PHP escape_identifier Beispiele

Programmiersprache: PHP

Methode / Funktion: escape_identifier

Beispiele auf hotexamples.com: 2

PHP escape_identifier - 2 Beispiele gefunden. Dies sind die am besten bewerteten PHP Beispiele für die escape_identifier, die aus Open Source-Projekten extrahiert wurden. Sie können Beispiele bewerten, um die Qualität der Beispiele zu verbessern.

Beispiel #1

Datei anzeigen

Datei: formdata.inc.php Projekt: bharathi26/openemr

/**
 * Escape/sanitize a table name for a sql query..
 *
 * This will escape/sanitize the table name for a sql query. It is done by whitelisting
 * all of the current tables in the openemr database. Note that if there is no match, then
 * it will die() and a error message will be sent to the screen and the error log. This
 * function should not be used for escaping tables outside the openemr database (should
 * use escape_identifier() function below for that scenario)
 *
 * @param   string $s  sql table name variable to be escaped/sanitized.
 * @return  string     Escaped table name variable.
 */
function escape_table_name($s)
{
    $res = sqlStatementNoLog("SHOW TABLES");
    $tables_array = array();
    while ($row = sqlFetchArray($res)) {
        $keys_return = array_keys($row);
        $tables_array[] = $row[$keys_return[0]];
    }
    // Now can escape(via whitelisting) the sql table name
    return escape_identifier($s, $tables_array, TRUE);
}

Beispiel #2

Datei anzeigen

Datei: patient_list_creation.php Projekt: katopenzz/openemr

     case "Lab results":
         $odrstmt = " ORDER BY procedure_result_date asc";
         break;
     case "Communication":
         $odrstmt = "ORDER BY ROUND((LENGTH(communications) - LENGTH(REPLACE(communications, ',', '')))/LENGTH(',')) asc, communications asc";
         break;
     case "Demographics":
         $odrstmt = " ORDER BY patient_date asc";
         //$odrstmt = " ROUND((LENGTH(communications) - LENGTH(REPLACE(communications, ',', '')))/LENGTH(',')) , communications";
         break;
 }
 if (!empty($_REQUEST['sortby']) && !empty($_REQUEST['sortorder'])) {
     if ($_REQUEST['sortby'] == "communications") {
         $odrstmt = "ORDER BY ROUND((LENGTH(communications) - LENGTH(REPLACE(communications, ',', '')))/LENGTH(',')) " . escape_sort_order($_REQUEST['sortorder']) . ", communications " . escape_sort_order($_REQUEST['sortorder']);
     } else {
         $odrstmt = "ORDER BY " . escape_identifier($_REQUEST['sortby'], $sort, TRUE) . " " . escape_sort_order($_REQUEST['sortorder']);
     }
 }
 $sqlstmt = $sqlstmt . " " . $whr_stmt . " " . $odrstmt;
 //echo $sqlstmt."<hr>";
 $result = sqlStatement($sqlstmt, $sqlBindArray);
 //print_r($result);
 $row_id = 1.1;
 //given to each row to identify and toggle
 $img_id = 1.2;
 $k = 1.3;
 if (sqlNumRows($result) > 0) {
     $patArr = array();
     $patDataArr = array();
     $smoke_codes_arr = getSmokeCodes();
     while ($row = sqlFetchArray($result)) {