本文整理匯總了PHP中validateUrlSyntax函數的典型用法代碼示例。如果您正苦於以下問題:PHP validateUrlSyntax函數的具體用法?PHP validateUrlSyntax怎麽用?PHP validateUrlSyntax使用的例子?那麽, 這裏精選的函數代碼示例或許可以為您提供幫助。
在下文中一共展示了validateUrlSyntax函數的11個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的PHP代碼示例。
示例1: clean_param
//.........這裏部分代碼省略.........
$param = '';
}
return $param;
case PARAM_PATH:
// Strip all suspicious characters from file path
$param = str_replace('\\\'', '\'', $param);
$param = str_replace('\\"', '"', $param);
$param = str_replace('\\', '/', $param);
$param = ereg_replace('[[:cntrl:]]|[<>"`\\|\':]', '', $param);
$param = ereg_replace('\\.\\.+', '', $param);
$param = ereg_replace('//+', '/', $param);
return ereg_replace('/(\\./)+', '/', $param);
case PARAM_HOST:
// allow FQDN or IPv4 dotted quad
$param = preg_replace('/[^\\.\\d\\w-]/', '', $param);
// only allowed chars
// match ipv4 dotted quad
if (preg_match('/(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/', $param, $match)) {
// confirm values are ok
if ($match[0] > 255 || $match[1] > 255 || $match[3] > 255 || $match[4] > 255) {
// hmmm, what kind of dotted quad is this?
$param = '';
}
} elseif (preg_match('/^[\\w\\d\\.-]+$/', $param) && !preg_match('/^[\\.-]/', $param) && !preg_match('/[\\.-]$/', $param)) {
// all is ok - $param is respected
} else {
// all is not ok...
$param = '';
}
return $param;
case PARAM_URL:
// allow safe ftp, http, mailto urls
include_once $CFG->dirroot . '/lib/validateurlsyntax.php';
if (!empty($param) && validateUrlSyntax($param, 's?H?S?F?E?u-P-a?I?p?f?q?r?')) {
// all is ok, param is respected
} else {
$param = '';
// not really ok
}
return $param;
case PARAM_LOCALURL:
// allow http absolute, root relative and relative URLs within wwwroot
$param = clean_param($param, PARAM_URL);
if (!empty($param)) {
if (preg_match(':^/:', $param)) {
// root-relative, ok!
} elseif (preg_match('/^' . preg_quote($CFG->wwwroot, '/') . '/i', $param)) {
// absolute, and matches our wwwroot
} else {
// relative - let's make sure there are no tricks
if (validateUrlSyntax($param, 's-u-P-a-p-f+q?r?')) {
// looks ok.
} else {
$param = '';
}
}
}
return $param;
case PARAM_PEM:
$param = trim($param);
// PEM formatted strings may contain letters/numbers and the symbols
// forward slash: /
// plus sign: +
// equal sign: =
// , surrounded by BEGIN and END CERTIFICATE prefix and suffixes
if (preg_match('/^-----BEGIN CERTIFICATE-----([\\s\\w\\/\\+=]+)-----END CERTIFICATE-----$/', trim($param), $matches)) {
示例2: clean_param
//.........這裏部分代碼省略.........
} else {
$crumb = clean_param($crumb, PARAM_FILE);
}
$breadcrumb[$key] = $crumb;
}
$param = implode('/', $breadcrumb);
// Remove multiple current path (./././) and multiple slashes (///).
$param = preg_replace('~//+~', '/', $param);
$param = preg_replace('~/(\\./)+~', '/', $param);
return $param;
case PARAM_HOST:
// Allow FQDN or IPv4 dotted quad.
$param = preg_replace('/[^\\.\\d\\w-]/', '', $param);
// Match ipv4 dotted quad.
if (preg_match('/(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/', $param, $match)) {
// Confirm values are ok.
if ($match[0] > 255 || $match[1] > 255 || $match[3] > 255 || $match[4] > 255) {
// Hmmm, what kind of dotted quad is this?
$param = '';
}
} else {
if (preg_match('/^[\\w\\d\\.-]+$/', $param) && !preg_match('/^[\\.-]/', $param) && !preg_match('/[\\.-]$/', $param)) {
// All is ok - $param is respected.
} else {
// All is not ok...
$param = '';
}
}
return $param;
case PARAM_URL:
// Allow safe ftp, http, mailto urls.
$param = fix_utf8($param);
include_once $CFG->dirroot . '/lib/validateurlsyntax.php';
if (!empty($param) && validateUrlSyntax($param, 's?H?S?F?E?u-P-a?I?p?f?q?r?')) {
// All is ok, param is respected.
} else {
// Not really ok.
$param = '';
}
return $param;
case PARAM_LOCALURL:
// Allow http absolute, root relative and relative URLs within wwwroot.
$param = clean_param($param, PARAM_URL);
if (!empty($param)) {
// Simulate the HTTPS version of the site.
$httpswwwroot = str_replace('http://', 'https://', $CFG->wwwroot);
if ($param === $CFG->wwwroot) {
// Exact match;
} else {
if (!empty($CFG->loginhttps) && $param === $httpswwwroot) {
// Exact match;
} else {
if (preg_match(':^/:', $param)) {
// Root-relative, ok!
} else {
if (preg_match('/^' . preg_quote($CFG->wwwroot . '/', '/') . '/i', $param)) {
// Absolute, and matches our wwwroot.
} else {
if (!empty($CFG->loginhttps) && preg_match('/^' . preg_quote($httpswwwroot . '/', '/') . '/i', $param)) {
// Absolute, and matches our httpswwwroot.
} else {
// Relative - let's make sure there are no tricks.
if (validateUrlSyntax('/' . $param, 's-u-P-a-p-f+q?r?')) {
// Looks ok.
} else {
$param = '';
示例3: validation
public function validation($data, $files)
{
global $CFG;
$errors = array();
// Submit is redirected if error occurs, so we store errordata in session.
$sessionerrordata = array();
$cache = cache::make('format_socialwall', 'postformerrors');
$cache->delete($data['id']);
// ... do validation of externalurl.
if (!empty($data['externalurl'])) {
include_once $CFG->libdir . '/validateurlsyntax.php';
if (!validateUrlSyntax($data['externalurl'])) {
$errors['externalurl'] = get_string('invalidurl', 'url');
$sessionerrordata['externalurl'] = array('message' => $errors['externalurl'], 'value' => $data['externalurl']);
}
}
// ... check if post is all empty.
if (isset($data['submitbutton'])) {
$empty = empty($data['posttext']) && empty($data['cmsequence']) && empty($data['externalurl']) && empty($files);
if ($empty) {
$errors['posttext'] = get_string('attachmentorpostrequired', 'format_socialwall');
$sessionerrordata['posttext'] = array('message' => $errors['posttext'], 'value' => $data['posttext']);
}
}
// ... store or clean.
if (!empty($sessionerrordata)) {
$cache->set($data['id'], $sessionerrordata);
}
return $errors;
}
示例4: clean_param
//.........這裏部分代碼省略.........
$param = preg_replace('~\\.\\.+~', '', $param);
if ($param === '.') {
$param = '';
}
return $param;
case PARAM_PATH:
// Strip all suspicious characters from file path
$param = str_replace('\\', '/', $param);
$param = preg_replace('~[[:cntrl:]]|[&<>"`\\|\':]~u', '', $param);
$param = preg_replace('~\\.\\.+~', '', $param);
$param = preg_replace('~//+~', '/', $param);
return preg_replace('~/(\\./)+~', '/', $param);
case PARAM_HOST:
// allow FQDN or IPv4 dotted quad
$param = preg_replace('/[^\\.\\d\\w-]/', '', $param);
// only allowed chars
// match ipv4 dotted quad
if (preg_match('/(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/', $param, $match)) {
// confirm values are ok
if ($match[0] > 255 || $match[1] > 255 || $match[3] > 255 || $match[4] > 255) {
// hmmm, what kind of dotted quad is this?
$param = '';
}
} elseif (preg_match('/^[\\w\\d\\.-]+$/', $param) && !preg_match('/^[\\.-]/', $param) && !preg_match('/[\\.-]$/', $param)) {
// all is ok - $param is respected
} else {
// all is not ok...
$param = '';
}
return $param;
case PARAM_URL:
// allow safe ftp, http, mailto urls
include_once $CFG->dirroot . '/lib/validateurlsyntax.php';
if (!empty($param) && validateUrlSyntax($param, 's?H?S?F?E?u-P-a?I?p?f?q?r?')) {
// all is ok, param is respected
} else {
$param = '';
// not really ok
}
return $param;
case PARAM_LOCALURL:
// allow http absolute, root relative and relative URLs within wwwroot
$param = clean_param($param, PARAM_URL);
if (!empty($param)) {
if (preg_match(':^/:', $param)) {
// root-relative, ok!
} elseif (preg_match('/^' . preg_quote($CFG->wwwroot, '/') . '/i', $param)) {
// absolute, and matches our wwwroot
} else {
// relative - let's make sure there are no tricks
if (validateUrlSyntax('/' . $param, 's-u-P-a-p-f+q?r?')) {
// looks ok.
} else {
$param = '';
}
}
}
return $param;
case PARAM_PEM:
$param = trim($param);
// PEM formatted strings may contain letters/numbers and the symbols
// forward slash: /
// plus sign: +
// equal sign: =
// , surrounded by BEGIN and END CERTIFICATE prefix and suffixes
if (preg_match('/^-----BEGIN CERTIFICATE-----([\\s\\w\\/\\+=]+)-----END CERTIFICATE-----$/', trim($param), $matches)) {
示例5: validateFtpSyntax
function validateFtpSyntax($ftpaddr, $options = "")
{
// Check Options Parameter
if (!ereg('^([sHSEFuPaIpfqr][+?-])*$', $options)) {
trigger_error("Options attribute malformed", E_USER_ERROR);
}
// Set Options Array, set defaults if options are not specified
// Scheme
if (strpos($options, 's') === false) {
$aOptions['s'] = '?';
} else {
$aOptions['s'] = substr($options, strpos($options, 's') + 1, 1);
}
// http://
if (strpos($options, 'H') === false) {
$aOptions['H'] = '-';
} else {
$aOptions['H'] = substr($options, strpos($options, 'H') + 1, 1);
}
// https:// (SSL)
if (strpos($options, 'S') === false) {
$aOptions['S'] = '-';
} else {
$aOptions['S'] = substr($options, strpos($options, 'S') + 1, 1);
}
// mailto: (email)
if (strpos($options, 'E') === false) {
$aOptions['E'] = '-';
} else {
$aOptions['E'] = substr($options, strpos($options, 'E') + 1, 1);
}
// ftp://
if (strpos($options, 'F') === false) {
$aOptions['F'] = '+';
} else {
$aOptions['F'] = substr($options, strpos($options, 'F') + 1, 1);
}
// User section
if (strpos($options, 'u') === false) {
$aOptions['u'] = '?';
} else {
$aOptions['u'] = substr($options, strpos($options, 'u') + 1, 1);
}
// Password in user section
if (strpos($options, 'P') === false) {
$aOptions['P'] = '?';
} else {
$aOptions['P'] = substr($options, strpos($options, 'P') + 1, 1);
}
// Address Section
if (strpos($options, 'a') === false) {
$aOptions['a'] = '+';
} else {
$aOptions['a'] = substr($options, strpos($options, 'a') + 1, 1);
}
// IP Address in address section
if (strpos($options, 'I') === false) {
$aOptions['I'] = '?';
} else {
$aOptions['I'] = substr($options, strpos($options, 'I') + 1, 1);
}
// Port number
if (strpos($options, 'p') === false) {
$aOptions['p'] = '?';
} else {
$aOptions['p'] = substr($options, strpos($options, 'p') + 1, 1);
}
// File Path
if (strpos($options, 'f') === false) {
$aOptions['f'] = '?';
} else {
$aOptions['f'] = substr($options, strpos($options, 'f') + 1, 1);
}
// Query Section
if (strpos($options, 'q') === false) {
$aOptions['q'] = '-';
} else {
$aOptions['q'] = substr($options, strpos($options, 'q') + 1, 1);
}
// Fragment (Anchor)
if (strpos($options, 'r') === false) {
$aOptions['r'] = '-';
} else {
$aOptions['r'] = substr($options, strpos($options, 'r') + 1, 1);
}
// Generate options
$newoptions = '';
foreach ($aOptions as $key => $value) {
$newoptions .= $key . $value;
}
// DEBUGGING - Uncomment line below to display generated options
// echo '<pre>' . $newoptions . '</pre>';
// Send to validateUrlSyntax() and return result
return validateUrlSyntax($ftpaddr, $newoptions);
}
示例6: param_variable
// figure out what the returnto URL should be
$wantsurl = param_variable("wantsurl", false);
if (!$wantsurl) {
if (isset($_SESSION['wantsurl'])) {
$wantsurl = $_SESSION['wantsurl'];
} else {
if (!$saml_session->getIdP()) {
$wantsurl = array_key_exists('HTTP_REFERER', $_SERVER) ? $_SERVER['HTTP_REFERER'] : $CFG->wwwroot;
} else {
$wantsurl = $CFG->wwwroot;
}
}
}
// taken from Moodle clean_param - make sure the wantsurl is correctly formed
include_once 'validateurlsyntax.php';
if (!validateUrlSyntax($wantsurl, 's?H?S?F?E?u-P-a?I?p?f?q?r?')) {
$wantsurl = $CFG->wwwroot;
}
// trim off any reference to login and stash
$_SESSION['wantsurl'] = preg_replace('/\\&login$/', '', $wantsurl);
// now - are we logged in?
$as->requireAuth();
// ensure that $_SESSION is cleared for simplesamlphp
if (isset($_SESSION['wantsurl'])) {
unset($_SESSION['wantsurl']);
}
$saml_attributes = $as->getAttributes();
@session_write_close();
// now - let's continue with the session handling that would normally be done
// by Maharas init.php
// the main thin is that it sets the session cookie name back to what it should be
示例7: ob_end_flush
<link href="popcss.css" rel="stylesheet" type="text/css" />
</head>
<body>
<h3>Feeds importieren</h3>
<?php
include './libs/URL.php';
ob_end_flush();
$_ok = TRUE;
if (isset($_FILES['probe']) || !empty($_POST['url'])) {
require_once 'magpie/rss_fetch.inc';
require_once 'magpie/rss_parse.inc';
#require_once('magpie/rss_utils.inc');
if (!empty($_POST['url'])) {
if (validateUrlSyntax($_POST['url'], 's+a+')) {
if (!($snoopy = _fetch_remote_file($_POST['url']))) {
echo "Ich kann " . $_POST['url'] . " nicht ?en...<br />";
$_ok = FALSE;
}
$simple = $snoopy->results;
unset($snoopy);
} else {
echo "Also, " . $_POST['url'] . " ist aber keine richtige URL...<br />";
$_ok = FALSE;
}
} elseif (isset($_FILES['probe'])) {
$name = "temp/" . time() . ".opml";
$_ok = move_uploaded_file($_FILES['probe']['tmp_name'], $name);
$simple = implode("", file($name));
}
示例8: clean_param
//.........這裏部分代碼省略.........
}
if ($options & PARAM_SAFEDIR) {
// Remove everything not a-zA-Z0-9_-
$param = eregi_replace('[^a-zA-Z0-9_-]', '', $param);
}
if ($options & PARAM_CLEANFILE) {
// allow only safe characters
$param = clean_filename($param);
}
if ($options & PARAM_FILE) {
// Strip all suspicious characters from filename
$param = ereg_replace('[[:cntrl:]]|[<>"`\\|\':\\/]', '', $param);
$param = ereg_replace('\\.\\.+', '', $param);
if ($param == '.') {
$param = '';
}
}
if ($options & PARAM_PATH) {
// Strip all suspicious characters from file path
$param = str_replace('\\\'', '\'', $param);
$param = str_replace('\\"', '"', $param);
$param = str_replace('\\', '/', $param);
$param = ereg_replace('[[:cntrl:]]|[<>"`\\|\':]', '', $param);
$param = ereg_replace('\\.\\.+', '', $param);
$param = ereg_replace('//+', '/', $param);
$param = ereg_replace('/(\\./)+', '/', $param);
}
if ($options & PARAM_HOST) {
// allow FQDN or IPv4 dotted quad
preg_replace('/[^\\.\\d\\w-]/', '', $param);
// only allowed chars
// match ipv4 dotted quad
if (preg_match('/(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/', $param, $match)) {
// confirm values are ok
if ($match[0] > 255 || $match[1] > 255 || $match[3] > 255 || $match[4] > 255) {
// hmmm, what kind of dotted quad is this?
$param = '';
}
} elseif (preg_match('/^[\\w\\d\\.-]+$/', $param) && !preg_match('/^[\\.-]/', $param) && !preg_match('/[\\.-]$/', $param)) {
// all is ok - $param is respected
} else {
// all is not ok...
$param = '';
}
}
if ($options & PARAM_URL) {
// allow safe ftp, http, mailto urls
include_once $CFG->dirroot . 'lib/validateurlsyntax.php';
//
// Parameters to validateurlsyntax()
//
// s? scheme is optional
// H? http optional
// S? https optional
// F? ftp optional
// E? mailto optional
// u- user section not allowed
// P- password not allowed
// a? address optional
// I? Numeric IP address optional (can use IP or domain)
// p- port not allowed -- restrict to default port
// f? "file" path section optional
// q? query section optional
// r? fragment (anchor) optional
//
if (!empty($param) && validateUrlSyntax($param, 's?H?S?F?E?u-P-a?I?p-f?q?r?')) {
// all is ok, param is respected
} else {
$param = '';
// not really ok
}
$options ^= PARAM_URL;
// Turn off the URL bit so that simple PARAM_URLs don't test true for PARAM_LOCALURL
}
if ($options & PARAM_LOCALURL) {
// assume we passed the PARAM_URL test...
// allow http absolute, root relative and relative URLs within wwwroot
if (!empty($param)) {
if (preg_match(':^/:', $param)) {
// root-relative, ok!
} elseif (preg_match('/^' . preg_quote($CFG->wwwroot, '/') . '/i', $param)) {
// absolute, and matches our wwwroot
} else {
// relative - let's make sure there are no tricks
if (validateUrlSyntax($param, 's-u-P-a-p-f+q?r?')) {
// looks ok.
} else {
$param = '';
}
}
}
}
if ($options & PARAM_CLEANHTML) {
// $param = stripslashes($param); // Remove any slashes
$param = clean_text($param);
// Sweep for scripts, etc
// $param = trim($param); // Sweep for scripts, etc
}
return $param;
}
示例9: create_node_course_modules_mod_resource
private function create_node_course_modules_mod_resource($sheet_mod_resource, $instance)
{
global $CFG;
require_once $CFG->libdir . '/validateurlsyntax.php';
$link = '';
$mod_alltext = '';
$mod_summary = '';
$xpath = cc2moodle::newx_path(cc2moodle::$manifest, cc2moodle::$namespaces);
if ($instance['common_cartriedge_type'] == cc2moodle::CC_TYPE_WEBCONTENT || $instance['common_cartriedge_type'] == cc2moodle::CC_TYPE_ASSOCIATED_CONTENT) {
$resource = $xpath->query('/imscc:manifest/imscc:resources/imscc:resource[@identifier="' . $instance['resource_indentifier'] . '"]/@href');
$resource = !empty($resource->item(0)->nodeValue) ? $resource->item(0)->nodeValue : '';
if (empty($resource)) {
unset($resource);
$resource = $xpath->query('/imscc:manifest/imscc:resources/imscc:resource[@identifier="' . $instance['resource_indentifier'] . '"]/imscc:file/@href');
$resource = !empty($resource->item(0)->nodeValue) ? $resource->item(0)->nodeValue : '';
}
if (!empty($resource)) {
$link = $resource;
}
}
if ($instance['common_cartriedge_type'] == cc2moodle::CC_TYPE_WEBLINK) {
$external_resource = $xpath->query('/imscc:manifest/imscc:resources/imscc:resource[@identifier="' . $instance['resource_indentifier'] . '"]/imscc:file/@href')->item(0)->nodeValue;
if ($external_resource) {
$resource = $this->load_xml_resource(cc2moodle::$path_to_manifest_folder . DIRECTORY_SEPARATOR . $external_resource);
if (!empty($resource)) {
$xpath = cc2moodle::newx_path($resource, cc2moodle::getresourcens());
$resource = $xpath->query('//url/@href');
if ($resource->length > 0) {
$rawlink = $resource->item(0)->nodeValue;
if (!validateUrlSyntax($rawlink, 's+')) {
$changed = rawurldecode($rawlink);
if (validateUrlSyntax($changed, 's+')) {
$link = $changed;
} else {
$link = 'http://invalidurldetected/';
}
} else {
$link = $rawlink;
}
}
}
}
}
$find_tags = array('[#mod_instance#]', '[#mod_name#]', '[#mod_type#]', '[#mod_reference#]', '[#mod_summary#]', '[#mod_alltext#]', '[#mod_options#]', '[#date_now#]');
$mod_type = 'file';
$mod_options = 'objectframe';
$mod_reference = $link;
//detected if we are dealing with html file
if (!empty($link) && $instance['common_cartriedge_type'] == cc2moodle::CC_TYPE_WEBCONTENT) {
$ext = strtolower(pathinfo($link, PATHINFO_EXTENSION));
if (in_array($ext, array('html', 'htm', 'xhtml'))) {
$mod_type = 'html';
//extract the content of the file
$rootpath = realpath(cc112moodle::$path_to_manifest_folder);
$htmlpath = realpath($rootpath . DIRECTORY_SEPARATOR . $link);
$dirpath = dirname($htmlpath);
if (file_exists($htmlpath)) {
$fcontent = file_get_contents($htmlpath);
$mod_alltext = clean_param($this->prepare_content($fcontent), PARAM_CLEANHTML);
$mod_reference = '';
$mod_options = '';
//TODO: try to handle embedded resources
/**
* images, linked static resources, applets, videos
*/
$doc = new DOMDocument();
$cdir = getcwd();
chdir($dirpath);
try {
if (!empty($mod_alltext) && $doc->loadHTML($mod_alltext)) {
$xpath = new DOMXPath($doc);
$attributes = array('href', 'src', 'background', 'archive', 'code');
$qtemplate = "//*[@##][not(contains(@##,'://'))]/@##";
$query = '';
foreach ($attributes as $attrname) {
if (!empty($query)) {
$query .= " | ";
}
$query .= str_replace('##', $attrname, $qtemplate);
}
$list = $xpath->query($query);
$searches = array();
$replaces = array();
foreach ($list as $resrc) {
$rpath = $resrc->nodeValue;
$rtp = realpath($rpath);
if ($rtp !== false && is_file($rtp)) {
//file is there - we are in business
$strip = str_replace("\\", "/", str_ireplace($rootpath, '', $rtp));
$encoded_file = '$@FILEPHP@$' . str_replace('/', '$@SLASH@$', $strip);
$searches[] = $resrc->nodeValue;
$replaces[] = $encoded_file;
}
}
$mod_alltext = str_replace($searches, $replaces, $mod_alltext);
}
} catch (Exception $e) {
//silence the complaints
}
chdir($cdir);
//.........這裏部分代碼省略.........
示例10: get_string
echo '<p>' . get_string('nodatareturned', 'report_customsql') . '</p>';
} else {
list($csvfilename, $cvstimestamp) = report_customsql_csv_filename($report, $cvstimestamp);
if (!is_readable($csvfilename)) {
echo '<p>' . get_string('notrunyet', 'report_customsql') . '</p>';
} else {
$handle = fopen($csvfilename, 'r');
if ($report->runable != 'manual' && !$report->singlerow) {
print_heading(get_string('reportfor', 'report_customsql', userdate($cvstimestamp, get_string('strftimedate'))), '', 3);
}
$table = new stdClass();
$table->head = fgetcsv($handle);
while ($row = fgetcsv($handle)) {
$rowdata = array();
foreach ($row as $value) {
if (validateUrlSyntax($value, 's+H?S?F?E?u-P-a?I?p?f?q?r?')) {
$rowdata[] = '<a href="' . $value . '">' . $value . '</a>';
} else {
$rowdata[] = $value;
}
}
$table->data[] = $rowdata;
$count += 1;
}
fclose($handle);
print_table($table);
echo "<br/>" . get_string('recordcount', 'report_customsql') . " = {$count}<br/>";
if ($count >= REPORT_CUSTOMSQL_MAX_RECORDS) {
echo '<p class="admin_note">' . get_string('recordlimitreached', 'report_customsql', REPORT_CUSTOMSQL_MAX_RECORDS) . '</p>';
}
echo report_customsql_time_note($report, 'p');
示例11: clean_param
//.........這裏部分代碼省略.........
return $param;
case PARAM_CLEAN:
// General HTML cleaning, try to use more specific type if possible
if (is_numeric($param)) {
return $param;
}
$param = stripslashes($param);
// Needed for kses to work fine
$param = clean_text($param);
// Sweep for scripts, etc
return addslashes($param);
// Restore original request parameter slashes
// Restore original request parameter slashes
case PARAM_CLEANHTML:
// prepare html fragment for display, do not store it into db!!
$param = stripslashes($param);
// Remove any slashes
$param = clean_text($param);
// Sweep for scripts, etc
return trim($param);
case PARAM_INT:
return (int) $param;
// Convert to integer
// Convert to integer
case PARAM_NUMBER:
return (double) $param;
// Convert to integer
// Convert to integer
case PARAM_BOOL:
// Convert to 1 or 0
$tempstr = strtolower($param);
if ($tempstr == 'on' or $tempstr == 'yes') {
$param = 1;
} else {
if ($tempstr == 'off' or $tempstr == 'no') {
$param = 0;
} else {
$param = empty($param) ? 0 : 1;
}
}
return $param;
case PARAM_NOTAGS:
// Strip all tags
return strip_tags($param);
case PARAM_TEXT:
// leave only tags needed for multilang
return clean_param(strip_tags($param, '<lang><span>'), PARAM_CLEAN);
case PARAM_SAFEDIR:
// Remove everything not a-zA-Z0-9_-
return eregi_replace('[^a-zA-Z0-9_-]', '', $param);
case PARAM_CLEANFILE:
// allow only safe characters
return clean_filename($param);
case PARAM_FILE:
// Strip all suspicious characters from filename
$param = ereg_replace('[[:cntrl:]]|[<>"`\\|\':\\/]', '', $param);
$param = ereg_replace('\\.\\.+', '', $param);
if ($param == '.') {
$param = '';
}
return $param;
case PARAM_PATH:
// Strip all suspicious characters from file path
$param = str_replace('\\\'', '\'', $param);
$param = str_replace('\\"', '"', $param);
$param = str_replace('\\', '/', $param);
$param = ereg_replace('[[:cntrl:]]|[<>"`\\|\':]', '', $param);
$param = ereg_replace('\\.\\.+', '', $param);
$param = ereg_replace('//+', '/', $param);
return ereg_replace('/(\\./)+', '/', $param);
case PARAM_HOST:
// allow FQDN or IPv4 dotted quad
$param = preg_replace('/[^\\.\\d\\w-]/', '', $param);
// only allowed chars
// match ipv4 dotted quad
if (preg_match('/(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/', $param, $match)) {
// confirm values are ok
if ($match[0] > 255 || $match[1] > 255 || $match[3] > 255 || $match[4] > 255) {
// hmmm, what kind of dotted quad is this?
$param = '';
}
} elseif (preg_match('/^[\\w\\d\\.-]+$/', $param) && !preg_match('/^[\\.-]/', $param) && !preg_match('/[\\.-]$/', $param)) {
// all is ok - $param is respected
} else {
// all is not ok...
$param = '';
}
return $param;
case PARAM_URL:
// allow safe ftp, http, mailto urls
include_once $CFG['dirroot'] . '/inc/validateurlsyntax.php';
if (!empty($param) && validateUrlSyntax($param, 's?H?S?F?E?u-P-a?I?p?f?q?r?')) {
// all is ok, param is respected
} else {
$param = '';
// not really ok
}
return $param;
}
}