PHP CheckSql函數代碼示例

本文整理匯總了PHP中CheckSql函數的典型用法代碼示例。如果您正苦於以下問題：PHP CheckSql函數的具體用法？PHP CheckSql怎麽用？PHP CheckSql使用的例子？那麽, 這裏精選的函數代碼示例或許可以為您提供幫助。

在下文中一共展示了CheckSql函數的15個代碼示例，這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚，您的評價將有助於係統推薦出更棒的PHP代碼示例。

示例1: TakeNavigateList

 function TakeNavigateList($group = false, $skip = 0, $take = 10, $orderby = "convert(`group` USING gbk) COLLATE gbk_chinese_ci,displayorder,navid")
 {
     global $yiqi_db;
     if ($group) {
         return $yiqi_db->get_results(CheckSql("select * from yiqi_navigate as nav where nav.group = '{$group}' AND nav.status = 'ok' order by {$orderby} limit {$skip},{$take}"));
     } else {
         return $yiqi_db->get_results(CheckSql("select * from yiqi_navigate as nav where nav.status = 'ok' order by {$orderby} limit {$skip},{$take}"));
     }
 }

開發者ID:Fengtalk，項目名稱:yiqicms，代碼行數:9，代碼來源:navigate.class.php

示例2: TakeMetaList

 function TakeMetaList($skip = 0, $take = 10, $orderby = "metaid")
 {
     global $yiqi_db;
     if ($take < 1) {
         return $yiqi_db->get_results(CheckSql("select metaid from yiqi_meta"));
     } else {
         return $yiqi_db->get_results(CheckSql("select * from yiqi_meta order by {$orderby} limit {$skip},{$take}"));
     }
 }

開發者ID:Fengtalk，項目名稱:yiqicms，代碼行數:9，代碼來源:meta.class.php

示例3: TakeKeywordsList

 function TakeKeywordsList($skip = 0, $take = 10, $where = "", $orderby = "displayorder")
 {
     global $yiqi_db;
     if ($where == "") {
         return $yiqi_db->get_results(CheckSql("select * from yiqi_keywords order by {$orderby} limit {$skip},{$take}"));
     } else {
         return $yiqi_db->get_results(CheckSql("select * from yiqi_keywords {$where} order by {$orderby} limit {$skip},{$take}"));
     }
 }

開發者ID:Fengtalk，項目名稱:yiqicms，代碼行數:9，代碼來源:keywords.class.php

示例4: GetDefaultTemplets

 function GetDefaultTemplets()
 {
     global $yiqi_db;
     $defaulttemplets = $yiqi_db->get_row(CheckSql("select * from yiqi_settings where varname = 'sitetemplets' limit 1"));
     if (is_object($defaulttemplets)) {
         return $this->GetTemplets($defaulttemplets->value);
     } else {
         return null;
     }
 }

開發者ID:Fengtalk，項目名稱:yiqicms，代碼行數:10，代碼來源:templets.class.php

示例5: checkauth

function checkauth()
{
    global $yiqi_db;
    global $adminuserinfo;
    $pagename = end(explode("/", $_SERVER["PHP_SELF"]));
    $sql = "select * from yiqi_regular where value like '{$pagename}%' limit 1";
    $regularinfo = $yiqi_db->get_row(CheckSql($sql));
    $userregular = explode("|", $adminuserinfo->regular);
    if (!checkregular($regularinfo->rid)) {
        ShowMsg("您沒有權限訪問此頁", "back");
        exit;
    }
}

開發者ID:Fengtalk，項目名稱:yiqicms，代碼行數:13，代碼來源:userauth.php

示例6: query

 /** 
  * 035.* 執行一條sql語句 
  * 036.* @param string $sql 要執行的sql語句 
  * 037.* @param string $type 如果$type為UNBUFFERED:則執行mysql_unbuffered_query();他與mysql_query的區別是，執行後不獲取和緩存結果的行 
  * 038.* @return object 
  * 039.
  * */
 function query($sql, $type = '')
 {
     $sql = CheckSql($sql);
     //檢查安全過濾sql
     $func = $type == 'UNBUFFERED' && @function_exists('mysql_unbuffered_query') ? 'mysql_unbuffered_query' : 'mysql_query';
     if (!($query = $func($sql, $this->link))) {
         if (in_array($this->errno(), array(2006, 2013)) && substr($type, 0, 5) != 'RETRY') {
             $this->close();
             require ROOT_PATH . '/config.inc.php';
             $this->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect);
             $this->query($sql, 'RETRY' . $type);
         } elseif ($type != 'SILENT' && substr($type, 5) != 'SILENT') {
             $this->halt('MySQL Query Error', $sql);
         }
     }
     $this->querynum++;
     return $query;
 }

開發者ID:GHubgenius，項目名稱:julianufo-project-daigou，代碼行數:25，代碼來源:db_mysql.class.php

示例7: formaturl

function formaturl($params)
{
    global $yiqi_db;
    extract($params);
    $sql = "select * from yiqi_settings where varname = 'urlrewrite' limit 1";
    $result = $yiqi_db->get_row(CheckSql($sql));
    if (strpos($name, "http://") === 0) {
        return $name;
    }
    $name = urlencode($name);
    if ($result->value == "true" || $result->value == "html" || $generatehtml) {
        switch ($type) {
            case "category":
                if (is_numeric($page) && $page > 1) {
                    $urlinfo = "category/{$name}" . "_" . "{$page}/";
                } else {
                    $urlinfo = "category/{$name}/";
                }
                break;
            case "article":
                $urlinfo = "article/{$name}.html";
                break;
            case "product":
                $urlinfo = "product/{$name}.html";
                break;
            case "catalog":
                $urlinfo = "catalog/{$name}/";
                break;
            case "comment":
                $urlinfo = "comment.html";
                break;
            case "sitemap":
                $urlinfo = "sitemap.xml";
                break;
        }
    } else {
        switch ($type) {
            case "category":
                if (is_numeric($page)) {
                    $urlinfo = "category.php?name={$name}&p={$page}";
                } else {
                    $urlinfo = "category.php?name={$name}";
                }
                break;
            case "article":
                $urlinfo = "article.php?name={$name}";
                break;
            case "product":
                $urlinfo = "product.php?name={$name}";
                break;
            case "catalog":
                $urlinfo = "catalog.php?type={$name}";
                break;
            case "comment":
                $urlinfo = "comment.php";
                break;
            case "sitemap":
                $urlinfo = "sitemap.php";
                break;
        }
    }
    $rurl = $siteurl . "/" . $urlinfo;
    if ($generatehtml) {
        $rurl = $urlinfo;
    }
    return $rurl;
}

開發者ID:Fengtalk，項目名稱:yiqicms，代碼行數:67，代碼來源:templets.func.php

示例8: TakeUserList

 function TakeUserList($skip = 0, $take = 10)
 {
     global $yiqi_db;
     return $yiqi_db->get_results(CheckSql("select * from yiqi_users order by adddate desc,uid desc limit {$skip},{$take}"));
 }

開發者ID:Fengtalk，項目名稱:yiqicms，代碼行數:5，代碼來源:user.class.php

示例9: date

 }
 if (empty($categoryfilename)) {
     $categoryfilename = date("YmdHis");
 }
 $categoryfilename = str_replace(" ", "-", $categoryfilename);
 $existfilename = $categorydata->ExistFilename($categoryfilename);
 if ($existfilename == 1) {
     if ($categoryfilename != $catinfo->filename) {
         if (strpos($categoryfilename, "http://") !== 0) {
             exit("指定的文件名已經存在");
         }
     }
 }
 $categorytemplets = str_replace("{style}/", "", $categorytemplets);
 $sql = "UPDATE yiqi_category SET name = '{$categoryname}',seotitle='{$categoryseotitle}',seokeywords='{$categoryseokeywords}',seodescription='{$categoryseodescription}',description='{$categorydescription}',filename = '{$categoryfilename}',templets = '{$categorytemplets}',takenumber = '{$categorytakenumber}' WHERE cid = '{$cid}'";
 $result = $yiqi_db->query(CheckSql($sql));
 if ($result == 1) {
     $genehtml = getset("urlrewrite")->value;
     if ($genehtml == "html") {
         $category = $categorydata->GetCategory($cid);
         if (!$tempinfo->template_exists($category->templets)) {
             exit("沒有找到文章模板,請與管理員聯係!");
         }
         $curpage = 1;
         $source = getcategorysource($category, $curpage);
         $total = $source['totalpage'];
         $urlparam = array('name' => $category->filename, 'type' => 'category', 'generatehtml' => 1, 'page' => $curpage);
         $fileurl = formaturl($urlparam);
         $cachedata->WriteFileCache(YIQIROOT . '/' . $fileurl . 'index.html', $source['source'], true);
         while ($total > $curpage) {
             $curpage++;

開發者ID:Fengtalk，項目名稱:yiqicms，代碼行數:31，代碼來源:category-edit.php

示例10: UpdateCount

 function UpdateCount($aid)
 {
     global $yiqi_db;
     $sql = "UPDATE yiqi_article SET viewcount = viewcount+1 where aid = '{$aid}' limit 1";
     $yiqi_db->query(CheckSql($sql));
 }

開發者ID:Fengtalk，項目名稱:yiqicms，代碼行數:6，代碼來源:article.class.php

示例11: lib_sql

function lib_sql(&$ctag, &$refObj)
{
    global $dsql, $sqlCt, $cfg_soft_lang;
    $attlist = "sql|appname";
    FillAttsDefault($ctag->CAttribute->Items, $attlist);
    extract($ctag->CAttribute->Items, EXTR_SKIP);
    //傳遞環境參數
    preg_match_all("/~([A-Za-z0-9]+)~/s", $sql, $conditions);
    $appname = empty($appname) ? 'default' : $appname;
    if (is_array($conditions)) {
        foreach ($conditions[1] as $key => $value) {
            if (isset($refObj->Fields[$value])) {
                $sql = str_replace($conditions[0][$key], "'" . addslashes($refObj->Fields[$value]) . "'", $sql);
            }
        }
    }
    $revalue = '';
    $Innertext = trim($ctag->GetInnerText());
    if ($sql == '' || $Innertext == '') {
        return '';
    }
    if (empty($sqlCt)) {
        $sqlCt = 0;
    }
    $ctp = new DedeTagParse();
    $ctp->SetNameSpace('field', '[', ']');
    $ctp->LoadSource($Innertext);
    $thisrs = 'sq' . $sqlCt;
    $GLOBALS['autoindex'] = 0;
    // 引入配置文件
    if ($appname != 'default') {
        require_once DEDEDATA . '/tag/sql.inc.php';
        global $sqltag;
        $config = $sqltag[$appname];
        if (!isset($config['dbname'])) {
            return '';
        }
        // 鏈接數據庫
        $linkid = @mysql_connect($config['dbhost'], $config['dbuser'], $config['dbpwd']);
        if (!$linkid) {
            return '';
        }
        @mysql_select_db($config['dbname']);
        $mysqlver = explode('.', $dsql->GetVersion());
        $mysqlver = $mysqlver[0] . '.' . $mysqlver[1];
        // 設定數據庫編碼及長連接
        if ($mysqlver > 4.0) {
            @mysql_query("SET NAMES '" . $config['dblanguage'] . "', character_set_client=binary, sql_mode='', interactive_timeout=3600 ;", $linkid);
        }
        $prefix = "#@__";
        $sql = str_replace($prefix, $config['dbprefix'], $sql);
        // 校驗SQL字符串並獲取數組返回
        $sql = CheckSql($sql);
        $rs = @mysql_query($sql, $linkid);
        while ($row = mysql_fetch_array($rs, MYSQL_ASSOC)) {
            $sqlCt++;
            $GLOBALS['autoindex']++;
            // 根據程序判斷編碼類型,並進行轉碼,這裏主要就是gbk和utf-8
            if (substr($cfg_soft_lang, 0, 2) != substr($config['dblanguage'], 0, 2)) {
                $row = AutoCharset($row, $config['dblanguage'], $cfg_soft_lang);
            }
            foreach ($ctp->CTags as $tagid => $ctag) {
                if ($ctag->GetName() == 'array') {
                    $ctp->Assign($tagid, $row);
                } else {
                    if (!empty($row[$ctag->GetName()])) {
                        $ctp->Assign($tagid, $row[$ctag->GetName()]);
                    } else {
                        $ctp->Assign($tagid, "");
                    }
                }
            }
            $revalue .= $ctp->GetResult();
        }
        @mysql_free_result($rs);
    } else {
        $dsql->Execute($thisrs, $sql);
        while ($row = $dsql->GetArray($thisrs)) {
            $sqlCt++;
            $GLOBALS['autoindex']++;
            foreach ($ctp->CTags as $tagid => $ctag) {
                if ($ctag->GetName() == 'array') {
                    $ctp->Assign($tagid, $row);
                } else {
                    if (!empty($row[$ctag->GetName()])) {
                        $ctp->Assign($tagid, $row[$ctag->GetName()]);
                    } else {
                        $ctp->Assign($tagid, "");
                    }
                }
            }
            $revalue .= $ctp->GetResult();
        }
    }
    return $revalue;
}

開發者ID:hensonvip，項目名稱:ymroad，代碼行數:96，代碼來源:sql.lib.php

示例12: CheckSql

<?php

if (isset($_GET['Submit'])) {
    // Retrieve data
    $id = $_GET['id'];
    $id = CheckSql($id, 'select');
    $getid = "SELECT first_name, last_name FROM users WHERE user_id = {$id}";
    $result = mysql_query($getid) or die('<pre>' . mysql_error() . '</pre>');
    $num = mysql_numrows($result);
    $i = 0;
    while ($i < $num) {
        $first = mysql_result($result, $i, "first_name");
        $last = mysql_result($result, $i, "last_name");
        $html .= '<pre>';
        $html .= 'ID: ' . $id . '<br>First name: ' . $first . '<br>Surname: ' . $last;
        $html .= '</pre>';
        $i++;
    }
}
//SQL語句過濾程序，由80sec提供，這裏作了適當的修改
function CheckSql($db_string, $querytype = 'select')
{
    $clean = '';
    $error = '';
    $old_pos = 0;
    $pos = -1;
    $userIP = GetIP();
    $getUrl = GetCurUrl();
    //如果是普通查詢語句，直接過濾一些特殊語法
    if ($querytype == 'select') {
        $notallow1 = "[^0-9a-z@\\._-]{1,}(union|sleep|benchmark|load_file|outfile)[^0-9a-z@\\.-]{1,}";

開發者ID:lxj616，項目名稱:DVWA-WooYun，代碼行數:31，代碼來源:low.php

示例13: SetQuery

 function SetQuery($sql)
 {
     $prefix = "#@__";
     $sql = str_replace($prefix, $this->dbPrefix, $sql);
     $this->queryString = $sql;
     if ($this->safeCheck) {
         CheckSql($this->queryString);
         //檢查安全性
     }
     return $this->queryString;
 }

開發者ID:lz1988，項目名稱:stourwebcms，代碼行數:11，代碼來源:slinesql.class.php

示例14: Templets

require_once 'product.class.php';
require_once 'link.class.php';
require_once 'category.class.php';
require_once 'navigate.class.php';
require_once 'cache.class.php';
require_once 'meta.class.php';
$tempinfo = new Templets();
$templets = $tempinfo->GetDefaultTemplets();
if ($templets == null) {
    $templets->directory = "default";
}
$tempinfo->template_dir = YIQIROOT . '/templets/' . $templets->directory . '/';
$tempinfo->assign("templets", $templets);
$tempinfo->compile_dir = YIQIROOT . '/cache/compile/';
$sql = "select * from yiqi_settings";
$settinglist = $yiqi_db->get_results(CheckSql($sql));
if (count($settinglist) > 0) {
    foreach ($settinglist as $settinginfo) {
        $tempinfo->assign($settinginfo->varname, $settinginfo->value);
    }
}
$categorydata = new Category();
$categorylist = $categorydata->GetSubCategory(0, "product");
$tempinfo->assign("categorylist", $categorylist);
$tempinfo->register_function("formaturl", "formaturl");
$tempinfo->register_function("readrss", "readrss");
//定義區域
$citys = array("zhengzhou" => "鄭州", "taiyuan" => "太原", "xian" => "西安", "xinxiang" => "新鄉", "xuchang" => "許昌", "jiaozuo" => "焦作", "anyang" => "安陽", "xinyang" => "信陽", "puyang" => "濮陽", "datong" => "大同");
$cv = $_GET['city'];
$city = $cv ? $citys[$cv] : "";
$tempinfo->assign('city', $city);

開發者ID:Fengtalk，項目名稱:yiqicms，代碼行數:31，代碼來源:templets.inc.php

示例15: Execute

 function Execute($id = "me", $sql = '')
 {
     global $dsql;
     if (!$dsql->isInit) {
         $this->Init($this->pconnect);
     }
     if ($dsql->isClose) {
         $this->Open(FALSE);
         $dsql->isClose = FALSE;
     }
     if (!empty($sql)) {
         $this->SetQuery($sql);
     }
     //SQL語句安全檢查
     if ($this->safeCheck) {
         CheckSql($this->queryString);
     }
     $t1 = ExecTime();
     $this->result[$id] = mysql_query($this->queryString, $this->linkID);
     if ($this->recordLog) {
         $queryTime = ExecTime() - $t1;
         $this->RecordLog($queryTime);
     }
     if (!empty($this->result[$id]) && $this->result[$id] === FALSE) {
         $this->DisplayError(mysql_error() . " <br />Error sql: <font color='red'>" . $this->queryString . "</font>");
     }
 }

開發者ID:stonelf，項目名稱:mcgmh，代碼行數:27，代碼來源:dedesql.class.php

注：本文中的CheckSql函數示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台，相關代碼片段篩選自各路編程大神貢獻的開源項目，源碼版權歸原作者所有，傳播和使用請參考對應項目的License；未經允許，請勿轉載。