本文整理汇总了PHP中security类的典型用法代码示例。如果您正苦于以下问题:PHP security类的具体用法?PHP security怎么用?PHP security使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了security类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: upload
public function upload()
{
// security check first
$token_handler = new security();
$token_handler->check_token();
// receives data from input form:
/*
* <form action="upload.php" method="post" enctype="multipart/form-data">
Select image to upload:
<input type="file" name="fileToUpload" id="fileToUpload">
<input type="submit" value="Upload Image" name="submit">
</form>
*/
$target_dir = PHOTO_DIR;
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file, PATHINFO_EXTENSION);
// actual photo/image ?
$msg = '';
if (isset($_POST["submit"])) {
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if ($check !== false) {
$msg .= "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
$msg .= "File is not an image.";
$uploadOk = 0;
}
}
// Check if file already exists
if (file_exists($target_file)) {
$msg .= "Sorry, file already exists.";
$uploadOk = 0;
}
// Check file size
if ($_FILES["fileToUpload"]["size"] > 500000) {
$msg .= "Sorry, your file is too large.";
$uploadOk = 0;
}
// Allow certain file formats
if ($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif") {
$msg .= "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
$uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
$msg .= "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
$msg .= "The file " . basename($_FILES["fileToUpload"]["name"]) . " has been uploaded.";
} else {
$msg .= "Sorry, there was an error uploading your file.";
}
}
$result = array('message' => $msg, 'ok' => $uploadOk);
return $result;
}示例2: __construct
/**
* @param FactoryInterface $factory
* @param EntityManager $entityManager
* @param TokenStorage $security
*/
public function __construct(FactoryInterface $factory, EntityManager $entityManager, TokenStorage $security)
{
$this->factory = $factory;
$this->entityManager = $entityManager;
$this->security = $security;
$this->repository = $this->entityManager->getRepository('BigfootUserBundle:RoleMenu');
$this->menu = null;
$this->children = array();
$this->user = $this->security->getToken()->getUser();
}示例3: edit
public static function edit()
{
if (!security::isLogged() || !USER_IS_ADMIN) {
return;
}
$name = f::getParam("name");
$availableFrom = f::date2sql(f::getParam("available_from"));
$availableTo = f::date2sql(f::getParam("available_to"));
$status = f::getParam("status");
if ($status != 1 && $status != 0 && $status != 2) {
f::setError(400, "Wrong Status");
}
if (!$name) {
f::setError(400, "Invalid form name");
}
$clientExists = f::dbRes("select 1 from fm_clients where id = {p:client_id}");
if (!$clientExists) {
f::setError(400, "Client does not Exist");
}
if (!f::hasErrors()) {
if (f::getParam("form_id")) {
f::dbQuery("insert into fm_forms_log (created_date, form_id, client_id, name, enabled_domains, detail, available_from, available_to, status, description)\n\t\t\t\t\tselect now(), id, client_id, name, enabled_domains, detail, available_from, available_to, status, description from fm_forms where id = {p:form_id}");
f::dbQuery("update fm_forms set name = {p:name}, detail = {p:detail}, available_from = {availableFrom}, available_to = {availableTo}, status = {p:status} where id = {p:form_id}", array("availableFrom" => $availableFrom, "availableTo" => $availableTo));
} else {
f::dbQuery("insert into fm_forms set client_id = {p:client_id}, name = {p:name}, detail = {p:detail}, available_from = {availableFrom}, available_to = {availableTo}, status = {p:status} ", array("availableFrom" => $availableFrom, "availableTo" => $availableTo));
}
f::setResponseJson(array("ok" => 1));
}
}示例4: update
public function update($id)
{
if (request::is_ajax() and request::method() == 'post') {
$this->auto_render = FALSE;
$post = security::xss_clean($this->input->post());
$item = $this->item_model->find($id)->as_array();
if (!empty($_FILES['item-image']['name'])) {
$targetPath = 'assets/uploads/items/';
$filename = $_FILES['item-image']['name'];
$tempname = $_FILES['item-image']['tmp_name'];
$temp = explode(".", $filename);
$extension = end($temp);
if (!is_dir($targetPath)) {
mkdir($targetPath, 0700);
$salt = 'items-' . uniqid() . '-';
$targetFile = $targetPath . $salt . $filename;
$this->start_upload($targetFile, $tempname);
} else {
$salt = 'items-' . uniqid() . '-';
$targetFile = $targetPath . $salt . $filename;
$this->start_upload($targetFile, $tempname);
}
} else {
$targetFile = $item['image_file_name'];
}
$post = array("category_id" => $post['item-category'], "code" => $post['item-code'], "name" => $post['item-name'], "quantity" => $item['quantity'], "unit" => $post['item-unit'], "cost" => $post['item-cost'], "price" => $post['item-price'], "description" => $post['item-description'], "image_file_name" => $targetFile);
$this->item_model->update($post, $id);
log_helper::add("1", $this->user_log, $this->user_id, "Updated Item named " . $post['name']);
}
}示例5: save
public static function save()
{
if (!security::isLogged() || !USER_IS_ADMIN) {
return;
}
$status = f::getParam("status");
$clientId = f::getParam("client_id");
$name = f::getParam("name");
if ($status != 1 && $status != 0) {
f::setError(400, "Invalid Client Status");
}
if (!$clientId && !$name) {
f::setError(400, "Invalid Client Name");
}
$clientExists = f::dbRes("select 1 from fm_clients where id = {p:client_id}") == 1;
if ($clientId && !$clientExists) {
f::setError(400, "Invalid Client Id");
}
if (!f::hasErrors()) {
if ($clientId) {
f::dbQuery("update fm_clients set status = {p:status} where id = {p:client_id}");
} else {
f::dbQuery("insert into fm_clients set name = {p:name}, status = {p:status}");
}
f::setResponseJson(array("ok" => 1));
}
}示例6: __construct
public function __construct()
{
parent::__construct();
$this->spam = antispam::getInstance();
$this->security = security::getInstance();
$this->filter = array('content' => array('filters' => array()), 'suscribe' => array('filters' => array(array('trueOrFalse'))));
$this->validate = array('author' => array('required' => true, 'rules' => array(array('rule' => VALID_NOT_EMPTY, 'message' => 'Por favor introduce tu Nombre.'))), 'url' => array('rules' => array(array('rule' => VALID_URL, 'message' => 'No es una URL valida.'))), 'email' => array('required' => true, 'rules' => array(array('rule' => VALID_EMAIL, 'message' => 'El e-mail no es valido.'))), 'content' => array('required' => true, 'rules' => array(array('rule' => VALID_NOT_EMPTY, 'message' => 'Debes introducir un comentario.'), array('rule' => array('isSpam'), 'message' => 'No se aceptan comentarios en blanco o con spam.'))));
}示例7: reset
public function reset()
{
$token_handler = new security();
$token_handler->check_token();
$content = '';
// resets users password
// sends an email containing a link + token with 6h validity
// from this link, access this same method, but with confirm=yes in url
if (isset($_GET['confirm'])) {
if ($_GET['confirm'] == 'yes') {
// check token with database
// will arrive here from user's mail - show form to enter new password and UPDATE it in the database
}
} else {
// send email to user with link to reset, redirecting here
// ?controller=users&action=reset&confirm=yes&token=ETC
// 1st, check if user + email exist in database
$connection = new database();
$sql = "SELECT username, email FROM users WHERE username=?";
$data[] = $_POST['username'];
$user_results = $connection->fetchAll($sql, $data);
if ($connection->row_count = 1) {
// ok, found one user with this username
// but, does he/she has an email?
if ($_POST['email'] != '') {
if ($user_results[0]['email'] == $_POST['email']) {
// send email with proper link to reset password
$content .= "<p>Dear {$_POST['username']}, an email was sent to {$_POST['email']} with instructions on how to reset your password.";
$content .= "<p>It should arrive momentarily; if not, check your spam box or contact the administrator.";
// TODO: send email to reset password.
// Contains a link with a token that redirects to a special page - this only confirms that user has acces to the concerned email
} else {
$content .= "<p>Email not found or invalid. Please, try again.";
$content .= "<p>Contact the administrator if you think you do not have a registered email.";
}
} else {
$content .= "<p>Email is obligatory. Please, try again.";
}
} else {
$content .= "User not found. Please, try again!";
}
}
$output['page'] = 'views/forgot.php';
$output['content'] = $content;
return $output;
}示例8: save
public function save()
{
if (request::is_ajax() && request::method() === 'post') {
$this->auto_render = FALSE;
$post = security::xss_clean($this->input->post());
log_helper::add("1", $this->user_log, $this->user_id, "Added New Purchase");
$this->purchase_model->insert($post);
}
}示例9: delete
function delete($colum = '')
{
if ($colum == '') {
$colum = $this->key;
}
$this->db->delete_record($this->table, $colum, $_POST['cid'], $this->pathadm);
$this->db->delete_record($this->table_image, $colum, $_POST['cid'], $this->path_otheradm);
security::redirect($this->module, 'list_reports');
}示例10: save
public function save()
{
if (request::is_ajax() && request::method() === 'post') {
$this->auto_render = FALSE;
$post = security::xss_clean($this->input->post());
$latest = json_helper::convert($this->district_model->insert($post));
echo json_encode($latest);
}
}示例11: __construct
public function __construct()
{
parent::__construct();
security::logged_in();
$this->id = null;
$arr = array(0 => '') + acc_ctrl::_load_account();
$this->acc_id = new sel($arr);
$this->name = new text();
$this->total = 0;
}示例12: checkSessionVariables
private function checkSessionVariables()
{
if (count($_SESSION) > 0) {
foreach ($_SESSION as $nElement => $nValue) {
if (is_array($nValue)) {
die("SESSION variable nElement can't be array");
}
$nValue = security::toHTML($nValue);
}
}
}示例13: delete
function delete()
{
$cat = new category_news();
$news = new news();
if ($this->db->check_delete($news->table, $this->key, $_POST['cid']) > 0) {
$this->db->alert('You must delete news first.');
security::redirect($news->module, 'list');
return false;
}
$this->db->delete_record($this->table, $this->key, $_POST['cid']);
$cat->delete($this->key);
}示例14: delete
function delete()
{
$cat = new category_pro();
$pro = new product();
if ($this->db->check_delete($pro->table, $this->key, $_POST['cid']) > 0) {
$this->db->alert('Bạn phải xóa sản phẩm thuộc nhóm chủng loại cần xóa trước');
security::redirect($pro->module, 'list');
return false;
}
$this->db->delete_record($this->table, $this->key, $_POST['cid']);
$cat->delete($this->key);
}示例15: get
public static function get()
{
if (!security::isLogged()) {
return;
}
$clients = f::dbFullRes("select distinct c.id, c.name \n\t\t\t\t\t\t\t\t from fm_clients c\n\t\t\t\t\t\t\t\t join fm_users_clients uc on (uc.client_id = c.id)\n\t\t\t\t\t\t\t\t where c.status = 1\n\t\t\t\t\t\t\t\t and uc.user_id = {userId}\n\t\t\t\t\t\t\t\t order by c.name ", array("userId" => USER_ID));
$forms = f::dbFullRes("select c.id client_id, f.id, f.name, f.status\n\t\t\t\t\t\t\t\t from fm_forms f\n\t\t\t\t\t\t\t\t join fm_clients c on (c.id = f.client_id)\n\t\t\t\t\t\t\t\t join fm_users_clients uc on (uc.client_id = c.id)\n\t\t\t\t\t\t\t\t where c.status = 1\n\t\t\t\t\t\t\t\t and uc.user_id = {userId}\n\t\t\t\t\t\t\t\t order by c.id, f.status desc, f.id desc ", array("userId" => USER_ID));
foreach ($forms as $k => $v) {
$siteTableId = "fm_userdata_" . substr("00" . $forms[$k]["client_id"], -3);
$forms[$k]["data_7_days"] = f::dbRes("select count(*) from {d:siteTableId} ud where ud.form_id = {formId} and date(created_date) >= (CURDATE() - INTERVAL 7 DAY)", array("siteTableId" => $siteTableId, "formId" => $forms[$k]["id"]));
$forms[$k]["data_total"] = f::dbRes("select count(*) from {d:siteTableId} ud where ud.form_id = {formId}", array("siteTableId" => $siteTableId, "formId" => $forms[$k]["id"]));
}
f::setResponseJson(array("clients" => $clients, "forms" => $forms));
}