本文整理匯總了PHP中sql_sanitize函數的典型用法代碼示例。如果您正苦於以下問題:PHP sql_sanitize函數的具體用法?PHP sql_sanitize怎麽用?PHP sql_sanitize使用的例子?那麽, 這裏精選的函數代碼示例或許可以為您提供幫助。
在下文中一共展示了sql_sanitize函數的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的PHP代碼示例。
示例1: api_user_info
function api_user_info($array) {
/* build SQL query */
$sql_query = "SELECT *, DATE_FORMAT(password_change_last,'%M %e %Y %H:%i:%s') as password_change_last_formatted, DATE_FORMAT(last_login,'%M %e %Y %H:%i:%s') as last_login_formatted FROM user_auth WHERE ";
$sql_where = "";
if (($array) && (is_array($array))) {
foreach ($array as $field => $value) {
$sql_where .= $field . " = '" . sql_sanitize($value) . "' AND ";
}
/* remove trailing AND */
$sql_where = preg_replace("/ AND\ $/", "", $sql_where);
$sql_query = $sql_query . $sql_where;
}else{
/* error no array */
return "";
}
/* get the user info */
$user = db_fetch_row($sql_query);
if ((is_array($user)) && (sizeof($user) > 0)) {
return $user;
}else{
return NULL;
}
}
示例2: api_rra_consolidation_function_list
function api_rra_consolidation_function_list($rra_id) {
/* sanity checks */
validate_id_die($rra_id, "rra_id");
return array_rekey(db_fetch_assoc("select * from rra_cf where rra_id = " . sql_sanitize($rra_id)), "", "consolidation_function_id");
}
示例3: sql_save
function sql_save($array_items, $table_name, $key_cols = "id") {
global $cnn_id;
while (list ($key, $value) = each ($array_items)) {
$array_items[$key] = "\"" . sql_sanitize($value) . "\"";
}
if (!$cnn_id->Replace($table_name, $array_items, $key_cols, false)) { return 0; }
/* get the last AUTO_ID and return it */
if ($cnn_id->Insert_ID() == "0") {
if (!is_array($key_cols)) {
if (isset($array_items[$key_cols])) {
return str_replace("\"", "", $array_items[$key_cols]);
}
}
return 0;
}else{
return $cnn_id->Insert_ID();
}
}
示例4: sql_get_quoted_string
function sql_get_quoted_string($field_type, $field_value) {
if ($field_type == DB_TYPE_STRING) {
return "'" . sql_sanitize($field_value) . "'";
}else if ($field_type == DB_TYPE_INTEGER){
if (is_numeric($field_value)) {
return $field_value;
}else{
log_message("Invalid numeric column value '" . $field_value . "' in " . __FUNCTION__ . "()", LOG_LEVEL_WARNING, "lib-db");
die("Invalid numeric column value '" . $field_value . "' in " . __FUNCTION__ . "()");
}
}else if ($field_type == DB_TYPE_INTEGER) {
if (db_integer_validate($field_value, true, true)) {
return $field_value;
}else{
log_message("Invalid numeric column value '" . $field_value . "' in " . __FUNCTION__ . "()", LOG_LEVEL_WARNING, "lib-db");
die("Invalid numeric column value '" . $field_value . "' in " . __FUNCTION__ . "()");
}
}else if ($field_type == DB_TYPE_NULL) {
return "NULL";
}else if ($field_type == DB_TYPE_BLOB) {
// i think the addslashes() may cause problems for non-mysql dbs, but it wasn't working for me otherwise
return "'" . addslashes($field_value) . "'";
}else if ($field_type == DB_TYPE_HTML_CHECKBOX) {
if ($field_value == "on") {
return 1;
}else if ($field_value == "") {
return 0;
}else if ($field_value == "0") {
return 0;
}else if ($field_value == "1") {
return 1;
}else{
return 0;
}
}else if ($field_type == DB_TYPE_FUNC_NOW) {
return "NOW()";
}else if ($field_type == DB_TYPE_FUNC_MD5) {
return "'" . md5($field_value) . "'";
}else{
log_save("Invalid column type '" . $field_type . "' value '" . $field_value . "' in " . __FUNCTION__ . "()", SEV_WARNING);
}
}
示例5: api_graph_template_data_template_list
function api_graph_template_data_template_list($graph_template_id) {
/* sanity checks */
validate_id_die($graph_template_id, "graph_template_id");
return db_fetch_assoc("select distinct
data_template_item.data_template_id as id,
data_template.template_name
from graph_template_item,data_template_item,data_template
where graph_template_item.data_template_item_id=data_template_item.id
and data_template_item.data_template_id=data_template.id
and graph_template_item.graph_template_id = " . sql_sanitize($graph_template_id) . "
order by data_template.template_name");
}
示例6: sql_save
function sql_save($array_items, $table_name, $key_cols = "id", $autoinc = TRUE, $db_conn = FALSE)
{
global $cnn_id;
if (read_config_option("log_verbosity") == POLLER_VERBOSITY_DEVDBG) {
cacti_log("DEVEL: SQL Save on table '{$table_name}': \"" . serialize($array_items) . "\"", FALSE);
}
/* check for a connection being passed, if not use legacy behavior */
if (!$db_conn) {
$db_conn = $cnn_id;
}
while (list($key, $value) = each($array_items)) {
$array_items[$key] = sql_sanitize($value);
}
$replace_result = $db_conn->Replace($table_name, $array_items, $key_cols, FALSE, $autoinc);
if ($replace_result == 0) {
cacti_log("ERROR: SQL Save Command Failed for Table '{$table_name}'. Error was '" . $cnn_id->ErrorMsg() . "'", false);
return 0;
}
/* get the last AUTO_ID and return it */
if ($db_conn->Insert_ID() == "0" || $replace_result == 1) {
if (!is_array($key_cols)) {
if (isset($array_items[$key_cols])) {
return str_replace("'", "", $array_items[$key_cols]);
}
}
return 0;
} else {
return $db_conn->Insert_ID();
}
}
示例7: get_gravatar
if (isset($_SESSION['id'])) {
$quote = "<a href=\"#comment-" . $c['id'] . "-" . $c['author'] . "\" class=\"quote\">Quote</a> | ";
$pm = " | <a href=\"?base=ucp&page=mail&uc=" . $c['author'] . "\">PM</a>";
}
echo "\n\t\t\t<div class=\"well\"><img src=\"" . get_gravatar($c['email']) . "\" alt=\"" . $c['author'] . "\" class=\"img-responsive\" style=\"float:left;padding-right:10px;\"/>\n\t\t\t<h4 style=\"margin:0px;\">" . $c['author'] . "</h4>\n\t\t\t\t<b>Feedback:</b> " . $feedback . "<br/>\n\t\t\t\t<small>Posted " . ago($c['date']) . ", on " . date('M j, Y', $c['date']) . "</small><br/>\n\t\t\t\t<small>" . $modify . $quote . "<a href=\"#comment-link-" . $c['id'] . "\" class=\"permalink\">Permalink</a><a href=\"?base=main&page=events&id=" . $id . "#comment-" . $c['id'] . "\" class=\"permalinkshow linkid-" . $c['id'] . "\">?base=main&page=events&id=" . $id . "#comment-" . $c['id'] . "</a>" . $pm . "</small><hr/>\n\t\t\t\t<div class=\"breakword\" id=\"comment-" . $c['id'] . "\">" . $clean_comment . "</div>\n\t\t\t\t</div>";
}
}
} else {
$ge = $mysqli->query("SELECT * FROM " . $prefix . "events ORDER BY id DESC") or die;
$rows = $ge->num_rows;
if ($rows < 1) {
echo "<div class=\"alert alert-danger\">Oops! No events to display right now!</div>";
} else {
echo "<h2 class=\"text-left\">" . $servername . " Events</h2><hr/>";
while ($e = $ge->fetch_assoc()) {
$gc = $mysqli->query("SELECT * FROM " . $prefix . "ecomments WHERE eid='" . sql_sanitize($e['id']) . "' ORDER BY id ASC") or die;
$cc = $gc->num_rows;
echo "<img src=\"assets/img/news/" . $e['type'] . ".gif\" alt='' />";
echo "[" . $e['date'] . "] \n\t\t\t<b><a href=\"?base=main&page=events&id=" . $e['id'] . "\">" . stripslashes($e['title']) . "</a></b>\n\t\t<span class=\"commentbubble\">\n\t\t\t<b>" . $e['views'] . "</b> views | <b>" . $cc . "</b> comments\n\t\t";
if (isset($_SESSION['admin'])) {
echo "\n\t\t\t\t<a href=\"?base=admin&page=manevent&action=edit&id=" . $e['id'] . "\">Edit</a> | \n\t\t\t\t<a href=\"?base=admin&page=manevent&action=del\">Delete</a> | \n\t\t\t\t<a href=\"?base=admin&page=manevent&action=lock\">Lock</a> \n\t\t\t";
}
echo "</span><br/>";
}
}
}
?>
<script>
<?php
if (isset($_SESSION['id'])) {
?>
示例8: api_data_template_input_field_list
function api_data_template_input_field_list($data_template_id) {
/* sanity check for $data_template_id */
if ((!is_numeric($data_template_id)) || (empty($data_template_id))) {
return false;
}
return array_rekey(db_fetch_assoc("select name,t_value,value from data_template_field where data_template_id = " . sql_sanitize($data_template_id)), "name", array("value", "t_value"));
}
示例9: sql_save
function sql_save($array_items, $table_name, $key_cols = 'id', $autoinc = TRUE, $db_conn = FALSE)
{
global $database_sessions, $database_default;
/* check for a connection being passed, if not use legacy behavior */
if (!$db_conn) {
$db_conn = $database_sessions[$database_default];
}
if (read_config_option('log_verbosity') == POLLER_VERBOSITY_DEVDBG) {
cacti_log("DEVEL: SQL Save on table '{$table_name}': \"" . serialize($array_items) . '"', FALSE);
}
while (list($key, $value) = each($array_items)) {
$array_items[$key] = '"' . sql_sanitize($value) . '"';
}
$replace_result = _db_replace($db_conn, $table_name, $array_items, $key_cols, $autoinc);
if ($replace_result === false) {
cacti_log("ERROR: SQL Save Command Failed for Table '{$table_name}'. Error was '" . mysql_error($db_conn) . "'", false);
return FALSE;
}
/* get the last AUTO_ID and return it */
if (!$replace_result || db_fetch_insert_id($db_conn) == '0') {
if (!is_array($key_cols)) {
if (isset($array_items[$key_cols])) {
return str_replace('"', '', $array_items[$key_cols]);
}
}
return FALSE;
} else {
return $replace_result;
}
}
示例10: update_reindex_cache
function update_reindex_cache($host_id, $data_query_id) {
require_once(CACTI_BASE_PATH . "/lib/sys/snmp.php");
require_once(CACTI_BASE_PATH . "/include/data_query/data_query_constants.php");
require_once(CACTI_BASE_PATH . "/lib/device/device_info.php");
require_once(CACTI_BASE_PATH . "/lib/data_query/data_query_info.php");
/* will be used to keep track of sql statements to execute later on */
$recache_stack = array();
/* get information about the host */
$host = api_device_get($host_id);
/* get information about the host->data query assignment */
$host_data_query = api_device_data_query_get($host_id, $data_query_id);
/* get information about the data query */
$data_query = api_data_query_get($data_query_id);
switch ($host_data_query["reindex_method"]) {
case DATA_QUERY_AUTOINDEX_NONE:
break;
case DATA_QUERY_AUTOINDEX_BACKWARDS_UPTIME:
/* the uptime backwards method requires snmp, so make sure snmp is actually enabled
* on this device first */
if ($host["snmp_community"] != "") {
$assert_value = cacti_snmp_get($host["hostname"],
$host["snmp_community"],
".1.3.6.1.2.1.1.3.0",
$host["snmp_version"],
$host["snmpv3_auth_username"],
$host["snmpv3_auth_password"],
$host["snmpv3_auth_protocol"],
$host["snmpv3_priv_passphrase"],
$host["snmpv3_priv_protocol"],
$host["snmp_port"],
$host["snmp_timeout"],
SNMP_POLLER);
array_push($recache_stack, "insert into poller_reindex (host_id,data_query_id,action,op,assert_value,arg1) values (" . sql_sanitize($host_id) . "," . sql_sanitize($data_query_id) . ",0,'<','" . sql_sanitize($assert_value) . "','.1.3.6.1.2.1.1.3.0')");
}
break;
case DATA_QUERY_AUTOINDEX_INDEX_NUM_CHANGE:
/* this method requires that some command/oid can be used to determine the
* current number of indexes in the data query */
$assert_value = api_data_query_cache_num_rows_get($data_query_id, $host_id);
if ($data_query_type == DATA_QUERY_INPUT_TYPE_SNMP_QUERY) {
if ($data_query["snmp_oid_num_rows"] != "") {
array_push($recache_stack, "insert into poller_reindex (host_id,data_query_id,action,op,assert_value,arg1) values (" . sql_sanitize($host_id) . "," . sql_sanitize($data_query_id) . ",0,'=','" . sql_sanitize($assert_value) . "','" . sql_sanitize($data_query["snmp_oid_num_rows"]) . "')");
}
}else if ($data_query_type == DATA_QUERY_INPUT_TYPE_SCRIPT_QUERY) {
array_push($recache_stack, "insert into poller_reindex (host_id,data_query_id,action,op,assert_value,arg1) values (" . sql_sanitize($host_id) . "," . sql_sanitize($data_query_id) . ",1,'=','" . sql_sanitize($assert_value) . "','" . sql_sanitize(api_data_query_script_path_format($data_query_xml["script_path"]) . DATA_QUERY_SCRIPT_ARG_NUM_INDEXES) . "')");
}
break;
case DATA_QUERY_AUTOINDEX_FIELD_VERIFICATION:
$primary_indexes = api_data_query_cache_field_get($data_query_id, $host_id, $data_query["sort_field"]);
if (sizeof($primary_indexes) > 0) {
foreach ($primary_indexes as $index) {
$assert_value = $index["field_value"];
if ($data_query_type == DATA_QUERY_INPUT_TYPE_SNMP_QUERY) {
array_push($recache_stack, "insert into poller_reindex (host_id,data_query_id,action,op,assert_value,arg1) values (" . sql_sanitize($host_id) . "," . sql_sanitize($data_query_id) . ",0,'=','" . sql_sanitize($assert_value) . "','" . sql_sanitize($index["oid"]) . "')");
}else if ($data_query_type == DATA_QUERY_INPUT_TYPE_SCRIPT_QUERY) {
array_push($recache_stack, "insert into poller_reindex (host_id,data_query_id,action,op,assert_value,arg1) values (" . sql_sanitize($host_id) . "," . sql_sanitize($data_query_id) . ",1,'=','" . sql_sanitize($assert_value) . "','" . sql_sanitize(api_data_query_script_path_format($data_query_xml["script_path"]) . DATA_QUERY_SCRIPT_ARG_GET . " " . $data_query_xml["fields"]{$data_query["sort_field"]}["query_name"] . " " . $index["snmp_index"]) . "')");
}
}
}
break;
}
/* save the delete for last since we need to reference this table in the code above */
db_execute("delete from poller_reindex where host_id=$host_id and data_query_id=$data_query_id");
for ($i=0; $i<count($recache_stack); $i++) {
db_execute($recache_stack[$i]);
}
}
示例11: save_schedules
function save_schedules()
{
/* ================= input validation ================= */
input_validate_input_number(get_request_var_post('id'));
input_validate_input_number(get_request_var_post('savedquery'));
input_validate_input_number(get_request_var_post('sendinterval'));
/* ==================================================== */
$save['title'] = sql_sanitize($_POST['title']);
$save['savedquery'] = $_POST['savedquery'];
$save['sendinterval'] = $_POST['sendinterval'];
$save['start'] = sql_sanitize($_POST['start']);
$save['email'] = sql_sanitize($_POST['email']);
$t = time();
$d = strtotime($_POST['start']);
$i = $save['sendinterval'];
if (isset($_POST['id'])) {
$save['id'] = $_POST['id'];
$q = db_fetch_row("SELECT * FROM plugin_flowview_schedules WHERE id = " . $save['id']);
if (!isset($q['lastsent']) || $save['start'] != $q['start'] || $save['sendinterval'] != $q['sendinterval']) {
while ($d < $t) {
$d += $i;
}
$save['lastsent'] = $d - $i;
}
} else {
$save['id'] = '';
while ($d < $t) {
$d += $i;
}
$save['lastsent'] = $d - $i;
}
if (isset($_POST["enabled"])) {
$save["enabled"] = 'on';
} else {
$save["enabled"] = 'off';
}
$id = sql_save($save, 'plugin_flowview_schedules', 'id', true);
if (is_error_message()) {
header('Location: flowview_schedules.php?action=edit&id=' . (empty($id) ? $_POST['id'] : $id));
exit;
}
header("Location: flowview_schedules.php");
exit;
}
示例12: api_data_source_item_list
function api_data_source_item_list($data_source_id) {
/* sanity checks */
validate_id_die($data_source_id, "data_source_id");
return db_fetch_assoc("select
data_source_item.rrd_heartbeat,
data_source_item.rrd_minimum,
data_source_item.rrd_maximum,
data_source_item.data_source_name,
data_source_item.data_source_type
from data_source_item
where data_source_item.data_source_id = " . sql_sanitize($data_source_id));
}
示例13: api_data_preset_package_vendor_get
function api_data_preset_package_vendor_get($preset_id) {
/* sanity checks */
validate_id_die($preset_id, "preset_id");
return db_fetch_cell("select name from preset_package_vendor where id = " . sql_sanitize($preset_id));
}
示例14: api_package_author_get
function api_package_author_get($package_author_id) {
/* sanity checks */
validate_id_die($package_author_id, "package_author_id");
return db_fetch_row("select * from package_author where id = " . sql_sanitize($package_author_id));
}
示例15: api_graph_template_item_remove
function api_graph_template_item_remove($graph_template_item_id, $delete_attached = true) {
/* sanity checks */
validate_id_die($graph_template_item_id, "graph_template_item_id");
/* base tables */
db_delete("graph_template_item",
array(
"id" => array("type" => DB_TYPE_INTEGER, "value" => $graph_template_item_id)
));
db_delete("graph_template_item_input_item",
array(
"graph_template_item_id" => array("type" => DB_TYPE_INTEGER, "value" => $graph_template_item_id)
));
/* attached graph items */
if ($delete_attached === true) {
db_delete("graph_item",
array(
"graph_template_item_id" => array("type" => DB_TYPE_INTEGER, "value" => $graph_template_item_id)
));
}else{
db_execute("UPDATE graph_item SET graph_template_item_id = 0 WHERE graph_template_item_id = " . sql_sanitize($graph_template_item_id));
}
}