当前位置: 首页>>代码示例>>PHP>>正文


PHP misc::make_db_extra_safe方法代码示例

本文整理汇总了PHP中misc::make_db_extra_safe方法的典型用法代码示例。如果您正苦于以下问题:PHP misc::make_db_extra_safe方法的具体用法?PHP misc::make_db_extra_safe怎么用?PHP misc::make_db_extra_safe使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在misc的用法示例。


在下文中一共展示了misc::make_db_extra_safe方法的7个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: misc

 function delete_user($user_id)
 {
     global $conn, $config, $lang;
     require_once $config['basepath'] . '/include/misc.inc.php';
     $misc = new misc();
     // Set Variable to hold errors
     $errors = '';
     // Verify ID is Numeric
     if (!is_numeric($user_id)) {
         return $lang['user_manager_invalid_user_id'];
     }
     if ($config['demo_mode'] == 1 && $_SESSION['admin_privs'] != 'yes') {
         return $lang['demo_mode'] . ' - ' . $lang['user_manager_permission_denied'] . '<br />';
     }
     // Admins can delte any user. Anyone can delte there own information as this is needed for updates.
     if ($_SESSION['admin_privs'] == 'yes' && $user_id != '') {
         $sql_delete = $misc->make_db_extra_safe($user_id);
     } elseif ($_SESSION['admin_privs'] == 'yes' && $user_id == '' || $_SESSION['userID'] == $user_id) {
         $sql_delete = $misc->make_db_extra_safe($_SESSION['userID']);
     } else {
         return $lang['user_manager_permission_denied'];
     }
     // delete the user
     $sql = 'DELETE FROM ' . $config['table_prefix'] . 'userdb WHERE userdb_id = ' . $sql_delete;
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     // delete all the elements associated with the user
     $sql = 'DELETE FROM ' . $config['table_prefix'] . 'userdbelements WHERE userdb_id = ' . $sql_delete;
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     // delete all the listings associated with a user
     $sql = 'DELETE FROM ' . $config['table_prefix'] . 'listingsdb WHERE (userdb_ID = ' . $sql_delete . ')';
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     // delete all the elements associated with a user
     $sql = 'DELETE FROM ' . $config['table_prefix'] . 'listingsdbelements WHERE (userdb_id = ' . $sql_delete . ')';
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     // delete all the favorites associated with a user
     $sql = 'DELETE FROM ' . $config['table_prefix'] . 'userfavoritelistings WHERE (userdb_id = ' . $sql_delete . ')';
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     // delete all the saved searches associated with a user
     $sql = 'DELETE FROM ' . $config['table_prefix'] . 'usersavedsearches WHERE (userdb_id = ' . $sql_delete . ')';
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     // now get all the images associated with a user's listings
     $sql = 'SELECT listingsimages_file_name, listingsimages_thumb_file_name FROM ' . $config['table_prefix'] . 'listingsimages WHERE (userdb_id = ' . $sql_delete . ')';
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     // so, you've got 'em... it's time to unlink those bad boys...
     while (!$recordSet->EOF) {
         $thumb_file_name = $misc->make_db_unsafe($recordSet->fields['listingsimages_thumb_file_name']);
         $file_name = $misc->make_db_unsafe($recordSet->fields['listingsimages_file_name']);
         // get rid of those darned things...
         if (!unlink($config['listings_upload_path'] . '/' . $file_name)) {
             $errors .= $lang['user_manager_failed_to_delete'] . ' ' . $config['listings_upload_path'] . '/' . $file_name . '<br />';
         }
         if ($file_name != $thumb_file_name) {
             if (!unlink($config['listings_upload_path'] . '/' . $thumb_file_name)) {
                 $errors .= $lang['user_manager_failed_to_delete'] . ' ' . $config['listings_upload_path'] . '/' . $thumb_file_name . '<br />';
             }
         }
         $recordSet->MoveNext();
     }
     // delete all the saved images associated with a user from listingimages
     $sql = 'DELETE FROM ' . $config['table_prefix'] . 'listingsimages WHERE (userdb_id = ' . $sql_delete . ')';
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     // it's time to do the same for all the images associated with the user himself
     $sql = 'SELECT userimages_file_name, userimages_thumb_file_name FROM ' . $config['table_prefix'] . 'userimages WHERE (userdb_id = ' . $sql_delete . ')';
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     while (!$recordSet->EOF) {
         $thumb_file_name = $misc->make_db_unsafe($recordSet->fields['userimages_thumb_file_name']);
         $file_name = $misc->make_db_unsafe($recordSet->fields['userimages_file_name']);
         // get rid of those darned things...
         if (!unlink($config['user_upload_path'] . '/' . $file_name)) {
             $errors .= $lang['user_manager_failed_to_delete'] . ' ' . $config['user_upload_path'] . '/' . $file_name . '<br />';
         }
         if ($file_name != $thumb_file_name) {
             if (!unlink($config['user_upload_path'] . '/' . $thumb_file_name)) {
//.........这里部分代码省略.........
开发者ID:henryhe514,项目名称:ChineseCommercial,代码行数:101,代码来源:user_manager.inc.php

示例2: get_featured

 public static function get_featured($listing_id, $raw)
 {
     global $conn, $config;
     require_once $config['basepath'] . '/include/misc.inc.php';
     $misc = new misc();
     $listing_id = $misc->make_db_extra_safe($listing_id);
     $sql = "SELECT listingsdb_featured FROM " . $config['table_prefix'] . "listingsdb WHERE listingsdb_id = {$listing_id}";
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     $featured = $recordSet->fields['listingsdb_featured'];
     if ($raw == 'no') {
         if ($featured == 'yes') {
             $featured = 'featured';
         } else {
             $featured = '';
         }
     }
     return $featured;
 }
开发者ID:josegonzalez,项目名称:php-openrealty,代码行数:21,代码来源:listing.inc.php

示例3: rendervtourlink

 function rendervtourlink($listingID, $use_small_image = false)
 {
     // shows the images connected to a given image
     global $config, $lang, $conn;
     require_once $config['basepath'] . '/include/misc.inc.php';
     $misc = new misc();
     // grab the images
     $listingID_sql = $misc->make_db_extra_safe($listingID);
     $output = '';
     // $sql = "SELECT vtourimages_id FROM " . $config['table_prefix'] . "vtourimages WHERE (listingsdb_id = $listingID_sql) ORDER BY vtourimages_rank";
     $sql = "SELECT vtourimages_file_name FROM " . $config['table_prefix'] . "vtourimages WHERE (listingsdb_id = {$listingID_sql}) ORDER BY vtourimages_rank";
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     $num_images = $recordSet->RecordCount();
     if ($num_images > 0) {
         while (!$recordSet->EOF) {
             $file_name = $misc->make_db_unsafe($recordSet->fields['vtourimages_file_name']);
             $ext = substr(strrchr($file_name, '.'), 1);
             $recordSet->MoveNext();
         }
         // end while
         if ($ext == 'jpg' || $ext == 'egg') {
             // if it's a supported VTour then display the link button
             if ($use_small_image === true) {
                 $image = 'vtourbuttonsmall.jpg';
             } else {
                 $image = 'vtourbutton.jpg';
             }
             if (file_exists($config['template_path'] . '/images/' . $image)) {
                 $output .= '<a href="index.php?action=show_vtour&amp;popup=blank&amp;listingID=' . $listingID . '" onclick="window.open(\'index.php?action=show_vtour&amp;popup=blank&amp;listingID=' . $listingID . '\',\'\',\'width=' . $config['vt_popup_width'] . ',height=' . $config['vt_popup_height'] . '\');return false;"><img src="' . $config['template_url'] . '/images/' . $image . '" alt="' . $lang['click_here_for_vtour'] . '" /></a>';
             } else {
                 $output = '<a href="index.php?action=show_vtour&amp;popup=blank&amp;listingID=' . $listingID . '" onclick="window.open(\'index.php?action=show_vtour&amp;popup=blank&amp;listingID=' . $listingID . '\',\'\',\'width=' . $config['vt_popup_width'] . ',height=' . $config['vt_popup_height'] . '\');return false;">' . $lang['click_here_for_vtour'] . '</a>';
             }
         }
         //end if it's a supported VTour
     }
     // end if ($num_images > 0)
     return $output;
 }
开发者ID:henryhe514,项目名称:ChineseCommercial,代码行数:41,代码来源:vtour.inc.php

示例4: misc

 function determine_user_formtype($userID)
 {
     global $conn, $config;
     require_once $config['basepath'] . '/include/misc.inc.php';
     $misc = new misc();
     $userID = $misc->make_db_extra_safe($userID);
     $sql = "SELECT userdb_is_agent, userdb_is_admin FROM " . $config['table_prefix'] . "userdb where userdb_id = {$userID}";
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     $edit_isAgent = $misc->make_db_unsafe($recordSet->fields['userdb_is_agent']);
     $edit_isAdmin = $misc->make_db_unsafe($recordSet->fields['userdb_is_admin']);
     if ($edit_isAgent == "yes" || $edit_isAdmin == "yes") {
         $formDB = 'agentformelements';
     } else {
         $formDB = 'memberformelements';
     }
     return $formDB;
 }
开发者ID:henryhe514,项目名称:ChineseCommercial,代码行数:20,代码来源:user.inc.php

示例5: misc


//.........这里部分代码省略.........
             }
         } elseif ($sortby_array[$x] == 'random') {
             if ($x == 0) {
                 $order_text .= 'ORDER BY rand() ' . $sorttype_array[$x];
             } else {
                 $order_text .= ',rand() ' . $sorttype_array[$x];
             }
         } elseif ($sortby_array[$x] == 'listingsdb_featured') {
             if ($x == 0) {
                 $order_text .= 'ORDER BY listingsdb_featured ' . $sorttype_array[$x];
             } else {
                 $order_text .= ',listingsdb_featured ' . $sorttype_array[$x];
             }
         } elseif ($sortby_array[$x] == 'listingsdb_last_modified') {
             if ($x == 0) {
                 $order_text .= 'ORDER BY listingsdb_last_modified ' . $sorttype_array[$x];
             } else {
                 $order_text .= ',listingsdb_last_modified ' . $sorttype_array[$x];
             }
         } elseif ($sortby_array[$x] == 'pclass') {
             if ($searchresultSQL != '') {
                 $searchresultSQL .= ' AND ';
             }
             $searchresultSQL .= $config['table_prefix_no_lang'] . 'classlistingsdb.listingsdb_id = ' . $config['table_prefix'] . 'listingsdb.listingsdb_id AND ' . $config['table_prefix_no_lang'] . 'classlistingsdb.class_id = ' . $config['table_prefix'] . 'class.class_id ';
             $tablelist_fullname[] = $config['table_prefix_no_lang'] . "classlistingsdb";
             $tablelist_fullname[] = $config['table_prefix'] . 'class';
             if ($x == 0) {
                 $order_text .= 'ORDER BY ' . $config['table_prefix'] . 'class.class_name ' . $sorttype_array[$x];
             } else {
                 $order_text .= ',' . $config['table_prefix'] . 'class.class_name ' . $sorttype_array[$x];
             }
         } else {
             // Check if field is a number or price field and cast the order.
             $sort_by_field = $misc->make_db_extra_safe($sortby_array[$x]);
             $sql_sort_type = 'SELECT listingsformelements_field_type FROM ' . $config['table_prefix'] . 'listingsformelements WHERE listingsformelements_field_name = ' . $sort_by_field;
             $recordSet_sort_type = $conn->Execute($sql_sort_type);
             if (!$recordSet_sort_type) {
                 $misc->log_error($sql_sort_type);
             }
             $field_type = $recordSet_sort_type->fields['listingsformelements_field_type'];
             if ($field_type == 'price' || $field_type == 'number' || $field_type == 'decimal') {
                 $tablelist[] = 'sort' . $x;
                 $sort_text .= 'AND (sort' . $x . '.listingsdbelements_field_name = ' . $sort_by_field . ') ';
                 global $db_type;
                 if ($db_type == 'mysql') {
                     if ($x == 0) {
                         $order_text .= ' ORDER BY CAST(sort' . $x . '.listingsdbelements_field_value as signed) ' . $sorttype_array[$x];
                         $group_order_text .= ',sort' . $x . '.listingsdbelements_field_value';
                     } else {
                         $order_text .= ',CAST(sort' . $x . '.listingsdbelements_field_value as signed) ' . $sorttype_array[$x];
                         $group_order_text .= ',sort' . $x . '.listingsdbelements_field_value';
                     }
                 } else {
                     if ($x == 0) {
                         $order_text .= ' ORDER BY CAST(sort' . $x . '.listingsdbelements_field_value as int4) ' . $sorttype_array[$x];
                         $group_order_text .= ',sort' . $x . '.listingsdbelements_field_value';
                     } else {
                         $order_text .= ',CAST(sort' . $x . '.listingsdbelements_field_value as int4) ' . $sorttype_array[$x];
                         $group_order_text .= ',sort' . $x . '.listingsdbelements_field_value';
                     }
                 }
             } else {
                 $tablelist[] = 'sort' . $x;
                 $sort_text .= 'AND (sort' . $x . '.listingsdbelements_field_name = ' . $sort_by_field . ') ';
                 if ($x == 0) {
                     $order_text .= ' ORDER BY sort' . $x . '.listingsdbelements_field_value ' . $sorttype_array[$x];
开发者ID:henryhe514,项目名称:ChineseCommercial,代码行数:67,代码来源:search.inc.php

示例6: renderListingsImagesJavaRows

 function renderListingsImagesJavaRows($listingID, $mouseover = 'no')
 {
     // shows the images connected to a given image
     global $config, $lang, $conn, $style;
     require_once $config['basepath'] . '/include/misc.inc.php';
     $misc = new misc();
     // grab the images
     $var_reset = 1;
     // Reset the var (counter) (DO NOT CHANGE)
     $user_col_max = $config['number_columns'];
     // How Many To show Per Row
     $listingID = $misc->make_db_extra_safe($listingID);
     $sql = "SELECT listingsimages_caption, listingsimages_file_name, listingsimages_thumb_file_name, listingsimages_description FROM " . $config['table_prefix'] . "listingsimages WHERE (listingsdb_id = {$listingID}) ORDER BY listingsimages_rank";
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     $display = '';
     $num_images = $recordSet->RecordCount();
     if ($num_images > 0) {
         $display .= '<table id="imagerows">';
         while (!$recordSet->EOF) {
             $caption = $misc->make_db_unsafe($recordSet->fields['listingsimages_caption']);
             $thumb_file_name = $misc->make_db_unsafe($recordSet->fields['listingsimages_thumb_file_name']);
             $file_name = $misc->make_db_unsafe($recordSet->fields['listingsimages_file_name']);
             $description = $misc->make_db_unsafe($recordSet->fields['listingsimages_description']);
             $description = str_replace('"', '&quot;', $description);
             $caption = str_replace('"', '&quot;', $caption);
             // gotta grab the image size
             $thumb_imagedata = GetImageSize("{$config['listings_upload_path']}/{$thumb_file_name}");
             $thumb_imagewidth = $thumb_imagedata[0];
             $thumb_imageheight = $thumb_imagedata[1];
             $thumb_max_width = $config['thumbnail_width'];
             $thumb_max_height = $config['thumbnail_height'];
             $resize_by = $config['resize_thumb_by'];
             $shrinkage = 1;
             if ($thumb_max_width == $thumb_imagewidth || $thumb_max_height == $thumb_imageheight) {
                 $thumb_displaywidth = $thumb_imagewidth;
                 $thumb_displayheight = $thumb_imageheight;
             } else {
                 if ($resize_by == 'width') {
                     $shrinkage = $thumb_imagewidth / $thumb_max_width;
                     $thumb_displaywidth = $thumb_max_width;
                     $thumb_displayheight = round($thumb_imageheight / $shrinkage);
                 } elseif ($resize_by == 'height') {
                     $shrinkage = $thumb_imageheight / $thumb_max_height;
                     $thumb_displayheight = $thumb_max_height;
                     $thumb_displaywidth = round($thumb_imagewidth / $shrinkage);
                 } elseif ($resize_by == 'both') {
                     $thumb_displayheight = $thumb_max_height;
                     $thumb_displaywidth = $thumb_max_width;
                 }
             }
             if ($var_reset == 1) {
                 $display .= "<tr>";
             }
             if ($caption == '') {
                 $caption = $thumb_file_name;
             }
             if ($mouseover == 'no') {
                 $display .= "<td><a href=\"javascript:imgchange('{$file_name}','" . addslashes($caption) . "','" . addslashes($description) . "')\"> ";
                 $display .= "<img src=\"{$config['listings_view_images_path']}/{$thumb_file_name}\" height=\"{$thumb_displayheight}\" width=\"{$thumb_displaywidth}\" alt=\"{$caption}\" /></a>";
                 $display .= "</td>";
             } else {
                 $display .= '<td><img src="' . $config[listings_view_images_path] . '/' . $thumb_file_name . '" height="' . $thumb_displayheight . '" width="' . $thumb_displaywidth . '" alt="' . $caption . '" onmouseover="imgchange(\'' . $file_name . '\',\'' . addslashes($caption) . '\',\'' . addslashes($description) . '\')" /></td>';
             }
             if ($var_reset == $user_col_max) {
                 $display .= "</tr>";
                 $var_reset = 1;
             } else {
                 $var_reset++;
             }
             $recordSet->MoveNext();
         }
         // end while
         if ($var_reset != 1) {
             $display .= "</tr>";
         }
         $display .= "</table>";
     } else {
         if ($config['show_no_photo'] == 1) {
             $display .= '<table id="imagerows">';
             $display .= "<tr><td><img src=\"{$config['baseurl']}/images/nophoto.gif\" width=\"{$config['thumbnail_width']}\" alt=\"{$lang['no_photo']}\" /></td></tr></table>";
         }
     }
     return $display;
 }
开发者ID:schappaughc,项目名称:iitmapas,代码行数:87,代码来源:images.inc.php

示例7: misc

 function create_download($ID, $file_id, $type)
 {
     global $config, $conn;
     require_once $config['basepath'] . '/include/misc.inc.php';
     $misc = new misc();
     $folderid = $ID;
     $ID = $misc->make_db_extra_safe($ID);
     $fileID = $misc->make_db_extra_safe($file_id);
     if ($type == 'listing') {
         $file_upload_path = $config['listings_file_upload_path'];
         $file_view_path = $config['listings_view_file_path'];
         $sqltype = 'listings';
     } else {
         $file_upload_path = $config['users_file_upload_path'];
         $file_view_path = $config['users_view_file_path'];
         $sqltype = 'user';
     }
     $sql = "SELECT DISTINCT " . $type . "sfiles_file_name FROM " . $config['table_prefix'] . "" . $type . "sfiles WHERE (" . $sqltype . "db_id = {$ID}) AND (" . $type . "sfiles_id = " . $fileID . ") ORDER BY " . $type . "sfiles_rank";
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     while (!$recordSet->EOF) {
         $file_filename = $misc->make_db_unsafe($recordSet->fields[$type . 'sfiles_file_name']);
         $recordSet->MoveNext();
     }
     $fullPath = $file_upload_path . '/' . $folderid . '/' . $file_filename;
     if ($fd = fopen($fullPath, "r")) {
         $fsize = filesize($fullPath);
         $path_parts = pathinfo($fullPath);
         header("Content-type: application/octet-stream");
         header("Content-Disposition: attachment; filename=\"" . $path_parts["basename"] . "\"");
         header("Content-length: {$fsize}");
         header("Cache-control: private");
         //use this to open files directly
         while (!feof($fd)) {
             $buffer = fread($fd, 2048);
             echo $buffer;
         }
     }
     fclose($fd);
 }
开发者ID:josegonzalez,项目名称:php-openrealty,代码行数:42,代码来源:files.inc.php


注:本文中的misc::make_db_extra_safe方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。