当前位置: 首页>>代码示例>>PHP>>正文


PHP misc::make_db_unsafe方法代码示例

本文整理汇总了PHP中misc::make_db_unsafe方法的典型用法代码示例。如果您正苦于以下问题:PHP misc::make_db_unsafe方法的具体用法?PHP misc::make_db_unsafe怎么用?PHP misc::make_db_unsafe使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在misc的用法示例。


在下文中一共展示了misc::make_db_unsafe方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: intval

 function edit_post_comments()
 {
     global $conn, $lang, $config;
     $security = login::loginCheck('can_access_blog_manager', true);
     $display = '';
     $blog_user_type = intval($_SESSION['blog_user_type']);
     if ($security === true) {
         require_once $config['basepath'] . '/include/misc.inc.php';
         $misc = new misc();
         //Load the Core Template
         require_once $config['basepath'] . '/include/class/template/core.inc.php';
         $page = new page_user();
         require_once $config['basepath'] . '/include/user.inc.php';
         $userclass = new user();
         require_once $config['basepath'] . '/include/blog_functions.inc.php';
         $blog_functions = new blog_functions();
         //Load TEmplate File
         $page->load_page($config['admin_template_path'] . '/blog_edit_comments.html');
         // Do we need to save?
         if (isset($_GET['id'])) {
             $post_id = intval($_GET['id']);
             //Get Blog Post Information
             $blog_title = $blog_functions->get_blog_title($post_id);
             $page->page = $page->parse_template_section($page->page, 'blog_title', $blog_title);
             $blog_author = $blog_functions->get_blog_author($post_id);
             $page->page = $page->parse_template_section($page->page, 'blog_author', $blog_author);
             $blog_date_posted = $blog_functions->get_blog_date($post_id);
             $page->page = $page->parse_template_section($page->page, 'blog_date_posted', $blog_date_posted);
             //Handle any deletions and comment approvals before we load the comments
             if (isset($_GET['caction']) && $_GET['caction'] == 'delete') {
                 if (isset($_GET['cid'])) {
                     $cid = intval($_GET['cid']);
                     //Do permission checks.
                     if ($blog_user_type < 4) {
                         //Throw Error
                         $display .= '<div class="error_message">' . $lang['blog_permission_denied'] . '</div><br />';
                         unset($_GET['caction']);
                         $display .= $this->edit_post_comments();
                         return $display;
                     }
                     //Delete
                     $sql = 'DELETE FROM ' . $config['table_prefix'] . 'blogcomments WHERE blogcomments_id = ' . $cid . ' AND blogmain_id = ' . $post_id;
                     //Load Record Set
                     $recordSet = $conn->Execute($sql);
                     if (!$recordSet) {
                         $misc->log_error($sql);
                     }
                 }
             }
             if (isset($_GET['caction']) && $_GET['caction'] == 'approve') {
                 if (isset($_GET['cid'])) {
                     $cid = intval($_GET['cid']);
                     //Do permission checks.
                     if ($blog_user_type < 4) {
                         //Throw Error
                         $display .= '<div class="error_message">' . $lang['blog_permission_denied'] . '</div><br />';
                         unset($_GET['caction']);
                         $display .= $this->edit_post_comments();
                         return $display;
                     }
                     //Delete
                     $sql = 'UPDATE ' . $config['table_prefix'] . 'blogcomments SET blogcomments_moderated = 1 WHERE blogcomments_id = ' . $cid . ' AND blogmain_id = ' . $post_id;
                     //Load Record Set
                     $recordSet = $conn->Execute($sql);
                     if (!$recordSet) {
                         $misc->log_error($sql);
                     }
                 }
             }
             //Ok Load the comments.
             $sql = 'SELECT * FROM ' . $config['table_prefix'] . 'blogcomments WHERE blogmain_id = ' . $post_id . ' ORDER BY blogcomments_timestamp ASC';
             //Load Record Set
             $recordSet = $conn->Execute($sql);
             if (!$recordSet) {
                 $misc->log_error($sql);
             }
             //Handle Next prev
             $num_rows = $recordSet->RecordCount();
             if (!isset($_GET['cur_page'])) {
                 $_GET['cur_page'] = 0;
             }
             $limit_str = $_GET['cur_page'] * $config['listings_per_page'];
             $recordSet = $conn->SelectLimit($sql, $config['listings_per_page'], $limit_str);
             if ($recordSet === false) {
                 $misc->log_error($sql);
             }
             $blog_comment_template = '';
             while (!$recordSet->EOF) {
                 //Load DB Values
                 $comment_author_id = $misc->make_db_unsafe($recordSet->fields['userdb_id']);
                 $blogcomments_id = $misc->make_db_unsafe($recordSet->fields['blogcomments_id']);
                 $blogcomments_moderated = $misc->make_db_unsafe($recordSet->fields['blogcomments_moderated']);
                 $blogcomments_timestamp = $misc->make_db_unsafe($recordSet->fields['blogcomments_timestamp']);
                 $blogcomments_text = html_entity_decode($misc->make_db_unsafe($recordSet->fields['blogcomments_text']), ENT_NOQUOTES, $config['charset']);
                 //Load Template Block
                 $blog_comment_template .= $page->get_template_section('blog_article_comment_item_block');
                 //Lookup Blog Author..
                 $author_type = $userclass->get_user_type($comment_author_id);
                 if ($author_type == 'member') {
                     $author_display = $userclass->get_user_name($comment_author_id);
//.........这里部分代码省略.........
开发者ID:henryhe514,项目名称:ChineseCommercial,代码行数:101,代码来源:blog_editor.inc.php

示例2: getListingEmail

 public static function getListingEmail($listingID, $value_only = false)
 {
     // get the email address for the person who posted a listing
     global $conn, $lang, $config;
     require_once $config['basepath'] . '/include/misc.inc.php';
     $misc = new misc();
     $listingID = $misc->make_db_extra_safe($listingID);
     $sql = "SELECT userdb_emailaddress FROM " . $config['table_prefix'] . "listingsdb, " . $config['table_prefix'] . "userdb WHERE ((listingsdb_id = {$listingID}) AND (" . $config['table_prefix'] . "userdb.userdb_id = " . $config['table_prefix'] . "listingsdb.userdb_id))";
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     // return the email address
     while (!$recordSet->EOF) {
         $listing_emailAddress = $misc->make_db_unsafe($recordSet->fields['userdb_emailaddress']);
         $recordSet->MoveNext();
     }
     // end while
     if ($value_only === true) {
         $display = "{$listing_emailAddress}";
     } else {
         $display = "<b>{$lang['user_email']}:</b> <a href=\"mailto:{$listing_emailAddress}\">{$listing_emailAddress}</a><br />";
     }
     return $display;
 }
开发者ID:josegonzalez,项目名称:php-openrealty,代码行数:25,代码来源:listing.inc.php

示例3: display

 function display()
 {
     global $conn, $config, $lang;
     require_once $config['basepath'] . '/include/misc.inc.php';
     $misc = new misc();
     // Make Sure we passed the PageID
     $display = '';
     if (!isset($_GET['PageID'])) {
         $display .= "ERROR. PageID not sent";
     }
     $page_id = $misc->make_db_safe($_GET['PageID']);
     $display .= '<div class="page_display">';
     $sql = "SELECT pagesmain_full,pagesmain_id FROM " . $config['table_prefix'] . "pagesmain WHERE pagesmain_id=" . $page_id;
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     $full = html_entity_decode($misc->make_db_unsafe($recordSet->fields['pagesmain_full']), ENT_NOQUOTES, $config['charset']);
     //$full = $misc->make_db_unsafe($recordSet->fields['pagesmain_full']);
     $id = $recordSet->fields['pagesmain_id'];
     if ($config["wysiwyg_execute_php"] == 1) {
         ob_start();
         $full = str_replace("<!--<?php", "<?php", $full);
         $full = str_replace("?>-->", "?>", $full);
         eval('?>' . "{$full}" . '<?php ');
         $display .= ob_get_contents();
         ob_end_clean();
     } else {
         $display .= $full;
     }
     // Allow Admin To Edit #
     if (isset($_SESSION['editpages']) && $_SESSION['admin_privs'] == 'yes' && $config["wysiwyg_show_edit"] == 1) {
         $display .= "<p>&nbsp;</p>";
         $display .= "<a href=\"{$config['baseurl']}/admin/index.php?action=edit_page&amp;id={$id}\">{$lang['edit_html_from_site']}</a>";
     }
     $display .= '</div>';
     // parse page for template varibales
     require_once $config['basepath'] . '/include/class/template/core.inc.php';
     $template = new page_user();
     $template->page = $display;
     $template->replace_tags(array('templated_search_form', 'featured_listings_horizontal', 'featured_listings_vertical', 'company_name', 'link_printer_friendly'));
     $display = $template->return_page();
     return $display;
 }
开发者ID:schappaughc,项目名称:iitmapas,代码行数:44,代码来源:page_display.inc.php

示例4: goodvtour

 function goodvtour($listingID)
 {
     global $lang, $conn, $config, $jscript;
     require_once $config['basepath'] . '/include/misc.inc.php';
     $misc = new misc();
     $ext = 'bad';
     if (isset($_GET['listingID'])) {
         if ($_GET['listingID'] != "") {
             $listingID = intval($listingID);
             $sql = "SELECT vtourimages_file_name, vtourimages_rank FROM " . $config['table_prefix'] . "vtourimages WHERE (listingsdb_id = {$listingID}) ORDER BY vtourimages_rank";
             $recordSet = $conn->Execute($sql);
             if ($recordSet === false) {
                 $misc->log_error($sql);
             }
         }
         $num_images = $recordSet->RecordCount();
         if ($num_images > 0) {
             while (!$recordSet->EOF) {
                 $file_name = $misc->make_db_unsafe($recordSet->fields['vtourimages_file_name']);
                 $ext = substr(strrchr($file_name, '.'), 1);
                 $recordSet->MoveNext();
             }
             // end while
         }
         // end if ($num_images > 0)
     }
     if ($ext == 'jpg' || $ext == 'egg') {
         return true;
     } else {
         return false;
     }
 }
开发者ID:henryhe514,项目名称:ChineseCommercial,代码行数:32,代码来源:vtour.inc.php

示例5: misc

 function verify_email()
 {
     global $conn, $config, $lang;
     $display = '';
     require_once $config['basepath'] . '/include/misc.inc.php';
     $misc = new misc();
     if (isset($_GET['id']) && isset($_GET['key'])) {
         $userID = $misc->make_db_unsafe($_GET['id']);
         $sql = 'SELECT userdb_id, userdb_user_name, userdb_user_password, userdb_emailaddress, userdb_is_agent FROM ' . $config['table_prefix'] . 'userdb WHERE userdb_id = ' . $userID;
         $recordSet = $conn->Execute($sql);
         if ($recordSet === false) {
             $misc->log_error($sql);
         }
         $user_id = $misc->make_db_unsafe($recordSet->fields['userdb_id']);
         $user_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_name']);
         $user_pass = $misc->make_db_unsafe($recordSet->fields['userdb_user_password']);
         $emailAddress = $misc->make_db_unsafe($recordSet->fields['userdb_emailaddress']);
         if (md5($user_id . ':' . $emailAddress) == $_GET['key']) {
             $valid = true;
         }
         if ($recordSet->fields['userdb_is_agent'] == 'yes') {
             $type = 'agent';
         } else {
             $type = 'member';
         }
         if ($config['moderate_' . $type . 's'] == 0) {
             if ($type == 'agent') {
                 if ($config["agent_default_active"] == 0) {
                     $set_active = "no";
                 } else {
                     $set_active = "yes";
                 }
             } else {
                 $set_active = "yes";
             }
         } else {
             $set_active = "no";
         }
         $sql_set_active = $misc->make_db_safe($set_active);
         if ($valid == true) {
             if ($config['email_notification_of_new_users'] == 1) {
                 // if the site admin should be notified when a new user is added
                 $message = $_SERVER['REMOTE_ADDR'] . ' -- ' . date('F j, Y, g:i:s a') . "\r\n\r\n" . $lang['admin_new_user'] . ":\r\n" . $config['baseurl'] . '/admin/index.php?action=user_manager&edit=' . $userID . "\r\n";
                 $header = 'From: ' . $config['admin_name'] . ' <' . $config['admin_email'] . ">\r\n";
                 $header .= "X-Sender: {$config['admin_email']}\r\n";
                 $header .= "Return-Path: {$config['admin_email']}\r\n";
                 mail("{$config['admin_email']}", "{$lang['admin_new_user']}", $message, $header);
             }
             // end if
             $verified = $misc->make_db_safe('yes');
             $sql = 'UPDATE ' . $config['table_prefix'] . 'userdb SET userdb_active = ' . $sql_set_active . ', userdb_email_verified = ' . $verified . ' WHERE userdb_id = ' . $userID;
             $recordSet = $conn->Execute($sql);
             if ($recordSet === false) {
                 $misc->log_error($sql);
             }
             $display .= '<p class="notice">' . $lang['verify_email_thanks'] . '</p>';
             if ($config['moderate_' . $type . 's'] == 1) {
                 // if moderation is turned on...
                 $display .= '<p>' . $lang['admin_new_user_moderated'] . '</p>';
             } else {
                 //log the user in
                 $_SESSION['username'] = $user_name;
                 $_SESSION['userpassword'] = $user_pass;
                 login::loginCheck('Member');
                 $display .= '<p>' . $lang['you_may_now_view_priv'] . '</p>';
             }
         } else {
             $display .= '<p class="notice">' . $lang['verify_email_invalid_link'] . '</div>';
         }
     } else {
         $display .= '<p class="notice">' . $lang['verify_email_invalid_link'] . '</div>';
     }
     return $display;
 }
开发者ID:henryhe514,项目名称:ChineseCommercial,代码行数:74,代码来源:user_manager.inc.php

示例6: misc

 function create_vcard($user)
 {
     global $config, $conn;
     require_once $config['basepath'] . '/include/misc.inc.php';
     $misc = new misc();
     require_once $config['basepath'] . '/include/class/vcard/vcard.inc.php';
     $v = new vCard();
     $first = $this->get_user_first_name($user);
     $last = $this->get_user_last_name($user);
     $v->setName($last, $first);
     $sql = 'SELECT userdb_emailaddress FROM ' . $config['lang_table_prefix'] . 'userdb WHERE userdb_id=' . $user;
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     $email = $recordSet->fields['userdb_emailaddress'];
     $v->setEmail($email);
     $sql = $sql = "SELECT userdbelements_field_name,userdbelements_field_value FROM " . $config['lang_table_prefix'] . "userdbelements WHERE userdb_id=" . $user;
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     while (!$recordSet->EOF) {
         if ($recordSet->fields['userdbelements_field_name'] == $config['vcard_phone']) {
             $phone = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']);
             $v->setPhoneNumber($phone, "HOME;VOICE");
         } elseif ($recordSet->fields['userdbelements_field_name'] == $config['vcard_fax']) {
             $fax = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']);
             $v->setPhoneNumber($fax, "HOME;FAX");
         } elseif ($recordSet->fields['userdbelements_field_name'] == $config['vcard_mobile']) {
             $mobile = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']);
             $v->setPhoneNumber($mobile, "HOME;CELL");
         } elseif ($recordSet->fields['userdbelements_field_name'] == $config['vcard_notes']) {
             $notes = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']);
             $v->setNote($notes);
         } elseif ($recordSet->fields['userdbelements_field_name'] == $config['vcard_url']) {
             $url = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']);
             $v->setURL($url, "HOME");
         } elseif ($recordSet->fields['userdbelements_field_name'] == $config['vcard_address']) {
             $address = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']);
         } elseif ($recordSet->fields['userdbelements_field_name'] == $config['vcard_city']) {
             $city = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']);
         } elseif ($recordSet->fields['userdbelements_field_name'] == $config['vcard_state']) {
             $state = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']);
         } elseif ($recordSet->fields['userdbelements_field_name'] == $config['vcard_zip']) {
             $zip = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']);
         } elseif ($recordSet->fields['userdbelements_field_name'] == $config['vcard_country']) {
             $country = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']);
         }
         $v->setAddress("", "", $address, $city, $state, $zip, $country, "HOME;POSTAL");
         $recordSet->MoveNext();
     }
     $output = $v->getVCard();
     echo $output;
     $filename = $v->getFileName();
     Header("Content-Disposition: attachment; filename={$filename}");
     Header("Content-Length: " . strlen($output));
     Header("Connection: close");
     Header("Content-Type: text/x-vCard; name={$filename}");
 }
开发者ID:henryhe514,项目名称:ChineseCommercial,代码行数:60,代码来源:user.inc.php

示例7: misc

 /**
  * delete_listing()
  *
  * @param  $id
  * @param boolean $verify_user
  * @return
  */
 function delete_listing($id, $verify_user = true)
 {
     global $conn, $lang, $config;
     require_once $config['basepath'] . '/include/misc.inc.php';
     $misc = new misc();
     $display = '';
     if (!is_numeric($id)) {
         die($lang['data type mismatch']);
     }
     $sql_delete = $misc->make_db_safe($id);
     // delete a listing
     $configured_langs = explode(',', $config['configured_langs']);
     foreach ($configured_langs as $configured_lang) {
         if ($verify_user === true) {
             $sql = "DELETE FROM " . $config['table_prefix_no_lang'] . $configured_lang . "_listingsdb WHERE ((listingsdb_id = {$sql_delete}) AND (userdb_id = {$_SESSION['userID']}))";
         } else {
             $sql = "DELETE FROM " . $config['table_prefix_no_lang'] . $configured_lang . "_listingsdb WHERE listingsdb_id = {$sql_delete}";
         }
         $recordSet = $conn->Execute($sql);
         if ($recordSet === false) {
             $misc->log_error($sql);
         }
         // delete all the elements associated with a listing
         if ($verify_user === true) {
             $sql = "DELETE FROM " . $config['table_prefix_no_lang'] . $configured_lang . "_listingsdbelements WHERE ((listingsdb_id = {$sql_delete}) AND (userdb_id = {$_SESSION['userID']}))";
         } else {
             $sql = "DELETE FROM " . $config['table_prefix_no_lang'] . $configured_lang . "_listingsdbelements WHERE listingsdb_id = {$sql_delete}";
         }
         $recordSet = $conn->Execute($sql);
         if ($recordSet === false) {
             $misc->log_error($sql);
         }
     }
     // now get all the images associated with an listing
     if ($verify_user === true) {
         $sql = "SELECT listingsimages_file_name, listingsimages_thumb_file_name FROM " . $config['table_prefix'] . "listingsimages WHERE ((listingsdb_id = {$sql_delete}) AND (userdb_id = {$_SESSION['userID']}))";
     } else {
         $sql = "SELECT listingsimages_file_name, listingsimages_thumb_file_name FROM " . $config['table_prefix'] . "listingsimages WHERE listingsdb_id = {$sql_delete}";
     }
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     // so, you've got 'em... it's time to unlink those bad boys...
     while (!$recordSet->EOF) {
         $thumb_file_name = $misc->make_db_unsafe($recordSet->fields['listingsimages_thumb_file_name']);
         $file_name = $misc->make_db_unsafe($recordSet->fields['listingsimages_file_name']);
         // get rid of those darned things...
         @unlink("{$config['listings_upload_path']}/{$file_name}");
         if ($file_name != $thumb_file_name) {
             @unlink("{$config['listings_upload_path']}/{$thumb_file_name}");
         }
         $recordSet->MoveNext();
     }
     // now get all the vtours associated with an listing
     if ($verify_user === true) {
         $sql = "SELECT vtourimages_file_name, vtourimages_thumb_file_name FROM " . $config['table_prefix'] . "vtourimages WHERE ((listingsdb_id = {$sql_delete}) AND (userdb_id = {$_SESSION['userID']}))";
     } else {
         $sql = "SELECT vtourimages_file_name, vtourimages_thumb_file_name FROM " . $config['table_prefix'] . "vtourimages WHERE listingsdb_id = {$sql_delete}";
     }
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     // so, you've got 'em... it's time to unlink those bad boys...
     while (!$recordSet->EOF) {
         $thumb_file_name = $misc->make_db_unsafe($recordSet->fields['vtourimages_thumb_file_name']);
         $file_name = $misc->make_db_unsafe($recordSet->fields['vtourimages_file_name']);
         // get rid of those darned things...
         @unlink("{$config['vtour_upload_path']}/{$file_name}");
         if ($file_name != $thumb_file_name) {
             @unlink("{$config['vtour_upload_path']}/{$thumb_file_name}");
         }
         $recordSet->MoveNext();
     }
     // for the grand finale, we're going to remove the db records of 'em as well...
     foreach ($configured_langs as $configured_lang) {
         if ($verify_user === true) {
             $sql = "DELETE FROM " . $config['table_prefix_no_lang'] . $configured_lang . "_listingsimages WHERE listingsdb_id = {$sql_delete} AND userdb_id = {$_SESSION['userID']}";
         } else {
             $sql = "DELETE FROM " . $config['table_prefix_no_lang'] . $configured_lang . "_listingsimages WHERE listingsdb_id = {$sql_delete}";
         }
         $recordSet = $conn->Execute($sql);
         if ($recordSet === false) {
             $misc->log_error($sql);
         }
         if ($verify_user === true) {
             $sql = "DELETE FROM " . $config['table_prefix_no_lang'] . $configured_lang . "_vtourimages WHERE listingsdb_id = {$sql_delete} AND userdb_id = {$_SESSION['userID']}";
         } else {
             $sql = "DELETE FROM " . $config['table_prefix_no_lang'] . $configured_lang . "_vtourimages WHERE listingsdb_id = {$sql_delete}";
         }
         $recordSet = $conn->Execute($sql);
         if ($recordSet === false) {
//.........这里部分代码省略.........
开发者ID:josegonzalez,项目名称:php-openrealty,代码行数:101,代码来源:listing_editor.inc.php

示例8: misc

 function create_download($ID, $file_id, $type)
 {
     global $config, $conn;
     require_once $config['basepath'] . '/include/misc.inc.php';
     $misc = new misc();
     $folderid = $ID;
     $ID = $misc->make_db_extra_safe($ID);
     $fileID = $misc->make_db_extra_safe($file_id);
     if ($type == 'listing') {
         $file_upload_path = $config['listings_file_upload_path'];
         $file_view_path = $config['listings_view_file_path'];
         $sqltype = 'listings';
     } else {
         $file_upload_path = $config['users_file_upload_path'];
         $file_view_path = $config['users_view_file_path'];
         $sqltype = 'user';
     }
     $sql = "SELECT DISTINCT " . $type . "sfiles_file_name FROM " . $config['table_prefix'] . "" . $type . "sfiles WHERE (" . $sqltype . "db_id = {$ID}) AND (" . $type . "sfiles_id = " . $fileID . ") ORDER BY " . $type . "sfiles_rank";
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     while (!$recordSet->EOF) {
         $file_filename = $misc->make_db_unsafe($recordSet->fields[$type . 'sfiles_file_name']);
         $recordSet->MoveNext();
     }
     $fullPath = $file_upload_path . '/' . $folderid . '/' . $file_filename;
     if ($fd = fopen($fullPath, "r")) {
         $fsize = filesize($fullPath);
         $path_parts = pathinfo($fullPath);
         header("Content-type: application/octet-stream");
         header("Content-Disposition: attachment; filename=\"" . $path_parts["basename"] . "\"");
         header("Content-length: {$fsize}");
         header("Cache-control: private");
         //use this to open files directly
         while (!feof($fd)) {
             $buffer = fread($fd, 2048);
             echo $buffer;
         }
     }
     fclose($fd);
 }
开发者ID:josegonzalez,项目名称:php-openrealty,代码行数:42,代码来源:files.inc.php

示例9: misc

 function get_blog_keywords($blog_id)
 {
     global $conn, $config;
     require_once $config['basepath'] . '/include/misc.inc.php';
     $misc = new misc();
     if (isset($_GET['PageID'])) {
         $blog_id = $misc->make_db_safe($blog_id);
         $sql = "SELECT blogmain_keywords FROM " . $config['table_prefix'] . "blogmain WHERE blogmain_id=" . $blog_id;
         $recordSet = $conn->Execute($sql);
         if ($recordSet === false) {
             $misc->log_error($sql);
         }
         $keywords = $misc->make_db_unsafe($recordSet->fields['blogmain_keywords']);
         return $keywords;
     } else {
         return '';
     }
 }
开发者ID:henryhe514,项目名称:ChineseCommercial,代码行数:18,代码来源:blog_functions.inc.php

示例10: displayListingDetails

function displayListingDetails($sql)
{
    //	$page = new page_user();
    //	$page->replace_listing_field_tags($_GET['listingID']);
    global $conn, $config, $rs_listingDetails;
    $misc = new misc();
    $rs = $conn->Execute($sql);
    if (!empty($rs)) {
        $listing_id = $misc->make_db_unsafe($rs->fields['listingsdb_id']);
        $listing_title = $misc->make_db_unsafe($rs->fields['listingsdb_title']);
        //var_dump($listing_id);
        $sql_getListingDetail = "SELECT listingsdb_title, listingsdbelements_field_name, listingsdbelements_field_value FROM " . $config['table_prefix'] . "listingsdb, " . $config['table_prefix'] . "listingsdbelements WHERE " . $config['table_prefix'] . "listingsdbelements.listingsdb_id = " . $listing_id;
        $rs_listingDetails = $conn->Execute($sql_getListingDetail);
        //var_dump($rs_listingDetails);
        while (!$rs_listingDetails->EOF) {
            $listing_fieldname = $misc->make_db_unsafe($rs_listingDetails->fields['listingsdbelements_field_name']);
            switch ($listing_fieldname) {
                case "address":
                    $listing_address = $misc->make_db_unsafe($rs_listingDetails->fields['listingsdbelements_field_value']);
                    break;
                case "city":
                    $listing_city = $misc->make_db_unsafe($rs_listingDetails->fields['listingsdbelements_field_value']);
                    break;
                case "state":
                    $listing_state = $misc->make_db_unsafe($rs_listingDetails->fields['listingsdbelements_field_value']);
                    break;
                case "full_desc":
                    $listing_fulldesc = $misc->make_db_unsafe($rs_listingDetails->fields['listingsdbelements_field_value']);
                    break;
                    //					case "city":
                    //						$listing_city = $misc->make_db_unsafe ($rs->fields['listingsdbelements_feild_value']);
                    //						break;
                    //					case "state":
                    //						$listing_state = $misc->make_db_unsafe ($rs->fields['listingsdbelements_feild_value']);
                    //						break;
                //					case "city":
                //						$listing_city = $misc->make_db_unsafe ($rs->fields['listingsdbelements_feild_value']);
                //						break;
                //					case "state":
                //						$listing_state = $misc->make_db_unsafe ($rs->fields['listingsdbelements_feild_value']);
                //						break;
                default:
                    $listing_value = $misc->make_db_unsafe($rs_listingDetails->fields['listingsdbelements_field_value']);
            }
            $rs_listingDetails->MoveNext();
        }
    }
    ?>
		
				<tr>
				  <td bgcolor="#EEEEEE"><a href="/moblisting.php?action=listingview&listingID=<?php 
    echo $listing_id;
    ?>
"><img src="<?php 
    echo $listing_image;
    ?>
" width="320" /><br />
					<strong><?php 
    echo $listing_title;
    ?>
</strong> </a>
					<p><?php 
    echo $listing_fulldesc;
    ?>
</p>
					<strong> $<?php 
    echo $listing_address;
    ?>
 </strong> 
                    <strong> $<?php 
    echo $listing_city;
    ?>
 </strong> 
                    <strong> $<?php 
    echo $listing_state;
    ?>
 </strong> 
                                                                   
				  </td>
				</tr>  
		  
      
				
<?php 
    //				                 <td colspan="2" align="left" valign="top"><strong>Address</strong>: 34 High St<br>
    //                    <strong>City</strong>: Berwick<br>
    //                    <strong>State</strong>: VIC<br>
    //                    <strong>Postcode</strong>: 3806<br>
    //                    <strong>Country</strong>: Australia<br>
    //                    <strong>Parking Spaces</strong>: 2<br>
    //                    <strong>Asking Price</strong>: $165,000<br>
    //                    <strong>Asset Value</strong>: $75,000<br>
    //                    <strong>Year Founded</strong>: 2000<br>
    //                    <strong>Annual Net Profit</strong>: $60,000<br>
    //                    <strong>Annual Business Turnover</strong>: $450,000<br>
    //                    <strong>Status</strong>: Active<br></td>
    //                </tr>
    //
    //			$sql_getdescription = "select listingsdbelements_field_value as fulldesc from default_en_listingsdbelements where listingsdbelements_field_name = 'full_desc' and   listingsdb_id = " . $listing_id . " limit 1";
    //			$rs_desc = $conn->Execute($sql_getdescription);
//.........这里部分代码省略.........
开发者ID:henryhe514,项目名称:ChineseCommercial,代码行数:101,代码来源:moblisting.php

示例11: renderNotifyListings

 function renderNotifyListings($listingIDArray, $search_title, $user_name, $email)
 {
     global $conn, $lang, $config, $db_type, $current_ID;
     //Load the Core Template class and the Misc Class
     require_once $config['basepath'] . '/include/class/template/core.inc.php';
     $page = new page_user();
     require_once $config['basepath'] . '/include/misc.inc.php';
     $misc = new misc();
     require_once $config['basepath'] . '/include/listing.inc.php';
     $listingclass = new listing_pages();
     //Declare an empty display variable to hold all output from function.
     $display = '';
     //If We have a $current_ID save it
     $old_current_ID = '';
     if ($current_ID != '') {
         $old_current_ID = $current_ID;
     }
     //Load the Notify Listing Template specified in the Site Config
     $page->load_page($config['template_path'] . '/' . $config['notify_listings_template']);
     // Determine if the template uses rows.
     // First item in array is the row conent second item is the number of block per block row
     $notify_template_row = $page->get_template_section_row('notify_listing_block_row');
     if (is_array($notify_template_row)) {
         $row = $notify_template_row[0];
         $col_count = $notify_template_row[1];
         $user_rows = true;
         $x = 1;
         //Create an empty array to hold the row conents
         $new_row_data = array();
     } else {
         $user_rows = false;
     }
     $notify_template_section = '';
     foreach ($listingIDArray as $current_ID) {
         if ($user_rows == true && $x > $col_count) {
             //We are at then end of a row. Save the template section as a new row.
             $new_row_data[] = $page->replace_template_section('notify_listing_block', $notify_template_section, $row);
             //$new_row_data[] = $notify_template_section;
             $notify_template_section = $page->get_template_section('notify_listing_block');
             $x = 1;
         } else {
             $notify_template_section .= $page->get_template_section('notify_listing_block');
         }
         $listing_title = $listingclass->get_title($current_ID);
         if ($config['url_style'] == '1') {
             $notify_url = $config['baseurl'] . '/index.php?action=listingview&amp;listingID=' . $current_ID;
             // #####
         } else {
             $url_title = str_replace("/", "", $listing_title);
             $url_title = strtolower(str_replace(" ", $config['seo_url_seperator'], $url_title));
             $notify_url = $config['baseurl'] . '/listing-' . misc::urlencode_to_sef($url_title) . '-' . $current_ID . '.html';
             // #####
         }
         $notify_template_section = $page->replace_listing_field_tags($current_ID, $notify_template_section);
         $notify_template_section = $page->replace_listing_field_tags($current_ID, $notify_template_section);
         $notify_template_section = $page->parse_template_section($notify_template_section, 'notify_url', $notify_url);
         $notify_template_section = $page->parse_template_section($notify_template_section, 'listingid', $current_ID);
         // Setup Image Tags
         $sql2 = "SELECT listingsimages_thumb_file_name,listingsimages_file_name\n\t\t\t\t\tFROM " . $config['table_prefix'] . "listingsimages\n\t\t\t\t\tWHERE (listingsdb_id = {$current_ID})\n\t\t\t\t\tORDER BY listingsimages_rank";
         $recordSet2 = $conn->SelectLimit($sql2, 1, 0);
         if ($recordSet2 === false) {
             $misc->log_error($sql2);
         }
         if ($recordSet2->RecordCount() > 0) {
             $thumb_file_name = $misc->make_db_unsafe($recordSet2->fields['listingsimages_thumb_file_name']);
             $file_name = $misc->make_db_unsafe($recordSet2->fields['listingsimages_file_name']);
             if ($thumb_file_name != "" && file_exists("{$config['listings_upload_path']}/{$thumb_file_name}")) {
                 // gotta grab the thumbnail image size
                 $imagedata = GetImageSize("{$config['listings_upload_path']}/{$thumb_file_name}");
                 $imagewidth = $imagedata[0];
                 $imageheight = $imagedata[1];
                 $shrinkage = $config['thumbnail_width'] / $imagewidth;
                 $notify_thumb_width = $imagewidth * $shrinkage;
                 $notify_thumb_height = $imageheight * $shrinkage;
                 $notify_thumb_src = $config['listings_view_images_path'] . '/' . $thumb_file_name;
                 // gotta grab the thumbnail image size
                 $imagedata = GetImageSize("{$config['listings_upload_path']}/{$file_name}");
                 $imagewidth = $imagedata[0];
                 $imageheight = $imagedata[1];
                 $notify_width = $imagewidth;
                 $notify_height = $imageheight;
                 $notify_src = $config['listings_view_images_path'] . '/' . $file_name;
             }
         } else {
             if ($config['show_no_photo'] == 1) {
                 $imagedata = GetImageSize($config['basepath'] . "/images/nophoto.gif");
                 $imagewidth = $imagedata[0];
                 $imageheight = $imagedata[1];
                 $shrinkage = $config['thumbnail_width'] / $imagewidth;
                 $notify_thumb_width = $imagewidth * $shrinkage;
                 $notify_thumb_height = $imageheight * $shrinkage;
                 $notify_thumb_src = $config['baseurl'] . '/images/nophoto.gif';
                 $notify_width = $notify_thumb_width;
                 $notify_height = $notify_thumb_height;
                 $notify_src = $config['baseurl'] . '/images/nophoto.gif';
             } else {
                 $notify_thumb_width = '';
                 $notify_thumb_height = '';
                 $notify_thumb_src = '';
                 $notify_width = '';
//.........这里部分代码省略.........
开发者ID:henryhe514,项目名称:ChineseCommercial,代码行数:101,代码来源:notification.inc.php

示例12: misc

 /**
  * maps::create_map_link()
  * This is the function to call to show a map link. It should be called from the listing detail page, or any page where $_GET['listingID'] is set.
  * This function then calls the appropriate make_mapname function as specified in the configuration.
  *
  * @see maps::make_mapquest()
  * @see maps::make_yahoo_us()
  * @return string Return the URL for the map as long as the required fields are filled out, if not it returns a empty string.
  */
 function create_map_link($url_only = 'no')
 {
     global $conn, $config;
     require_once $config['basepath'] . '/include/misc.inc.php';
     $misc = new misc();
     // Map Type
     // Get Address, City, State, Zip
     // Create Blank Variables
     $display = '';
     $address = '';
     $city = '';
     $state = '';
     $zip = '';
     // Get Listing ID
     $sql_listingID = $misc->make_db_safe($_GET['listingID']);
     $listing_title = urlencode(listing_pages::get_title($_GET['listingID']));
     // get address
     $sql_address_field = $misc->make_db_safe($config['map_address']);
     $sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_address_field}))";
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     while (!$recordSet->EOF) {
         $address = urlencode($misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']));
         $recordSet->MoveNext();
     }
     // end while
     // Add address fields 2 & 3
     $sql_address_field = $misc->make_db_safe($config['map_address2']);
     $sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_address_field}))";
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     while (!$recordSet->EOF) {
         $address .= ' ' . urlencode($misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']));
         $recordSet->MoveNext();
     }
     // end while
     $sql_address_field = $misc->make_db_safe($config['map_address3']);
     $sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_address_field}))";
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     while (!$recordSet->EOF) {
         $address .= ' ' . urlencode($misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']));
         $recordSet->MoveNext();
     }
     // end while
     $sql_address_field = $misc->make_db_safe($config['map_address4']);
     $sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_address_field}))";
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     while (!$recordSet->EOF) {
         $address .= ' ' . urlencode($misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']));
         $recordSet->MoveNext();
     }
     // end while
     // get city
     $sql_city_field = $misc->make_db_safe($config['map_city']);
     $sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_city_field}))";
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     while (!$recordSet->EOF) {
         $city = urlencode($misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']));
         $recordSet->MoveNext();
     }
     // end while
     // get state
     $sql_state_field = $misc->make_db_safe($config['map_state']);
     $sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_state_field}))";
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
         $misc->log_error($sql);
     }
     while (!$recordSet->EOF) {
         $state = urlencode($misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']));
         $recordSet->MoveNext();
     }
     // end while
     // get zip
     $sql_zip_field = $misc->make_db_safe($config['map_zip']);
     $sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_zip_field}))";
     $recordSet = $conn->Execute($sql);
     if ($recordSet === false) {
//.........这里部分代码省略.........
开发者ID:josegonzalez,项目名称:php-openrealty,代码行数:101,代码来源:maps.inc.php

示例13: misc

 function show_users($filter = '', $lookup_field = '', $lookup_value = '')
 {
     global $conn, $config, $lang;
     require_once $config['basepath'] . '/include/misc.inc.php';
     $misc = new misc();
     // Verify User is an Admin
     $security = login::loginCheck('edit_all_users', true);
     $display = '';
     $filter_sql = '';
     if ($filter == 'agents') {
         $filter_sql = " WHERE userdb_is_agent = 'yes'";
     } elseif ($filter == 'members') {
         $filter_sql = " WHERE userdb_is_agent = 'no' AND userdb_is_admin = 'no'";
     } elseif ($filter == 'admins') {
         $filter_sql = " WHERE userdb_is_admin = 'yes'";
     }
     if ($security === true) {
         $sql = "SELECT * FROM " . $config['table_prefix'] . "userdb {$filter_sql} ORDER BY userdb_id ";
         $recordSet = $conn->Execute($sql);
         if ($recordSet === false) {
             $misc->log_error($sql);
         }
         $num_rows = $recordSet->RecordCount();
         if (!isset($_GET['cur_page'])) {
             $_GET['cur_page'] = 0;
         }
         $display .= '<center>' . $misc->next_prev($num_rows, intval($_GET['cur_page'])) . '</center>';
         // put in the next/previous stuff
         // build the string to select a certain number of users per page
         $limit_str = intval($_GET['cur_page']) * $config['listings_per_page'];
         $recordSet = $conn->SelectLimit($sql, $config['listings_per_page'], $limit_str);
         if ($recordSet === false) {
             $misc->log_error($sql);
         }
         $count = 0;
         // $display .= "<br /><br />";
         while (!$recordSet->EOF) {
             // alternate the colors
             if ($count == 0) {
                 $count = $count + 1;
             } else {
                 $count = 0;
             }
             // strip slashes so input appears correctly
             $edit_ID = $recordSet->fields['userdb_id'];
             $edit_user_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_name']);
             $edit_user_first_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_first_name']);
             $edit_user_last_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_last_name']);
             $edit_emailAddress = $misc->make_db_unsafe($recordSet->fields['userdb_emailaddress']);
             $edit_active = $recordSet->fields['userdb_active'];
             $edit_isAgent = $recordSet->fields['userdb_is_agent'];
             $edit_isAdmin = $recordSet->fields['userdb_is_admin'];
             $edit_canEditSiteConfig = $recordSet->fields['userdb_can_edit_site_config'];
             $edit_canEditMemberTemplate = $recordSet->fields['userdb_can_edit_member_template'];
             $edit_canEditAgentTemplate = $recordSet->fields['userdb_can_edit_agent_template'];
             $edit_canEditListingTemplate = $recordSet->fields['userdb_can_edit_listing_template'];
             $edit_canFeatureListings = $recordSet->fields['userdb_can_feature_listings'];
             $edit_canViewLogs = $recordSet->fields['userdb_can_view_logs'];
             $edit_canModerate = $recordSet->fields['userdb_can_moderate'];
             $edit_can_have_vtours = $recordSet->fields['userdb_can_have_vtours'];
             $edit_can_edit_expiration = $recordSet->fields['userdb_can_edit_expiration'];
             $edit_can_export_listings = $recordSet->fields['userdb_can_export_listings'];
             $edit_canEditAllListings = $recordSet->fields['userdb_can_edit_all_listings'];
             $edit_canEditAllUsers = $recordSet->fields['userdb_can_edit_all_users'];
             $edit_canEditPropertyClasses = $recordSet->fields['userdb_can_edit_property_classes'];
             // Determine user type
             if ($edit_isAgent == 'yes') {
                 $user_type = $lang['user_manager_agent'];
             } elseif ($edit_isAdmin == 'yes') {
                 $user_type = $lang['user_manager_admin'];
             } else {
                 $user_type = $lang['user_manager_member'];
             }
             // Layout Start
             $display .= '<table width="600"  border="0" align="center" cellpadding="0" cellspacing="0">';
             // $display .= '<tbody style="border-width:thin;border-style:solid;border-color:#FFFFFF;">';
             $display .= '<tr bgcolor="#330099">';
             $display .= '<td width="510" colspan="2" style="padding-left:2px">';
             $display .= '<span style="color:#FFFFFF;font-weight:bold;">' . $edit_user_first_name . ' ' . $edit_user_last_name . ' (' . $edit_ID . '): ' . $edit_emailAddress . '</span>';
             $display .= '</td>';
             $display .= '<td width="90" align="right">';
             $display .= '<a href="index.php?action=user_manager&amp;edit=' . $edit_ID . '"><img src="images/' . $config['lang'] . '/user_manager_edit.jpg" alt="' . $lang['user_manager_edit_user'] . '" width="16" height="16"></a>';
             $display .= '<img src="images/blank.gif" alt=" " width="16" height="16">';
             $display .= '<a href="index.php?action=user_manager&amp;delete=' . $edit_ID . '" onclick="return confirmDelete(\'' . $lang['delete_user'] . '\')"><img src="images/' . $config['lang'] . '/user_manager_delete.jpg" alt="' . $lang['user_manager_delete_user'] . '" width="16" height="16"></a>';
             $display .= '</td>';
             $display .= '</tr>';
             $display .= '<tr>';
             $display .= '<td colspan="2"><strong>' . $lang['user_manager_user_name'] . ': ' . $edit_user_name . '</strong></td>';
             $display .= '<td></td>';
             $display .= '</tr>';
             $display .= '<tr>';
             $display .= '<td colspan="2"><strong>' . $lang['user_manager_account_type'] . ': ' . $user_type . '</strong></td>';
             $display .= '<td></td>';
             $display .= '</tr>';
             $display .= '<tr>';
             $display .= '<td colspan="2"><strong>' . $lang['user_manager_active'] . ': ' . $edit_active . '</strong></td>';
             $display .= '<td></td>';
             $display .= '</tr>';
             if ($edit_isAgent == 'yes') {
                 $display .= '<tr>';
//.........这里部分代码省略.........
开发者ID:schappaughc,项目名称:iitmapas,代码行数:101,代码来源:user_manager.inc.php

示例14: generate_admin_config_page

/**
 * generate_admin_config_page()
 * This generates the html form for configuring the googlemap addon via the admin page.
 * @return The html form for configuring the googlemap addon
 */
function generate_admin_config_page()
{
    global $conn, $lang, $config;
    $security = login::loginCheck('Admin', true);
    $display = '';
    if ($security === true) {
        $api_version[1] = 1;
        $api_version[2] = 2;
        $map_type[1] = 'NORMAL_MAP';
        $map_type[2] = 'SATELLITE_MAP';
        $map_type[3] = 'HYBRID_MAP';
        $map_control[1] = 'none';
        $map_control[2] = 'LargeMapControl';
        $map_control[3] = 'SmallMapControl';
        $map_control[4] = 'SmallZoomControl';
        $map_anchor[1] = 'TOP_LEFT';
        $map_anchor[2] = 'TOP_RIGHT';
        $map_anchor[3] = 'BOTTOM_LEFT';
        $map_anchor[4] = 'BOTTOM_RIGHT';
        $type_control[1] = 'none';
        $type_control[2] = 'MapTypeControl';
        $scale_control[1] = 'none';
        $scale_control[2] = 'ScaleControl';
        $overview_control[1] = 'none';
        $overview_control[2] = 'OverviewMapControl';
        // Open Connection to the Control Panel Table
        require_once $config['basepath'] . '/include/misc.inc.php';
        $misc = new misc();
        // Include the Form Generation Class
        include_once $config['basepath'] . '/include/class/form_generation.inc.php';
        $formGen = new formGeneration();
        // Default Options
        $yes_no[0] = 'No';
        $yes_no[1] = 'Yes';
        $asc_desc['ASC'] = 'ASC';
        $asc_desc['DESC'] = 'DESC';
        // Save any Post Data
        if (isset($_POST['api_version'])) {
            // Update addon table
            $sql = 'UPDATE ' . $config['table_prefix_no_lang'] . 'addon_googlemap SET ';
            $sql_part = '';
            foreach ($_POST as $field => $value) {
                if (is_array($value)) {
                    $value2 = '';
                    foreach ($value as $f) {
                        if ($value2 == '') {
                            $value2 = "{$f}";
                        } else {
                            $value2 .= ",{$f}";
                        }
                    }
                    $value2 = $misc->make_db_safe($value2);
                    if ($sql_part == '') {
                        $sql_part = "{$field} = {$value2}";
                    } else {
                        $sql_part .= " , {$field} = {$value2}";
                    }
                } else {
                    $value = $misc->make_db_safe($value);
                    if ($sql_part == '') {
                        $sql_part = "{$field} = {$value}";
                    } else {
                        $sql_part .= " , {$field} = {$value}";
                    }
                }
            }
            $sql .= $sql_part;
            $recordSet = $conn->Execute($sql);
            if (!$recordSet) {
                $misc->log_error($sql);
            }
            $display .= '<br><b>' . $lang['configuration_saved'] . '</b><br>';
        }
        $sql = 'SELECT * from ' . $config["table_prefix_no_lang"] . 'addon_googlemap';
        $recordSet = $conn->Execute($sql);
        if (!$recordSet) {
            $misc->log_error($sql);
        }
        $display .= '<h2>Google Maps Addon Configuration. </h2><br /><br />';
        $display .= $formGen->startform('index.php?&amp;action=addon_googlemap_configure');
        // Start Map Options Section
        $display .= '<fieldset>';
        $display .= '<legend><b>Map Options</b></legend>';
        $display .= '<table cellspacing="0" cellpadding="3" width="99%" border="0">';
        $display .= '<tr class=tdshade2>';
        $display .= '<td width="130"><strong>API Version</strong></td>';
        $display .= '<td>' . $formGen->createformitem('select', 'api_version', $misc->make_db_unsafe($recordSet->fields['api_version']), false, 35, '', '', '', '', $api_version, $misc->make_db_unsafe($recordSet->fields['api_version'])) . '</td>';
        $display .= '<td>Version of the Google Maps API to use.</td>';
        $display .= '</tr>';
        $display .= '<tr class=tdshade1>';
        $display .= '<td><strong>API Key</strong></td>';
        $display .= '<td>' . $formGen->createformitem('text', 'api_key', $misc->make_db_unsafe($recordSet->fields['api_key']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['api_key'])) . '</td>';
        $display .= '<td>Google API Key for your site (required).</td>';
        $display .= '</tr>';
        $display .= '<tr class=tdshade2>';
//.........这里部分代码省略.........
开发者ID:schappaughc,项目名称:iitmapas,代码行数:101,代码来源:addon.inc.php

示例15: misc

 function add_page()
 {
     global $conn, $lang, $config;
     $security = login::loginCheck('editpages', true);
     $display = '';
     if ($security === true) {
         require_once $config['basepath'] . '/include/misc.inc.php';
         $misc = new misc();
         // Do we need to save?
         if (isset($_POST['edit'])) {
             // Save page now
             $save_full = $_POST['ta'];
             $save_title = $misc->make_db_safe($_POST['title']);
             $save_description = $misc->make_db_safe($_POST['description']);
             $save_keywords = $misc->make_db_safe($_POST['keywords']);
             // $save_full_xhtml = urldecode($save_full);
             // $save_full_xhtml = $this->html2xhtml($save_full_xhtml);
             $save_full_xhtml = $misc->make_db_safe(editor::htmlEncodeText($save_full), TRUE);
             $sql = "INSERT INTO " . $config['table_prefix'] . "pagesmain (pagesmain_full,pagesmain_title,pagesmain_date,pagesmain_summary,pagesmain_no_visitors,pagesmain_complete,pagesmain_description,pagesmain_keywords) VALUES ({$save_full_xhtml},{$save_title}," . $conn->DBDate(time()) . ",'',0,1,{$save_description},{$save_keywords})";
             $recordSet = $conn->Execute($sql);
             if (!$recordSet) {
                 $misc->log_error($sql);
             }
             $display .= "<center><b>{$lang['page_saved']}</b></center><br />";
             $display .= $this->page_list();
             $display .= '<form action="index.php?action=edit_page" method="post" id="edit" name="edit">';
             $html = '';
             $sql = "SELECT pagesmain_full, pagesmain_title, pagesmain_complete, pagesmain_id, pagesmain_description, pagesmain_keywords  FROM " . $config['table_prefix'] . "pagesmain WHERE pagesmain_title = " . $save_title;
             $recordSet = $conn->Execute($sql);
             if (!$recordSet) {
                 $misc->log_error($sql);
             }
             // Save PageID to Session for Image Upload Plugin
             $_SESSION['PageID'] = $recordSet->fields['pagesmain_id'];
             // Pull the page from the database
             $display .= "<input type=\"hidden\" name=\"edit\" value=\"yes\" />";
             $display .= "<input type=\"hidden\" name=\"PageID\" value=\"" . $_SESSION['PageID'] . "\" />";
             $html = $misc->make_db_unsafe($recordSet->fields['pagesmain_full']);
             $title = $misc->make_db_unsafe($recordSet->fields['pagesmain_title']);
             $description = $misc->make_db_unsafe($recordSet->fields['pagesmain_description']);
             $keywords = $misc->make_db_unsafe($recordSet->fields['pagesmain_keywords']);
             // $complete = $misc->make_db_unsafe($recordSet->fields['pagesmain_complete']);
             $display .= $lang['title'] . ' <input type="text" name="title" value="' . $title . '" /><br /><br />';
             $display .= $lang['page_meta_description'] . ' <input type="text" size="50" name="description" value="' . $description . '" /><br /><br />';
             $display .= $lang['page_meta_keywords'] . ' <input type="text" size="50" name="keywords" value="' . $keywords . '" /><br /><br />';
             $display .= '<textarea name="ta" id="ta" style="height: 350px; width: 100%;">' . $html . '</textarea>';
             $display .= '<input type="submit" name="ok" value="' . $lang['submit'] . '"  style="margin-top:3px;"/>';
             $display .= '</form>';
             if ($_SESSION['PageID'] != '') {
                 $display .= '<form action="index.php?action=edit_page" method="post" id="delete" style="margin-top:3px;">';
                 $display .= '<input type="hidden" name="delete" value="yes" />';
                 $display .= '<input type="hidden" name="PageID" value="' . $_SESSION['PageID'] . '" />';
                 $display .= '<input type="submit" name="ok" value="' . $lang['delete_page'] . '" />';
                 $display .= '</form>';
             }
         } else {
             $display .= $this->page_list();
             $display .= '<form action="index.php?action=add_page" method="post" id="edit" name="edit">';
             $display .= "<input type=\"hidden\" name=\"edit\" value=\"yes\" />";
             $display .= $lang['title'] . ' <input type="text" name="title" value="" /><br /><br />';
             $display .= $lang['page_meta_description'] . ' <input type="text" size="50" name="description" value="" /><br /><br />';
             $display .= $lang['page_meta_keywords'] . ' <input type="text" size="50" name="keywords" value="" /><br /><br />';
             $display .= '<textarea name="ta" id="ta" style="height: 30em; width: 100%;"></textarea>';
             $display .= '<input type="submit" name="ok" value="' . $lang['submit'] . '" style="margin-top:3px;" />';
             $display .= '</form>';
         }
     } else {
         $display .= '<div class="error_text">' . $lang['access_denied'] . '</div>';
     }
     return $display;
 }
开发者ID:henryhe514,项目名称:ChineseCommercial,代码行数:71,代码来源:editor.inc.php


注:本文中的misc::make_db_unsafe方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。