function save() { $this->school = cleanUserInput($this->paramPost('school', TRUE, "")); $this->email = cleanUserInput($this->paramPost('email', '', "")); $this->year = intval($this->paramPost('year', TRUE, 1)); $this->phone = cleanUserInput($this->paramPost('phone', TRUE, "")); $position = $_POST['position']; if (!empty($position)) { $N = count($position); for ($i = 0; $i < $N; $i++) { $this->position .= $position[$i] . ','; } } //$this->position = cleanUserInput($this->paramPost('position', TRUE, "")); $this->name = cleanUserInput($this->paramPost('name', TRUE, "")); $table = 'students'; $dbRet = $this->db->insert($table, $this); if (!$dbRet) { $errNo = $this->db->_error_number(); $errMess = $this->db->_error_message(); echo "Problem inserting to " . $table . ": " . $errMess . " (" . $errNo . ")"; exit; } return $this->db->insert_id(); }
private function commit_save_scorer() { $requestInfo = $this->request->getLocationInfo(); $this->gps_lat = floatval($requestInfo->latitude); $this->gps_lon = floatval($requestInfo->longitude); $this->country_code = cleanUserInput($requestInfo->country_code); $this->timestamp = time(); $dbRet = $this->db->insert(self::TABLE, $this); //var_dump($dbRet); if (!$dbRet) { $errNo = $this->db->_error_number(); $errMess = $this->db->_error_message(); echo "Problem Inserting to " . $table . ": " . $errMess . " (" . $errNo . ")"; exit; } return $this->db->insert_id(); }
function insert() { $this->title = cleanUserInput($this->paramPost('title', TRUE, "")); $this->content = cleanUserInput($this->paramPost('content', TRUE, "")); $this->is_paid = cleanUserInput($this->paramPost('is_paid', TRUE, "0")); $this->is_problem = cleanUserInput($this->paramPost('is_problem', TRUE, "0")); $this->category = cleanUserInput($this->paramPost('category', TRUE, "0")); $this->thumbnail_url = cleanUserInput($this->paramPost('thumbnail_url', TRUE, "")); $this->user_id = cleanUserInput($this->paramPost('user_id', TRUE, "0")); $this->price = floatval($this->paramPost('price', TRUE, "0")); $this->creation_date = time(); $table = self::$TABLE_NAME; $dbRet = $this->db->insert($table, $this); //var_dump($dbRet); if (!$dbRet) { $errNo = $this->db->_error_number(); $errMess = $this->db->_error_message(); echo "Problem inserting to " . $table . ": " . $errMess . " (" . $errNo . ")"; exit; } return $this->db->insert_id(); }
function insert_scorer() { $this->load->library('encrypt'); $this->answered_question = intval($this->paramPost('answered_question', TRUE, 0)); $this->phone = cleanUserInput($this->paramPost('phone', TRUE, "")); $this->email = cleanUserInput($this->paramPost('email', '')); $this->firstname = cleanUserInput($this->paramPost('firstname', TRUE)); $this->lastname = cleanUserInput($this->paramPost('lastname', TRUE)); $this->os = cleanUserInput($this->paramPost('os', TRUE, '')); $this->os_version = cleanUserInput($this->paramPost('os_version', TRUE, '')); $this->social_security_number = cleanUserInput($this->paramPost('social_security_number', TRUE, '')); $versionType = $this->paramPost('version', TRUE, ''); $submitCode = $this->paramPost('code', TRUE, ''); $date = cleanUserInput($this->paramPost('date', '')); if ($this->email == "" || $this->answered_question <= 0) { //TODO //return FALSE; } if ($versionType === 'NK') { //TODO } else { //TODO } $codeStr = $this->email . '-' . $this->os_version . '-' . $date . '-' . $this->answered_question; $validSubmitCode = $this->encrypt->sha1($codeStr); //echo $codeStr ."\n"; echo $validSubmitCode ."\n"; echo $submitCode ."\n"; exit; if ($submitCode !== $validSubmitCode) { return FALSE; } $this->timestamp = time(); $requestInfo = $this->getRequestInfo(); $this->gps_lat = floatval($requestInfo->latitude); $this->gps_lon = floatval($requestInfo->longitude); $this->country_code = cleanUserInput($requestInfo->country_code); $this->region_code = cleanUserInput($requestInfo->region_name); $table = 'bt_scorers'; $dbRet = $this->db->insert($table, $this); //var_dump($dbRet); if (!$dbRet) { $errNo = $this->db->_error_number(); $errMess = $this->db->_error_message(); echo "Problem Inserting to " . $table . ": " . $errMess . " (" . $errNo . ")"; exit; } return $this->db->insert_id(); }
$location = "index.php"; } else { $location = "pivotx/index.php"; } header("Location: " . $location); die; } // No trailing slashes on the URI, plz. $_GET['uri'] = stripTrailingSlash($_GET['uri']); // Check if we need to get the parameters from a 'non crufty' URL.. if (!empty($_GET['rewrite'])) { parseRewrittenURL($_GET['rewrite'], $_GET['uri']); } // Cleaning user input - safeString-ing all values in the super globals // ($_GET, $_POST, $_REQUEST and $_COOKIE) that are used in render.php cleanUserInput(); /** * Check if we need to handle a posted comment or trackback */ $trackback = getDefault($PIVOTX['config']->get('localised_trackback_name'), "trackback"); if (!empty($_POST['piv_code'])) { require_once dirname(__FILE__) . "/modules/module_comments.php"; handlePostComment(); } elseif (isset($_GET[$trackback])) { if (count($_POST) > 0) { require_once dirname(__FILE__) . "/modules/module_trackbacks.php"; handlePostTrackback($_GET['e'], $_GET['date']); } elseif (isset($_GET['getkey'])) { require_once dirname(__FILE__) . "/modules/module_trackbacks.php"; getTracbackKeyJS($_GET['e'], $_GET['date']); }