(sprintf("INSERT into system.sessions(id, data, expires, lifespan) VALUES('%s', '%s', %d, %d)", $sessionId, Db::escape($data), time() + $this->lifespan, $this->lifespan), 'main');
} else {
if ($_GET['no_extend'] == true) {
return true;
} else {
Db::query(sprintf("UPDATE system.sessions SET data = '%s', expires = %d WHERE id = '%s'", db::escape($data), time() + $this->lifespan, $sessionId), 'main');
}
}
return true;
}
示例9: _getSqlContacts
/**
* Base sql request for contacts
*
* @return string
*/
protected function _getSqlContacts()
{
$sql = 'SELECT p.*, co.label country_label, GREATEST(s.tms, p.tms) lastupd, s.code_client soc_code_client, s.code_fournisseur soc_code_fournisseur,
s.nom soc_nom, s.address soc_address, s.zip soc_zip, s.town soc_town, cos.label soc_country_label, s.phone soc_phone, s.email soc_email,
s.client soc_client, s.fournisseur soc_fournisseur, s.note_private soc_note_private, s.note_public soc_note_public, cl.label category_label
FROM ' . MAIN_DB_PREFIX . 'socpeople as p
LEFT JOIN ' . MAIN_DB_PREFIX . 'c_country as co ON co.rowid = p.fk_pays
LEFT JOIN ' . MAIN_DB_PREFIX . 'societe as s ON s.rowid = p.fk_soc
LEFT JOIN ' . MAIN_DB_PREFIX . 'c_country as cos ON cos.rowid = s.fk_pays
LEFT JOIN ' . MAIN_DB_PREFIX . 'categorie_contact as cc ON cc.fk_socpeople = p.rowid
LEFT JOIN ' . MAIN_DB_PREFIX . 'categorie_lang as cl ON (cl.fk_category = cc.fk_categorie AND cl.lang=\'' . $this->db->escape($this->langs->defaultlang) . '\')
WHERE p.entity IN (' . getEntity('societe', 1) . ')
AND (p.priv=0 OR (p.priv=1 AND p.fk_user_creat=' . $this->user->id . '))';
return $sql;
}
示例10: sendMail
/**
* Mail notifications.
*/
public function sendMail($customerid = -1, $template_subject = null, $default_subject = null, $template_body = null, $default_body = null)
{
global $mail;
// Some checks are to be made here in the future
if ($customerid != -1) {
// Get e-mail message for customer
$usr = $this->db->query_first('SELECT `name`, `firstname`, `email`
FROM `' . TABLE_PANEL_CUSTOMERS . '`
WHERE `customerid` = "' . (int) $customerid . '"');
$replace_arr = array('FIRSTNAME' => $usr['firstname'], 'NAME' => $usr['name'], 'SUBJECT' => $this->Get('subject', true));
} else {
$replace_arr = array('SUBJECT' => $this->Get('subject', true));
}
$result = $this->db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '`
WHERE `adminid`=\'' . (int) $this->userinfo['adminid'] . '\'
AND `language`=\'' . $this->db->escape($this->userinfo['def_language']) . '\'
AND `templategroup`=\'mails\'
AND `varname`=\'' . $template_subject . '\'');
$mail_subject = html_entity_decode(replace_variables($result['value'] != '' ? $result['value'] : $default_subject, $replace_arr));
$result = $this->db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '`
WHERE `adminid`=\'' . (int) $this->userinfo['adminid'] . '\'
AND `language`=\'' . $this->db->escape($this->userinfo['def_language']) . '\'
AND `templategroup`=\'mails\'
AND `varname`=\'' . $template_body . '\'');
$mail_body = html_entity_decode(replace_variables($result['value'] != '' ? $result['value'] : $default_body, $replace_arr));
if ($customerid != -1) {
$mail->From = $this->settings['ticket']['noreply_email'];
$mail->FromName = $this->settings['ticket']['noreply_name'];
$mail->Subject = $mail_subject;
$mail->Body = $mail_body;
$mail->AddAddress($usr['email'], $usr['firstname'] . ' ' . $usr['name']);
if (!$mail->Send()) {
standard_error(array('errorsendingmail', $usr['email']));
}
$mail->ClearAddresses();
} else {
$admin = $this->db->query_first('SELECT `email` FROM `' . TABLE_PANEL_ADMINS . "` WHERE `adminid`='" . (int) $this->userinfo['adminid'] . "'");
$mail->From = $this->settings['ticket']['noreply_email'];
$mail->FromName = $this->settings['ticket']['noreply_name'];
$mail->Subject = $mail_subject;
$mail->Body = $mail_body;
$mail->AddAddress($admin['email'], $admin['firstname'] . ' ' . $admin['name']);
if (!$mail->Send()) {
standard_error(array('errorsendingmail', $admin['email']));
}
$mail->ClearAddresses();
}
}
示例11: updateCalendarObject
/**
* Updates an existing calendarobject, based on it's uri.
*
* The object uri is only the basename, or filename and not a full path.
*
* It is possible return an etag from this function, which will be used in
* the response to this PUT request. Note that the ETag must be surrounded
* by double-quotes.
*
* However, you should only really return this ETag if you don't mangle the
* calendar-data. If the result of a subsequent GET to this object is not
* the exact same as this request body, you should omit the ETag.
*
* @param mixed $calendarId
* @param string $objectUri
* @param string $calendarData
* @return string|null
*/
function updateCalendarObject($calendarId, $objectUri, $calendarData)
{
debug_log("updateCalendarObject( {$calendarId} , {$objectUri} )");
//Check right on $calendarId for current user
if (!in_array($calendarId, $this->_getCalendarsIdForUser())) {
// not authorized
return;
}
$calendarData = $this->_parseData($calendarData);
if (!$calendarData || empty($calendarData)) {
return;
}
$sql = "UPDATE " . MAIN_DB_PREFIX . "actioncomm \n\t\t\t\t\tSET\n\t\t\t\t\t\tlabel \t\t\t= '" . $this->db->escape($calendarData['label']) . "',\n\t\t\t\t\t\tdatep\t\t\t= '" . ($calendarData['fullday'] == 1 ? date('Y-m-d 00:00:00', $calendarData['start']) : date('Y-m-d H:i:s', $calendarData['start'])) . "',\n\t\t\t\t\t\tdatep2\t\t\t= '" . ($calendarData['fullday'] == 1 ? date('Y-m-d 23:59:59', $calendarData['end'] - 1) : date('Y-m-d H:i:s', $calendarData['end'])) . "',\n\t\t\t\t\t\tfulldayevent\t= " . (int) $calendarData['fullday'] . ",\n\t\t\t\t\t\tlocation \t\t= '" . $this->db->escape($calendarData['location']) . "',\n\t\t\t\t\t\tpriority \t\t= '" . $this->db->escape($calendarData['priority']) . "',\n\t\t\t\t\t\ttransparency \t= '" . $this->db->escape($calendarData['transparency']) . "',\n\t\t\t\t\t\tnote \t\t\t= '" . $this->db->escape($calendarData['note']) . "',\n\t\t\t\t\t\tpercent \t\t= " . (int) $calendarData['percent'] . ",\n\t\t\t\t\t\tfk_user_mod\t\t= '" . (int) $this->user->id . "',\n\t\t\t\t\t\tdurationp\t\t= " . ($calendarData['end'] - $calendarData['fullday'] - $calendarData['start']) . ",\n\t\t\t\t\t\ttms\t\t\t\t= NOW()\n\t\t\t\t\tWHERE id = " . (int) $calendarData['id'];
$this->db->query($sql);
return;
}
示例12: importUser
public static function importUser($affiliate_id, $install_db)
{
// Grab user from directtrack db.
//$s_addcode = db::escape($pub);
$user = db::getRow("select * from prosper_master.affiliates WHERE affiliate_id='{$affiliate_id}'");
//md5 the user pass with salt
$user_pass = salt_user_pass($_SESSION['login_pass']);
$mysql['user_pass'] = db::escape($user_pass);
//insert this user
$user_sql = " \tINSERT INTO {$install_db}.`202_users`\n\t\t\t\t\t \tSET\tuser_email='" . $user['email'] . "',\n\t\t\t\t\t \t\tuser_name='" . $user['addCode'] . "',\n\t\t\t\t\t \t\tuser_pass='" . $mysql['user_pass'] . "',\n\t\t\t\t\t \t\taddCode='" . $user['addCode'] . "',\n\t\t\t\t\t \t\tuser_timezone='-5',\n\t\t\t\t\t \t\tuser_time_register=NOW()";
//die($user_sql);
$user_result = db::execute($user_sql);
$user_id = mysql_insert_id(db::$db_write);
$mysql['user_id'] = db::escape($user_id);
$mysql['affiliate_id'] = $user['affiliate_id'];
$md5token = md5(serialize($user) . uniqid());
$_SESSION['authtoken'] = $md5token;
db::execute("insert into prosper_master.login_tokens(affiliate_id, user_id, user_name, token)\n\t\t values ('" . $mysql['affiliate_id'] . "', '" . $mysql['user_id'] . "', '" . $user['addCode'] . "', '" . $md5token . "');");
//update user preference table
$user_sql = "INSERT INTO {$install_db}.`202_users_pref` SET user_id='" . $mysql['user_id'] . "'";
$user_result = db::execute($user_sql);
}
示例13: validatePassword
$db_root->query('SET PASSWORD FOR `' . $db_root->escape($result['databasename']) . '`@`%` = \'' . $current_password['password'] . '\'', false, true);
} else {
$db_root->query('REVOKE ALL PRIVILEGES ON * . * FROM `' . $db_root->escape($result['databasename']) . '`@`%`', false, true);
$db_root->query('REVOKE ALL PRIVILEGES ON `' . str_replace('_', '\\_', $db_root->escape($result['databasename'])) . '` . * FROM `' . $db_root->escape($result['databasename']) . '`@`%`', false, true);
$db_root->query('DELETE FROM `mysql`.`user` WHERE `User` = "' . $db_root->escape($result['databasename']) . '" AND `Host` = "%"', false, true);
}
$db_root->query('FLUSH PRIVILEGES');
$db_root->close();
if ($password != '') {
// validate password
$password = validatePassword($password);
$access_result = $db->query_first('SELECT `allow_external_access` FROM `' . TABLE_PANEL_DATABASES . '` WHERE `customerid`="' . (int) $userinfo['customerid'] . '" AND `id`="' . (int) $id . '"');
// Begin root-session
$db_root = new db($sql_root[$result['dbserver']]['host'], $sql_root[$result['dbserver']]['user'], $sql_root[$result['dbserver']]['password'], '');
foreach (array_map('trim', explode(',', $settings['system']['mysql_access_host'])) as $mysql_access_host) {
$db_root->query('SET PASSWORD FOR `' . $db_root->escape($result['databasename']) . '`@`' . $db_root->escape($mysql_access_host) . '` = PASSWORD(\'' . $db_root->escape($password) . '\')');
}
//if ($access_result['allow_external_access'] == '1' && $_POST['mysql_allow_external_access'] == '1') {
if ($external_access_val == '1') {
$db_root->query('SET PASSWORD FOR `' . $db_root->escape($result['databasename']) . '`@`%` = PASSWORD(\'' . $db_root->escape($password) . '\')');
}
$db_root->query('FLUSH PRIVILEGES');
$db_root->close();
// End root-session
}
// Update the Database description -- PH 2004-11-29
$log->logAction(USR_ACTION, LOG_INFO, "edited database '" . $result['databasename'] . "'");
$databasedescription = validate($_POST['description'], 'description');
$db->query('UPDATE `' . TABLE_PANEL_DATABASES . '` SET `description`="' . $db->escape($databasedescription) . '", `allow_external_access`="' . $external_access_val . '" WHERE `customerid`="' . (int) $userinfo['customerid'] . '" AND `id`="' . (int) $id . '"');
redirectTo($filename, array('page' => $page, 's' => $s));
} else {
示例14:
$sql_query = split_sql_file($sql_query, ';');
for ($i = 0; $i < sizeof($sql_query); ++$i) {
if (trim($sql_query[$i]) != '') {
$result = $db->query($sql_query[$i]);
}
}
status_message('green', 'OK');
status_message('begin', 'System Servername...');
if (validate_ip($_SERVER['SERVER_NAME'], true) !== false) {
status_message('red', $lng['install']['servername_should_be_fqdn']);
} else {
status_message('green', 'OK');
}
//now let's change the settings in our settings-table
status_message('begin', $lng['install']['changing_data']);
$db->query('UPDATE `' . TABLE_PANEL_SETTINGS . "` SET `value` = 'admin@" . $db->escape($servername) . "' WHERE `settinggroup` = 'panel' AND `varname` = 'adminmail'");
$db->query('UPDATE `' . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($serverip) . "' WHERE `settinggroup` = 'system' AND `varname` = 'ipaddress'");
$db->query('UPDATE `' . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($servername) . "' WHERE `settinggroup` = 'system' AND `varname` = 'hostname'");
$db->query('UPDATE `' . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($dbversion) . "' WHERE `settinggroup` = 'system' AND `varname` = 'dbversion'");
$db->query('UPDATE `' . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($languages[$language]) . "' WHERE `settinggroup` = 'panel' AND `varname` = 'standardlanguage'");
$db->query('UPDATE `' . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($mysql_access_host) . "' WHERE `settinggroup` = 'system' AND `varname` = 'mysql_access_host'");
$db->query('UPDATE `' . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($webserver) . "' WHERE `settinggroup` = 'system' AND `varname` = 'webserver'");
$db->query('UPDATE `' . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($webserver) . "' WHERE `settinggroup` = 'system' AND `varname` = 'webserver'");
//FIXME
$db->query('UPDATE `' . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($httpuser) . "' WHERE `settinggroup` = 'system' AND `varname` = 'httpuser'");
$db->query('UPDATE `' . TABLE_PANEL_SETTINGS . "` SET `value` = '" . $db->escape($httpgroup) . "' WHERE `settinggroup` = 'system' AND `varname` = 'httpgroup'");
if ($webserver == 'apache2') {
$db->query('UPDATE `' . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/apache2/sites-enabled/' WHERE `settinggroup` = 'system' AND `varname` = 'apacheconf_vhost'");
$db->query('UPDATE `' . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/apache2/sites-enabled/' WHERE `settinggroup` = 'system' AND `varname` = 'apacheconf_diroptions'");
$db->query('UPDATE `' . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/apache2/syscp-htpasswd/' WHERE `settinggroup` = 'system' AND `varname` = 'apacheconf_htpasswddir'");
$db->query('UPDATE `' . TABLE_PANEL_SETTINGS . "` SET `value` = '/etc/init.d/apache2 reload' WHERE `settinggroup` = 'system' AND `varname` = 'apachereload_command'");
示例15:
if ($oDB->in_table('tweets', 'tweet_id=' . $tweet_id)) {
continue;
}
// Gather tweet data from the JSON object
// $oDB->escape() escapes ' and " characters, and blocks characters that
// could be used in a SQL injection attempt
if (isset($tweet_object->retweeted_status)) {
// This is a retweet
// Use the original tweet's entities, they are more complete
$entities = $tweet_object->retweeted_status->entities;
$is_rt = 1;
} else {
$entities = $tweet_object->entities;
$is_rt = 0;
}
$tweet_text = $oDB->escape($tweet_object->text);
$created_at = $oDB->date($tweet_object->created_at);
if (isset($tweet_object->geo)) {
$geo_lat = $tweet_object->geo->coordinates[0];
$geo_long = $tweet_object->geo->coordinates[1];
} else {
$geo_lat = $geo_long = 0;
}
$user_object = $tweet_object->user;
$user_id = $user_object->id_str;
$screen_name = $oDB->escape($user_object->screen_name);
$name = $oDB->escape($user_object->name);
$profile_image_url = $user_object->profile_image_url;
// Add a new user row or update an existing one
$field_values = 'screen_name = "' . $screen_name . '", ' . 'profile_image_url = "' . $profile_image_url . '", ' . 'user_id = ' . $user_id . ', ' . 'name = "' . $name . '", ' . 'location = "' . $oDB->escape($user_object->location) . '", ' . 'url = "' . $user_object->url . '", ' . 'description = "' . $oDB->escape($user_object->description) . '", ' . 'created_at = "' . $oDB->date($user_object->created_at) . '", ' . 'followers_count = ' . $user_object->followers_count . ', ' . 'friends_count = ' . $user_object->friends_count . ', ' . 'statuses_count = ' . $user_object->statuses_count . ', ' . 'time_zone = "' . $user_object->time_zone . '", ' . 'last_update = "' . $oDB->date($tweet_object->created_at) . '"';
if ($oDB->in_table('users', 'user_id="' . $user_id . '"')) {