本文整理匯總了PHP中helper::escape方法的典型用法代碼示例。如果您正苦於以下問題:PHP helper::escape方法的具體用法?PHP helper::escape怎麽用?PHP helper::escape使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類helper
的用法示例。
在下文中一共展示了helper::escape方法的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的PHP代碼示例。
示例1: m__edit
function m__edit()
{
global $c_obj_obj, $l_obj;
//判斷操作權限
check_level("C0101");
// 預處理數據
foreach ($_POST as $a => $b) {
$post[$a] = helper::escape($b, 1);
}
//print_r($post);die();
// 驗證數據
//if ($post['parent_id'] > 0 && $post['extern_id'] != $c_obj -> categories[$_POST['parent_id']]['extern_id']) die('{"code":"100","msg":"子分類必須保持模型一致"}');
if ($post['cname'] == '') {
die('{"code":"100","msg":"分類名稱必須填寫"}');
}
if ($post['cname_py'] == '') {
die('{"code":"100","msg":"字母別名必須填寫"}');
}
//去掉不需要的參數
unset($post['ad_list']);
// print_r($post);die();
// 添加分類
if ($post['cate_id'] <= '0') {
$has_py = $c_obj_obj->get_cname_py($post['cname_py']);
if ($has_py) {
die('{"code":"100","msg":"字母別名不允許重複"}');
}
// 判斷是否可以添加子類
//if ($c_obj -> cate_last($_POST['parent_id']) == 0 && ($_POST['parent_id'] > 0 && $c_obj -> categories[$_POST['parent_id']]['cdata'] > 0)) die('{"code":"100","msg":"分類下有數據,不允許添加子類"}');
// 添加分類
if (isset($post['listvar_copy'])) {
unset($post['listvar_copy']);
}
if (isset($post['index_copy'])) {
unset($post['index_copy']);
}
if (isset($post['content_copy'])) {
unset($post['content_copy']);
}
$res = $c_obj_obj->insert($post);
$c_obj_obj->update_cate();
if ($res > 0) {
$l_obj->insert("類添加成功,分類名為:" . $post['cname']);
die('{"code":"0","msg":"分類添加成功","cid":"' . $res . '"}');
}
die('{"code":"100","msg":"分類添加失敗,' . $res . '"}');
} else {
// 修改分類
// 修改分類
$where = "cate_id='" . $post['cate_id'] . "'";
$res = $c_obj_obj->update($post, $where);
// 判斷模板應用層數
$c_obj_obj->update_cate();
if ($res) {
$l_obj->insert("修改分類成功,分類ID為:{$post['cate_id']}");
die('{"code":"0","msg":"分類修改成功","cid":"' . $post['cate_id'] . '"}');
}
die('{"code":"100","msg":"分類修改失敗"}');
}
}
示例2: m__list
function m__list()
{
global $dbm, $c, $keywords;
$_GET = helper::sqlxss($_GET);
$_POST = helper::sqlxss($_POST);
$p = isset($_GET['p']) && is_numeric($_GET['p']) ? intval($_GET['p']) : 1;
$params['where'] = ' 1=1';
//設置查詢
//從編輯那裏傳過來的js使用post請求的查詢獲取數據時的限製查詢
if (isset($_POST['keyword_id']) && is_numeric($_POST['keyword_id'])) {
$params['where'] .= " and keyword_id = '" . $_POST['keyword_id'] . "'";
}
//頁麵搜索框的查詢
if (isset($_GET['q']) && !empty($_GET['q'])) {
$params['where'] .= " and keyword like '%" . helper::escape($_GET['q']) . "%' ";
}
if (isset($_GET['qgroup']) && $_GET['qgroup'] !== '') {
$params['where'] .= " and qgroup='{$_GET['qgroup']}' ";
}
$params['table_name'] = TB_PREFIX . "keyword";
$params['count'] = 1;
$params['suffix'] = " order by qorder,keyword_id DESC ";
$params['pagesize'] = PAGESIZE;
$params['suffix'] .= $dbm->get_limit_sql(PAGESIZE, $p);
$keywords = $dbm->single_query($params);
}
示例3: m__edit
function m__edit()
{
global $l_obj, $t_obj;
check_level("H0701");
$post = $_POST;
//處理數據隱藏安全
foreach ($post as $k => $n) {
$post[$k] = urldecode(helper::escape($n));
}
//驗證數據合法性
if (!is_numeric($post['keyword_id'])) {
die('{"code":"100","msg":"標簽ID必須是數字"}');
}
if (empty($post['keyword'])) {
die('{"code":"100","msg":"標簽不能為空"}');
}
if ($post['keyword_id'] > 0) {
// 編輯
$res = $t_obj->update($post, $post['keyword_id']);
if ($res['state'] == 0) {
$l_obj->insert("編輯成功:" . $post['keyword']);
die('{"code":"0","msg":"編輯成功","kid":"' . $post['keyword_id'] . '"}');
}
die('{"code":"240","msg":"編輯失敗"}');
} else {
// 添加
$res = $t_obj->insert($post);
if ($res['state'] == 0) {
$l_obj->insert("添加成功:" . $post['keyword']);
die('{"code":"0","msg":"添加成功","kid":"' . $res['msg'] . '"}');
}
die('{"code":"100","msg":"添加失敗,"' . $res['msg'] . '}');
}
}
示例4: m__list
function m__list()
{
global $dbm, $page;
$page = $params = array();
$where = " (1=1) ";
if (isset($_GET['search_txt']) && $_GET['search_txt'] != '') {
$_GET['search_type'] = isset($_GET['search_type']) && $_GET['search_type'] != '' ? $_GET['search_type'] : 'aname';
$field = helper::escape($_GET['search_type']);
$where .= " and({$field} like '%" . helper::escape($_GET['search_txt']) . "%')";
}
$p = isset($_GET['p']) ? $_GET['p'] : 1;
// 判斷id是否是數字
if (isset($_POST['admin_id']) && !is_numeric($_POST['admin_id'])) {
$page['admins'] = array();
}
$params['table_name'] = TB_PREFIX . "admin_list";
$params['count'] = 1;
$params['where'] = $where;
$params['suffix'] = " order by reg_date DESC ";
$params['pagesize'] = PAGESIZE;
$params['suffix'] .= $dbm->get_limit_sql(PAGESIZE, $p);
$user = $dbm->single_query($params);
$sql = "select group_id,g_name from " . TB_PREFIX . "admin_group";
$rs = $dbm->query($sql);
for ($i = 0; $i < count($user['list']); $i++) {
for ($j = 0; $j < count($rs['list']); $j++) {
if ($user['list'][$i]['group_id'] == $rs['list'][$j]['group_id']) {
$user['list'][$i]['g_name'] = $rs['list'][$j]['g_name'];
}
}
}
$page['admin_group'] = $rs['list'];
$page['admins'] = $user;
}
示例5: m__edit
function m__edit()
{
global $dbm, $c;
foreach ($_POST as $key => $val) {
$_POST[$key] = helper::escape(urldecode($val));
}
unset($_POST['hashtoken']);
if (!is_numeric($_POST['url_id'])) {
die('{"code":"210","msg":"規則節點ID必須是數字"}');
}
if (empty($_POST['url_title'])) {
die('{"code":"220","msg":"規則節點名稱不能為空"}');
}
if (!preg_match('~^[A-Za-z][A-Za-z]*[a-z0-9_]*$~', $_POST['url_title'])) {
die('{"code":"230","msg":"規則節點名稱必須以字母開頭,隻允許字母、下劃線"}');
}
if (empty($_POST['url_true'])) {
die('{"code":"230","msg":"動態地址規則不能為空"}');
}
if (empty($_POST['url_rule'])) {
die('{"code":"230","msg":"偽靜態地址規則不能為空"}');
}
if ($_POST['url_id'] > 0) {
// 編輯
$where = " url_id='" . $_POST['url_id'] . "'";
unset($_POST['url_id']);
$res = $dbm->single_update(TB_PREFIX . "url_rewrite", $_POST, $where);
// 更新緩存
$c->update_url_config();
$c->update_cate();
// 生成偽靜態文件(.htaccess)
htaccess();
iis_httpd_ini();
if (empty($res['error'])) {
die('{"code":"0","msg":"更新規則成功"}');
}
die('{"code":"240","msg":"更新規則失敗"}');
} else {
// 添加
// 判斷節點是否存在
/**
* $rs=$dbm->query("select * from ".TB_PREFIX . "url_rewrite where url_title='{$_POST['url_title']}'");
* if(count($rs['list'])>0) die('{"code":"100","msg":"'.$_POST['url_title'].'節點名稱不能重複"}');
* unset($_POST['url_id']);
* $res = $dbm -> single_insert(TB_PREFIX . "url_rewrite", $_POST);
*/
// 更新緩存
$c->update_url_config();
$c->update_cate();
// 生成偽靜態文件(.htaccess)
htaccess();
iis_httpd_ini();
if (empty($res['error']) && $res['autoid'] > 0) {
die('{"code":"0","msg":"添加規則成功"}');
}
die('{"code":"250","msg":"添加規則失敗,請核對重試"}');
}
}
示例6: m__list
function m__list()
{
global $u_obj, $page;
$where = " where 1 = 1 ";
if (isset($_GET['search_txt']) && $_GET['search_txt'] != '') {
$where .= " and g_name like '%" . helper::escape($_GET['search_txt']) . "%'";
}
$p = isset($_GET['p']) ? $_GET['p'] : 1;
$page = $u_obj->get_all($where, $p);
}
示例7: m__save_attr
function m__save_attr()
{
global $dbm, $c;
$table_name = isset($_GET['table_name']) ? $_GET['table_name'] : '';
$a = $dbm->query("select * from " . TB_PREFIX . "extern_attr where extern_name='{$table_name}'");
if (count($a['list']) < 1) {
die('{"code":1,"msg":"模型不存在"}');
}
$extern = $a['list'][0];
//模型
// 初始化數據
foreach ($_POST as $a => $b) {
$_POST[$a] = helper::escape($b, 1);
$_POST[$a] = preg_replace('~"~', '"', $_POST[$a]);
//$_POST[$a] = helper :: escape_stripslashes($_POST[$a]);
if ($a == 'title' && $b == '') {
die('{"code":1,"msg":"字段文字不能為空"}');
}
if ($a == 'field' && $b == '') {
die('{"code":1,"msg":"字段名稱不能為空"}');
}
if ($a == 'field_type' && $b == '') {
die('{"code":1,"msg":"字段類型不能為空"}');
}
if ($a == 'field' && !preg_match('~^[a-z][a-z0-9_]*$~', $b)) {
die('{"code":1,"msg":"字段名稱隻允許小寫字母開頭,小寫字母數字和下劃線"}');
}
}
unset($_POST['hashtoken']);
//字段存入數據庫
$sql = "select field_id from " . TB_PREFIX . "extern_fields where extern_id='{$extern['extern_id']}' and field='{$_POST['field']}'";
$fields = $_POST;
$rs = $dbm->query($sql);
//print_r($rs);
if (count($rs['list']) == 0) {
$fields['extern_id'] = $extern['extern_id'];
$fields['extern_name'] = $table_name;
$rs = $dbm->single_insert(TB_PREFIX . "extern_fields", $fields);
if ($rs['error'] == '') {
$c->update_externs();
die('{"code":0,"msg":"新增字段成功"}');
}
} else {
//print_r($fields);die();
$rs = $dbm->single_update(TB_PREFIX . "extern_fields", $fields, " field_id='{$rs['list'][0]['field_id']}'");
if ($rs['error'] == '') {
$c->update_externs();
die('{"code":0,"msg":"修改字段成功"}');
}
}
die('{"code":0,"msg":"操作失敗' . $rs['error'] . '"}');
}
示例8: m__menu_save
function m__menu_save()
{
global $dbm, $c;
$fields = $_POST;
unset($fields['hashtoken']);
if ($fields['menu_name'] == '') {
die('{"code":"1","msg":"菜單名稱不能為空"}');
}
$fields['menu_type'] = $fields['wx_menu_type'];
unset($fields['wx_menu_type']);
if ($fields['menu_type'] == 'click') {
$fields['menu_key'] = $fields['menu_key_url'];
$fields['menu_url'] = '';
if ($fields['menu_key'] == '') {
die('{"code":"1","msg":"事件名稱不能為空"}');
}
} else {
$fields['menu_url'] = $fields['menu_key_url'];
$fields['menu_key'] = '';
if ($fields['menu_url'] == '') {
die('{"code":"1","msg":"鏈接地址不能為空"}');
}
}
unset($fields['menu_key_url']);
unset($fields['cate_id']);
foreach ($fields as $k => $v) {
$fields[$k] = helper::escape($v, 1);
}
$where = "menu_id={$fields['menu_id']}";
unset($fields['menu_id']);
if ($_POST['menu_id'] == '0') {
//新增
//die(print_r($fields));
$rs = $dbm->single_insert(TB_PREFIX . "wx_menu", $fields);
if ($rs['error'] == '') {
die('{"code":"0","msg":"新增菜單成功","menu_id":"' . $rs['autoid'] . '"}');
} else {
die('{"code":"1","msg":"新增菜單失敗' . $rs['error'] . '","menu_id":"0"}');
}
} else {
//修改
$rs = $dbm->single_update(TB_PREFIX . "wx_menu", $fields, $where);
if ($rs['error'] == '') {
die('{"code":"0","msg":"修改菜單成功","menu_id":"' . $_POST['menu_id'] . '"}');
} else {
die('{"code":"1","msg":"修改菜單失敗' . $rs['error'] . '","menu_id":"' . $_POST['menu_id'] . '"}');
}
}
die;
}
示例9: m__list
function m__list()
{
global $u_obj, $page;
$where = " where 1 = 1 ";
if (isset($_GET['search_txt']) && $_GET['search_txt'] != '' && isset($_GET['search_type'])) {
if ($_GET['search_type'] == 'uname') {
$where .= " and " . $_GET['search_type'] . " = '" . helper::escape($_GET['search_txt']) . "'";
} else {
$where .= " and " . $_GET['search_type'] . " like '%" . helper::escape($_GET['search_txt']) . "%'";
}
}
$p = isset($_GET['p']) ? $_GET['p'] : 1;
$page = $u_obj->get_all($where, $p, 1);
}
示例10: m__edit
function m__edit()
{
global $dbm;
//判斷操作權限
check_level("E0301");
$reg = "~^((https|http|ftp|rtsp|mms)?://)~";
$nlink = $_POST;
unset($nlink['hashtoken']);
//處理數據隱藏安全
foreach ($nlink as $k => $n) {
$nlink[$k] = urldecode(helper::escape($n));
}
//驗證數據合法性
if (!is_numeric($nlink['nlink_id'])) {
die('{"code":"210","msg":"內鏈詞ID必須是數字"}');
}
if (empty($nlink['nlink_txt'])) {
die('{"code":"220","msg":"內鏈名稱不能為空"}');
}
if (empty($nlink['nlink_url'])) {
die('{"code":"230","msg":"內鏈地址不能為空"}');
}
if (!preg_match($reg, $nlink['nlink_url'])) {
die('{"code":"230","msg":"鏈接地址不合法"}');
}
//要入庫的數據
$params['nlink_txt'] = $nlink['nlink_txt'];
$params['nlink_url'] = $nlink['nlink_url'];
if ($_POST['nlink_id'] > 0) {
// 編輯
$where = " nlink_id='" . $nlink['nlink_id'] . "'";
$res = $dbm->single_update(TB_PREFIX . "nlink", $params, $where);
if (empty($res['error'])) {
logs("更新內鏈詞成功:" . $params['nlink_txt'] . "=>" . $params['nlink_url']);
die('{"code":"0","msg":"更新內鏈詞成功"}');
}
logs("更新內鏈詞失敗:" . $params['nlink_txt'] . "=>" . $params['nlink_url']);
die('{"code":"240","msg":"更新內鏈詞失敗"}');
} else {
// 添加友鏈
$res = $dbm->single_insert(TB_PREFIX . "nlink", $params);
if (empty($res['error']) && $res['autoid'] > 0) {
logs("添加內鏈詞成功:" . $params['nlink_txt'] . "=>" . $params['nlink_url']);
die('{"code":"0","msg":"添加內鏈詞成功"}');
}
logs("添加內鏈詞失敗:" . $params['nlink_txt'] . "=>" . $params['nlink_url']);
die('{"code":"250","msg":"添加內鏈詞失敗,請核對重試"}');
}
}
示例11: m__edit
/**
* 獲取編輯或添加管理組
*/
function m__edit()
{
global $dbm;
check_level("B0101");
$params = array();
foreach ($_POST as $k => $v) {
$_POST[$k] = helper::escape($v, 1);
}
if (!is_numeric($_POST['group_id'])) {
die('{"code":"210","msg":"用戶組ID必須是數字"}');
}
// 驗證會員信息是否合法
if (empty($_POST['g_name'])) {
die('{"code":"220","msg":"用戶組名字不能為空"}');
}
//if(!isset($_POST['g_urank']) || trim($_POST['g_urank']) =='') die('{"code":"230","msg":"用戶組權限不能為空"}');
//if (!preg_match('~^[A-Za-z][A-Za-z]*[a-z0-9_]*$~', $_POST['g_name'])) die('{"code":"230","msg":"用戶組名必須以字母開頭,隻允許字母、數字、下劃線"}');
$params['g_name'] = $_POST['g_name'];
//$params['g_urank'] = $_POST['g_urank'];
$params['g_remark'] = isset($_POST['g_remark']) && !empty($_POST['g_remark']) ? htmlspecialchars($_POST['g_remark']) : '';
$params['create_time'] = time();
if (intval($_POST['group_id']) > 0) {
$where = " group_id ='" . $_POST['group_id'] . "'";
$res = $dbm->single_update(TB_PREFIX . "admin_group", $params, $where);
if (empty($res['error'])) {
logs("用戶組編輯成功,用戶組ID為:{$_POST['group_id']}");
die('{"code":"0","msg":"操作成功"}');
}
logs("編輯用戶組失敗,請核實後再添加,用戶組ID為:{$_POST['group_id']}");
die('{"code":"280","msg":"編輯用戶組失敗,請核實後再添加"}');
} else {
// 添加會員
$where = " g_name='" . $_POST['g_name'] . "'";
$a = $dbm->single_query(array('where' => $where, 'table_name' => TB_PREFIX . "admin_group"));
if (count($a['list']) > 0) {
die('{"code":"260","msg":"用戶組名字不能重複"}');
}
$res = $dbm->single_insert(TB_PREFIX . "admin_group", $params);
if ($res['autoid'] > 0) {
logs("添加用戶組成功,用戶組名字為:{$_POST['g_name']}");
die('{"code":"0","msg":"添加用戶組成功"}');
}
logs("添加用戶組失敗,請核實後再添加,用戶組名字為:{$_POST['g_name']}");
die('{"code":"270","msg":"添加用戶組失敗,請核實後再添加"}');
}
}
示例12: m__edit
function m__edit()
{
global $l_obj, $n_obj, $page;
check_level("D0501");
$reg = "~^((https|http|ftp|rtsp|mms)?://)~";
$nlink = $_POST;
//處理數據隱藏安全
foreach ($nlink as $k => $n) {
$nlink[$k] = urldecode(helper::escape($n));
}
//驗證數據合法性
if (!is_numeric($nlink['nlink_id'])) {
die('{"code":"210","msg":"內鏈詞ID必須是數字"}');
}
if (empty($nlink['nlink_txt'])) {
die('{"code":"220","msg":"內鏈名稱不能為空"}');
}
if (empty($nlink['nlink_url'])) {
die('{"code":"230","msg":"內鏈地址不能為空"}');
}
if (!preg_match($reg, $nlink['nlink_url'])) {
die('{"code":"230","msg":"鏈接地址不合法"}');
}
//要入庫的數據
$params['nlink_txt'] = $nlink['nlink_txt'];
$params['nlink_url'] = $nlink['nlink_url'];
if ($nlink['nlink_id'] > 0) {
// 編輯
$where = " nlink_id='" . $nlink['nlink_id'] . "'";
$res = $n_obj->update($params, $where);
if ($res['state'] == 0) {
$l_obj->insert("更新內鏈詞成功:" . $params['nlink_txt'] . "=>" . $params['nlink_url']);
die('{"code":"0","msg":"更新內鏈詞成功","nid":"' . $nlink['nlink_id'] . '"}');
}
die('{"code":"240","msg":"更新內鏈詞失敗"}');
} else {
// 添加內鏈
$res = $n_obj->insert($params);
if ($res['state'] == 0) {
$l_obj->insert("添加內鏈詞成功:" . $params['nlink_txt'] . "=>" . $params['nlink_url']);
die('{"code":"0","msg":"添加內鏈詞成功","nid":"' . $res['msg'] . '"}');
}
die('{"code":"100","msg":"添加內鏈詞失敗,請核對重試"}');
}
}
示例13: m__edit
function m__edit()
{
global $area_obj, $l_obj;
if ($_GET['type'] == 1) {
check_level("H0401");
} else {
check_level("H0501");
}
$area = $_POST;
//處理數據隱藏安全
foreach ($area as $k => $n) {
$area[$k] = urldecode(helper::escape($n));
if ($k == 'area_html') {
$area[$k] = serialize($area[$k]);
}
}
//驗證數據合法性
if (!is_numeric($area['area_id'])) {
die('{"code":"100","msg":"位置ID必須是數字"}');
}
if (empty($area['title'])) {
die('{"code":"100","msg":"標題不能為空"}');
}
if ($area['area_id'] > 0) {
// 編輯
$res = $area_obj->update($area, $area['area_id']);
if ($res['state'] == 0) {
$l_obj->insert("編輯成功:" . $area['title']);
die('{"code":"0","msg":"編輯成功","area_id":"' . $area['area_id'] . '"}');
}
die('{"code":"240","msg":"編輯失敗"}');
} else {
// 添加內鏈
$res = $area_obj->insert($area);
if ($res['state'] == 0) {
$l_obj->insert("添加成功:" . $area['title']);
die('{"code":"0","msg":"添加成功","area_id":"' . $res['msg'] . '"}');
}
die('{"code":"100","msg":"添加失敗,"' . $res['msg'] . '}');
}
}
示例14: sqlxss
public static function sqlxss()
{
//處理$_GET
foreach ($_GET as $k => $v) {
if (is_array($v)) {
foreach ($v as $a => $b) {
if (!is_array($b)) {
$b = helper::escape($b, 1);
$_GET[$k][$a] = htmlspecialchars(trim($b), ENT_QUOTES);
}
}
} else {
$v = helper::escape($v, 1);
$_GET[$k] = htmlspecialchars(trim($v), ENT_QUOTES);
}
}
//處理$_POST
foreach ($_POST as $k => $v) {
if (is_array($v)) {
foreach ($v as $a => $b) {
if (!is_array($b)) {
$b = helper::escape($b, 1);
$_POST[$k][$a] = htmlspecialchars(trim($b), ENT_QUOTES);
}
}
} else {
$v = helper::escape($v, 1);
$_POST[$k] = htmlspecialchars(trim($v), ENT_QUOTES);
}
}
}
示例15: sqlxss
public static function sqlxss($input)
{
if (is_array($input)) {
foreach ($input as $k => $v) {
$input[$k] = helper::sqlxss($v);
}
} else {
$input = helper::escape($input, 1);
$input = htmlspecialchars($input, ENT_QUOTES);
}
return $input;
}