本文整理汇总了PHP中module_security::sanatise_data方法的典型用法代码示例。如果您正苦于以下问题:PHP module_security::sanatise_data方法的具体用法?PHP module_security::sanatise_data怎么用?PHP module_security::sanatise_data使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类module_security
的用法示例。
在下文中一共展示了module_security::sanatise_data方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: process
//.........这里部分代码省略.........
// copy to file area.
$file_name = basename($_FILES['file_upload']['name']);
if ($file_name) {
$file_path = _FILE_UPLOAD_PATH . md5(time() . $file_name);
if (move_uploaded_file($_FILES['file_upload']['tmp_name'], $file_path)) {
// it worked. umm.. do something.
} else {
?>
<script type="text/javascript">
alert('Unable to save file. Please check permissions.');
</script>
<?php
// it didnt work. todo: display error.
$file_path = false;
$file_name = false;
//set_error('Unable to save file');
}
}
}
if (isset($_REQUEST['file_name']) && $_REQUEST['file_name']) {
$file_name = $_REQUEST['file_name'];
}
if (!$file_path && !$file_name) {
return false;
}
if (!$file_id || $file_id == 'new') {
$file_data = array('file_id' => $file_id, 'owner_id' => (int) $_REQUEST['owner_id'], 'owner_table' => $_REQUEST['owner_table'], 'file_time' => time(), 'file_name' => $file_name, 'file_path' => $file_path);
} else {
// some fields we dont want to overwrite on existing files:
$file_data = array('file_id' => $file_id, 'file_path' => $file_path, 'file_name' => $file_name);
}
// make sure we're saving a file we have access too.
module_security::sanatise_data('file', $file_data);
$file_id = update_insert('file_id', $file_id, 'file', $file_data);
$file_data = $this->get_file($file_id);
// we've updated from a popup.
// this means we have to replace an existing file id with the updated output.
// or if none exists on the page, we add a new one to the holder.
$layout_type = isset($_REQUEST['layout']) && $_REQUEST['layout'] ? $_REQUEST['layout'] : 'gallery';
?>
<script type="text/javascript">
// check if it exists in parent window
var new_html = '<?php
echo addcslashes(preg_replace('/\\s+/', ' ', $this->print_file($file_id, $layout_type, true, $options)), "'");
?>
';
parent.new_file_added<?php
echo $file_data['owner_table'];
?>
_<?php
echo $file_data['owner_id'];
?>
(<?php
echo $file_id;
?>
,'<?php
echo $file_data['owner_table'];
?>
',<?php
echo $file_data['owner_id'];
?>
,new_html);
</script>
<?php
示例2: _l
$widget_id = (int) $_REQUEST['widget_id'];
$widget = module_widget::get_widget($widget_id);
if ($widget_id > 0 && $widget['widget_id'] == $widget_id) {
$module->page_title = 'Widget' . ': ' . $widget['name'];
} else {
$module->page_title = 'Widget' . ': ' . _l('New');
}
if ($widget_id > 0 && $widget) {
if (class_exists('module_security', false)) {
module_security::check_page(array('module' => $module->module_name, 'feature' => 'edit'));
}
} else {
if (class_exists('module_security', false)) {
module_security::check_page(array('module' => $module->module_name, 'feature' => 'create'));
}
module_security::sanatise_data('widget', $widget);
}
?>
<form action="" method="post">
<input type="hidden" name="_process" value="save_widget" />
<input type="hidden" name="widget_id" value="<?php
echo $widget_id;
?>
" />
<?php
$fields = array('fields' => array('name' => 'Name'));
示例3: _l
$website_id = (int) $_REQUEST['website_id'];
$website = module_website::get_website($website_id);
if ($website_id > 0 && $website['website_id'] == $website_id) {
$module->page_title = module_config::c('project_name_single', 'Website') . ': ' . $website['name'];
} else {
$module->page_title = module_config::c('project_name_single', 'Website') . ': ' . _l('New');
}
if ($website_id > 0 && $website) {
if (class_exists('module_security', false)) {
module_security::check_page(array('module' => $module->module_name, 'feature' => 'edit'));
}
} else {
if (class_exists('module_security', false)) {
module_security::check_page(array('module' => $module->module_name, 'feature' => 'create'));
}
module_security::sanatise_data('website', $website);
}
?>
<form action="" method="post">
<input type="hidden" name="_process" value="save_website" />
<input type="hidden" name="website_id" value="<?php
echo $website_id;
?>
" />
<?php
示例4: redirect_browser
* IP Address: 67.79.165.254
*/
if (!$module->can_i('view', 'Products') || !$module->can_i('edit', 'Products')) {
redirect_browser(_BASE_HREF);
}
// check permissions.
if (class_exists('module_security', false)) {
if ($product_category_id > 0 && $product_category['product_category_id'] == $product_category_id) {
// if they are not allowed to "edit" a page, but the "view" permission exists
// then we automatically grab the page and regex all the crap out of it that they are not allowed to change
// eg: form elements, submit buttons, etc..
module_security::check_page(array('category' => 'Product', 'page_name' => 'Products', 'module' => 'product', 'feature' => 'Edit'));
} else {
module_security::check_page(array('category' => 'Product', 'page_name' => 'Products', 'module' => 'product', 'feature' => 'Create'));
}
module_security::sanatise_data('product', $product_category);
}
?>
<form action="" method="post" id="product_category_form">
<input type="hidden" name="_process" value="save_product_category" />
<input type="hidden" name="product_category_id" value="<?php
echo (int) $product_category_id;
?>
" />
<?php
module_form::set_required(array('fields' => array('name' => 'Name')));
module_form::prevent_exit(array('valid_exits' => array('.submit_button')));
$fieldset_data = array('heading' => array('type' => 'h3', 'title' => 'Product Information'), 'class' => 'tableclass tableclass_form tableclass_full', 'elements' => array());
$fieldset_data['elements'][] = array('title' => 'Name', 'fields' => array(array('type' => 'text', 'name' => 'product_category_name', 'value' => $product_category['product_category_name'])));
示例5: array
if (!$job['hourly_rate']) {
$job['hourly_rate'] = 0;
}
$staff_members = module_user::get_staff_members();
$staff_member_rel = array();
foreach ($staff_members as $staff_member) {
$staff_member_rel[$staff_member['user_id']] = $staff_member['name'];
}
if ($job_id > 0 && $job['job_id'] == $job_id) {
$module->page_title = _l('Job: %s', $job['name']);
} else {
$module->page_title = _l('Job: %s', _l('New'));
}
// check permissions.
if (class_exists('module_security', false)) {
module_security::sanatise_data('job', $job);
}
$job_tasks = module_job::get_tasks($job_id);
if (class_exists('module_import_export', false)) {
if (module_job::can_i('view', 'Export Job Tasks')) {
module_import_export::enable_pagination_hook(array('name' => 'Job Tasks Export', 'fields' => array('Job Name' => 'job_name', 'Task ID' => 'task_id', 'Order' => 'task_order', 'Short Description' => 'description', 'Long Description' => 'long_description', 'Hours' => 'hours', 'Hours Completed' => 'completed', 'Amount' => 'amount', 'Billable' => 'billable', 'Fully Completed' => 'fully_completed', 'Date Due' => 'date_due', 'Invoice #' => 'invoice_number', 'Staff Member' => 'user_name', 'Approval Required' => 'approval_required')));
if (isset($_REQUEST['import_export_go']) && $_REQUEST['import_export_go'] == 'yes') {
// do the task export.
module_import_export::run_pagination_hook($job_tasks);
}
}
if (module_job::can_i('view', 'Import Job Tasks')) {
$import_tasks_link = module_import_export::import_link(array('callback' => 'module_job::handle_import_tasks', 'name' => 'Job Tasks', 'job_id' => $job_id, 'return_url' => $_SERVER['REQUEST_URI'], 'fields' => array('Task ID' => array('task_id', false, 'The existing system ID for this task. Will overwrite existing task ID. Leave blank to create new task.'), 'Order' => array('task_order', false, 'The numerical order the tasks will appear in.'), 'Short Description' => array('description', true), 'Long Description' => 'long_description', 'Hours' => 'hours', 'Hours Completed' => 'completed', 'Amount' => 'amount', 'Billable' => array('billable', false, '1 for billable, 0 for non-billable'), 'Fully Completed' => array('fully_completed', false, '1 for fully completed, 0 for not completed'), 'Date Due' => array('date_due', false, 'When this task is due for completion'), 'Staff Member' => array('user_name', false, 'One of: ' . implode(', ', $staff_member_rel)), 'Approval Required' => array('approval_required', false, '1 if the administrator needs to approve this task, 0 if it does not require approval'))));
}
}
?>
示例6: redirect_browser
if (!module_config::can_i('edit', 'Settings')) {
redirect_browser(_BASE_HREF);
}
$company_id = (int) $_REQUEST['company_id'];
$company = array();
if ($company_id > 0) {
if (class_exists('module_security', false)) {
module_security::check_page(array('category' => 'Company', 'page_name' => 'Company', 'module' => 'company', 'feature' => 'edit'));
}
$company = module_company::get_company($company_id);
} else {
}
if (!$company) {
$company_id = 'new';
$company = array('company_id' => 'new', 'name' => '');
module_security::sanatise_data('company', $company);
}
?>
<form action="" method="post">
<input type="hidden" name="_process" value="save_company" />
<input type="hidden" name="company_id" value="<?php
echo $company_id;
?>
" />
<?php
module_form::print_form_auth();
module_form::prevent_exit(array('valid_exits' => array('.submit_button')));
$fieldset_data = array('heading' => array('type' => 'h3', 'title' => 'Company Details'), 'elements' => array(array('title' => _l('Company Name'), 'field' => array('name' => 'name', 'value' => $company['name'], 'type' => 'text'))));
示例7: array
}
// done in product_admin
//$product_id = (int)$_REQUEST['product_id'];
//$product = array();
//$product = module_product::get_product($product_id);
// check permissions.
if (class_exists('module_security', false)) {
if ($product_id > 0 && $product['product_id'] == $product_id) {
// if they are not allowed to "edit" a page, but the "view" permission exists
// then we automatically grab the page and regex all the crap out of it that they are not allowed to change
// eg: form elements, submit buttons, etc..
module_security::check_page(array('category' => 'Product', 'page_name' => 'Products', 'module' => 'product', 'feature' => 'Edit'));
} else {
module_security::check_page(array('category' => 'Product', 'page_name' => 'Products', 'module' => 'product', 'feature' => 'Create'));
}
module_security::sanatise_data('product', $product);
}
?>
<form action="" method="post" id="product_form">
<input type="hidden" name="_process" value="save_product" />
<input type="hidden" name="product_id" value="<?php
echo $product_id;
?>
" />
<?php
module_form::set_required(array('fields' => array('name' => 'Name')));
module_form::prevent_exit(array('valid_exits' => array('.submit_button')));
$fieldset_data = array('heading' => array('type' => 'h3', 'title' => 'Product Information'), 'class' => 'tableclass tableclass_form tableclass_full', 'elements' => array());
$fieldset_data['elements'][] = array('title' => 'Name', 'fields' => array(array('type' => 'text', 'name' => 'name', 'value' => $product['name'])));
示例8: isset
} else {
$linked_invoice_payments = $finance['linked_invoice_payments'];
$linked_finances = $finance['linked_finances'];
$module->page_title = $finance['name'];
}
// check permissions.
if (class_exists('module_security', false)) {
if ($finance_id > 0 && $finance['finance_id'] == $finance_id || isset($_REQUEST['invoice_payment_id']) && isset($invoice_payment_data) && $invoice_payment_data) {
// if they are not allowed to "edit" a page, but the "view" permission exists
// then we automatically grab the page and regex all the crap out of it that they are not allowed to change
// eg: form elements, submit buttons, etc..
module_security::check_page(array('category' => 'Finance', 'page_name' => 'Finance', 'module' => 'finance', 'feature' => 'Edit'));
} else {
module_security::check_page(array('category' => 'Finance', 'page_name' => 'Finance', 'module' => 'finance', 'feature' => 'Create'));
}
module_security::sanatise_data('finance', $finance);
}
if (isset($finance['invoice_payment_id']) && (int) $finance['invoice_payment_id'] > 0) {
//$locked = true;
}
$finance_recurring_id = isset($_REQUEST['finance_recurring_id']) ? (int) $_REQUEST['finance_recurring_id'] : false;
if ($finance_id > 0 && $finance && isset($finance['finance_recurring_id']) && $finance['finance_recurring_id']) {
$finance_recurring_id = $finance['finance_recurring_id'];
}
if ($finance_recurring_id > 0) {
$finance_recurring = module_finance::get_recurring($finance_recurring_id);
}
if (!$finance_id && $finance_recurring_id > 0) {
$finance = array_merge($finance, $finance_recurring);
//print_r($finance_recurring);
$finance['transaction_date'] = $finance_recurring['next_due_date'];
示例9: redirect_browser
redirect_browser(_BASE_HREF);
}
$subscription_id = (int) $_REQUEST['subscription_id'];
$subscription = array();
$subscription = module_subscription::get_subscription($subscription_id);
// check permissions.
if (class_exists('module_security', false)) {
if ($subscription_id > 0 && $subscription['subscription_id'] == $subscription_id) {
// if they are not allowed to "edit" a page, but the "view" permission exists
// then we automatically grab the page and regex all the crap out of it that they are not allowed to change
// eg: form elements, submit buttons, etc..
module_security::check_page(array('category' => 'Subscription', 'page_name' => 'Subscriptions', 'module' => 'subscription', 'feature' => 'Edit'));
} else {
module_security::check_page(array('category' => 'Subscription', 'page_name' => 'Subscriptions', 'module' => 'subscription', 'feature' => 'Create'));
}
module_security::sanatise_data('subscription', $subscription);
}
?>
<?php
hook_handle_callback('layout_column_half', 1);
?>
<form action="" method="post" id="subscription_form">
<input type="hidden" name="_process" value="save_subscription" />
<input type="hidden" name="subscription_id" value="<?php
echo $subscription_id;
?>
" />
示例10: _l
if ($customer_id > 0 && $customer['customer_id'] == $customer_id) {
$module->page_title = _l($page_type_single . ': %s', $customer['customer_name']);
} else {
$module->page_title = _l($page_type_single . ': %s', _l('New'));
}
// check permissions.
if (class_exists('module_security', false)) {
if ($customer_id > 0 && $customer['customer_id'] == $customer_id) {
// if they are not allowed to "edit" a page, but the "view" permission exists
// then we automatically grab the page and regex all the crap out of it that they are not allowed to change
// eg: form elements, submit buttons, etc..
module_security::check_page(array('category' => 'Customer', 'page_name' => $page_type, 'module' => 'customer', 'feature' => 'Edit'));
} else {
module_security::check_page(array('category' => 'Customer', 'page_name' => $page_type, 'module' => 'customer', 'feature' => 'Create'));
}
module_security::sanatise_data('customer', $customer);
}
if (isset($_REQUEST['preview_email'])) {
module_template::init_template('customer_statement_email', 'Dear {CUSTOMER_NAME},<br>
<br>
Please find below a copy of your details.<br><br>
{EMAIL_DETAILS}<br><br>
Thank you,<br><br>
{FROM_NAME}
', 'Customer Statement: {CUSTOMER_NAME}', array('CUSTOMER_NAME' => 'Customers Name'));
$template_name = isset($_REQUEST['template_name']) ? $_REQUEST['template_name'] : 'customer_statement_email';
$template = module_template::get_template_by_key($template_name);
$to = module_user::get_contacts(array('customer_id' => $customer['customer_id']));
$to_select = false;
if ($customer['primary_user_id']) {
$primary = module_user::get_user($customer['primary_user_id']);
示例11: _l
if ($vendor_id > 0 && $vendor['vendor_id'] == $vendor_id) {
$module->page_title = _l($page_type_single . ': %s', $vendor['vendor_name']);
} else {
$module->page_title = _l($page_type_single . ': %s', _l('New'));
}
// check permissions.
if (class_exists('module_security', false)) {
if ($vendor_id > 0 && $vendor['vendor_id'] == $vendor_id) {
// if they are not allowed to "edit" a page, but the "view" permission exists
// then we automatically grab the page and regex all the crap out of it that they are not allowed to change
// eg: form elements, submit buttons, etc..
module_security::check_page(array('category' => 'Vendor', 'page_name' => $page_type, 'module' => 'vendor', 'feature' => 'Edit'));
} else {
module_security::check_page(array('category' => 'Vendor', 'page_name' => $page_type, 'module' => 'vendor', 'feature' => 'Create'));
}
module_security::sanatise_data('vendor', $vendor);
}
?>
<form action="" method="post" id="vendor_form">
<input type="hidden" name="_process" value="save_vendor" />
<input type="hidden" name="vendor_id" value="<?php
echo $vendor_id;
?>
" />
<input type="hidden" name="_redirect" value="" id="form_redirect" />
<?php
module_form::set_required(array('fields' => array('vendor_name' => 'Name', 'name' => 'Contact Name')));
module_form::prevent_exit(array('valid_exits' => array('.submit_button')));
module_form::print_form_auth();
//!(int)$vendor['vendor_id'] &&
示例12: _l
$report_id = (int) $_REQUEST['report_id'];
$report = module_report::get_report($report_id);
if ($report_id > 0 && $report['report_id'] == $report_id) {
$module->page_title = _l('Report: %s', $report['report_title']);
} else {
$module->page_title = _l('Report: %s', _l('New'));
}
if ($report_id > 0 && $report) {
if (class_exists('module_security', false)) {
module_security::check_page(array('module' => $module->module_name, 'feature' => 'edit'));
}
} else {
if (class_exists('module_security', false)) {
module_security::check_page(array('module' => $module->module_name, 'feature' => 'create'));
}
module_security::sanatise_data('report', $report);
}
if ($report_id > 0 && isset($_REQUEST['o']) && $_REQUEST['o'] == 'xls') {
require_once 'php-excel.class.php';
// sending query
$sql = $report['notes'];
$export = mysql_query($sql);
if (mysql_errno()) {
set_error('SQL Error: ' . mysql_error() . ' ' . $sql);
?>
<span class="button">
<?php
echo create_link("Edit", "edit", module_report::link_generate($report['report_id'], array()));
?>
</span><?php
return false;
示例13: array
$quote_id = (int) $_REQUEST['quote_id'];
$quote = module_quote::get_quote($quote_id);
$quote_id = (int) $quote['quote_id'];
$staff_members = module_user::get_staff_members();
$staff_member_rel = array();
foreach ($staff_members as $staff_member) {
$staff_member_rel[$staff_member['user_id']] = $staff_member['name'];
}
if ($quote_id > 0 && $quote['quote_id'] == $quote_id) {
$module->page_title = _l('Quote: %s', $quote['name']);
} else {
$module->page_title = _l('Quote: %s', _l('New'));
}
// check permissions.
if (class_exists('module_security', false)) {
module_security::sanatise_data('quote', $quote);
}
$quote_tasks = module_quote::get_quote_items($quote_id, $quote);
if (class_exists('module_import_export', false)) {
if (module_quote::can_i('view', 'Export Quote Tasks')) {
module_import_export::enable_pagination_hook(array('name' => 'Quote Tasks Export', 'fields' => array('Quote Name' => 'quote_name', 'Task ID' => 'quote_task_id', 'Order' => 'task_order', 'Short Description' => 'description', 'Long Description' => 'long_description', 'Hours' => 'hours', 'Amount' => 'amount', 'Billable' => 'billable', 'Staff Member' => 'user_name')));
if (isset($_REQUEST['import_export_go']) && $_REQUEST['import_export_go'] == 'yes') {
// do the task export.
module_import_export::run_pagination_hook($quote_tasks);
}
}
if (module_quote::can_i('view', 'Import Quote Tasks')) {
$import_tasks_link = module_import_export::import_link(array('callback' => 'module_quote::handle_import_tasks', 'name' => 'Quote Tasks', 'quote_id' => $quote_id, 'return_url' => $_SERVER['REQUEST_URI'], 'fields' => array('Task ID' => array('quote_task_id', false, 'The existing system ID for this task. Will overwrite existing task ID. Leave blank to create new task.'), 'Order' => array('task_order', false, 'The numerical order the tasks will appear in.'), 'Short Description' => array('description', true), 'Long Description' => 'long_description', 'Hours' => 'hours', 'Hours Completed' => 'completed', 'Amount' => 'amount', 'Billable' => array('billable', false, '1 for billable, 0 for non-billable'), 'Staff Member' => array('user_name', false, 'One of: ' . implode(', ', $staff_member_rel)))));
}
}
?>
示例14: _l
$module->page_title = _l('Invoice: #%s', htmlspecialchars($invoice['name']));
if (class_exists('module_security', false)) {
// make sure current customer can access this invoice
if (!module_security::can_access_data('invoice', $invoice, $invoice_id)) {
echo 'Data access denied. Sorry.';
exit;
}
module_security::check_page(array('category' => 'Invoice', 'page_name' => 'Invoices', 'module' => 'invoice', 'feature' => 'edit'));
}
} else {
$invoice_id = 0;
$invoice = module_invoice::get_invoice($invoice_id);
if (class_exists('module_security', false)) {
module_security::check_page(array('category' => 'Invoice', 'page_name' => 'Invoices', 'module' => 'invoice', 'feature' => 'create'));
}
module_security::sanatise_data('invoice', $invoice);
}
$invoice_items = module_invoice::get_invoice_items($invoice_id, $invoice);
$invoice_locked = $invoice['date_sent'] && $invoice['date_sent'] != '0000-00-00' || $invoice['date_paid'] && $invoice['date_paid'] != '0000-00-00';
if (isset($_REQUEST['as_deposit']) && isset($_REQUEST['job_id'])) {
$invoice['deposit_job_id'] = (int) $_REQUEST['job_id'];
}
$discounts_allowed = !(isset($invoice['deposit_job_id']) && $invoice['deposit_job_id'] > 0);
$customer_data = array();
if ($invoice['customer_id']) {
$customer_data = module_customer::get_customer($invoice['customer_id']);
}
$show_task_dates = module_config::c('invoice_task_list_show_date', 1);
$colspan = 2;
if ($show_task_dates) {
$colspan++;
示例15: array
* IP Address: 67.79.165.254
*/
$group_id = (int) $_REQUEST['group_id'];
$group = array();
if ($group_id > 0) {
if (class_exists('module_security', false)) {
module_security::check_page(array('category' => 'Group', 'page_name' => 'Groups', 'module' => 'group', 'feature' => 'edit'));
}
$group = module_group::get_group($group_id);
} else {
}
if (!$group) {
die('Creating groups this way is disabled');
$group_id = 'new';
$group = array('group_id' => 'new', 'name' => '', 'default_text' => '');
module_security::sanatise_data('group', $group);
}
?>
<form action="" method="post">
<?php
module_form::prevent_exit(array('valid_exits' => array('.submit_button')));
?>
<input type="hidden" name="_process" value="save_group" />
<input type="hidden" name="group_id" value="<?php
echo $group_id;
?>