PHP wb::add_slashes Beispiele

Beispiel #1

Datei: signup2.php Projekt: wyg3958/WebsiteBaker_CommunityEdition

*/
// Check values
if ($groups_id == "") {
    $wb->print_error($MESSAGE['USERS_NO_GROUP'], $js_back, false);
}
if (!preg_match('/^[a-z]{1}[a-z0-9_-]{2,}$/i', $username)) {
    $wb->print_error($MESSAGE['USERS_NAME_INVALID_CHARS'] . ' / ' . $MESSAGE['USERS_USERNAME_TOO_SHORT'], $js_back);
}
if ($email != "") {
    if ($wb->validate_email($email) == false) {
        $wb->print_error($MESSAGE['USERS_INVALID_EMAIL'], $js_back, false);
    }
} else {
    $wb->print_error($MESSAGE['SIGNUP_NO_EMAIL'], $js_back, false);
}
$email = $wb->add_slashes($email);
$search = array('{SERVER_EMAIL}');
$replace = array(SERVER_EMAIL);
// Captcha
if (ENABLED_CAPTCHA) {
    $MESSAGE['MOD_FORM_INCORRECT_CAPTCHA'] = str_replace($search, $replace, $MESSAGE['MOD_FORM_INCORRECT_CAPTCHA']);
    if (isset($_POST['captcha']) and $_POST['captcha'] != '') {
        // Check for a mismatch
        if (!isset($_POST['captcha']) or !isset($_SESSION['captcha']) or $_POST['captcha'] != $_SESSION['captcha']) {
            $wb->print_error($MESSAGE['MOD_FORM_INCORRECT_CAPTCHA'], $js_back, false);
        }
    } else {
        $wb->print_error($MESSAGE['MOD_FORM_INCORRECT_CAPTCHA'], $js_back, false);
    }
}
if (isset($_SESSION['captcha'])) {

Beispiel #2

Datei: submit_comment.php Projekt: bladicito/massging

$requestMethod = '_' . strtoupper($_SERVER['REQUEST_METHOD']);
$page_id = intval(isset(${$requestMethod}['page_id'])) ? ${$requestMethod}['page_id'] : (isset($page_id) ? intval($page_id) : 0);
// Get post_id
$requestMethod = '_' . strtoupper($_SERVER['REQUEST_METHOD']);
$post_id = intval(isset(${$requestMethod}['post_id'])) ? ${$requestMethod}['post_id'] : (isset($post_id) ? intval($post_id) : 0);
// Get section id if there is one
$requestMethod = '_' . strtoupper($_SERVER['REQUEST_METHOD']);
$section_id = intval(isset(${$requestMethod}['section_id'])) ? ${$requestMethod}['section_id'] : (isset($section_id) ? intval($section_id) : 0);
// Check if we should show the form or add a comment
if (isset($_GET['page_id']) and is_numeric($_GET['page_id']) and isset($_GET['section_id']) and is_numeric($_GET['section_id']) and isset($_GET['post_id']) and is_numeric($_GET['post_id']) and (ENABLED_ASP and isset($_POST['comment_' . date('W')]) and $_POST['comment_' . date('W')] != '' or !ENABLED_ASP and isset($_POST['comment']) and $_POST['comment'] != '')) {
    if (ENABLED_ASP) {
        $comment = $_POST['comment_' . date('W')];
    } else {
        $comment = $_POST['comment'];
    }
    $firstname = $wb->add_slashes(strip_tags($_POST['firstname']));
    $lastname = $wb->add_slashes(strip_tags($_POST['lastname']));
    $comment = $wb->add_slashes(strip_tags($comment));
    $title = $wb->add_slashes(strip_tags($_POST['title']));
    // do not allow droplets in user input!
    $title = str_replace(array("[[", "]]"), array("[[", "]]"), $title);
    $comment = str_replace(array("[[", "]]"), array("[[", "]]"), $comment);
    $firstname = str_replace(array("[[", "]]"), array("[[", "]]"), $firstname);
    $lastname = str_replace(array("[[", "]]"), array("[[", "]]"), $lastname);
    $page_id = (int) $_GET['page_id'];
    $section_id = (int) $_GET['section_id'];
    $post_id = (int) $_GET['post_id'];
    // Check captcha
    $query_settings = $database->query("SELECT use_captcha FROM " . TABLE_PREFIX . "mod_news_settings WHERE section_id = '{$section_id}'");
    if (!$query_settings->numRows()) {
        header("Location: " . WB_URL . PAGES_DIRECTORY . "");

Beispiel #3

Datei: submit_comment.php Projekt: wyg3958/WebsiteBaker_CommunityEdition

$tablename = $mod_dir;
$mpath = WB_PATH . '/modules/' . $mod_dir . '/';
// include module_settings
require_once WB_PATH . '/modules/' . $mod_dir . '/defaults/module_settings.default.php';
require_once WB_PATH . '/modules/' . $mod_dir . '/module_settings.php';
require_once WB_PATH . '/modules/' . $mod_dir . '/functions_small.php';
require_once WB_PATH . '/framework/class.wb.php';
$wb = new wb();
// Check if we should show the form or add a comment
if (isset($_GET['page_id']) and is_numeric($_GET['page_id']) and isset($_GET['section_id']) and is_numeric($_GET['section_id']) and isset($_GET['topic_id']) and is_numeric($_GET['topic_id']) and (ENABLED_ASP and isset($_POST['c0mment_' . date('W')]) and $_POST['c0mment_' . date('W')] != '' or !ENABLED_ASP and isset($_POST['comment']) and $_POST['comment'] != '')) {
    if (ENABLED_ASP) {
        $commentpost = $_POST['c0mment_' . date('W')];
    } else {
        $commentpost = $_POST['comment'];
    }
    $comment = $wb->add_slashes(trim(strip_tags($commentpost)));
    $thename = $wb->add_slashes(trim(strip_tags($_POST['thenome'])));
    $thesite = $wb->add_slashes(trim(strip_tags($_POST['thesote'])));
    $themail = $wb->add_slashes(trim(strip_tags($_POST['themoil'])));
    $page_id = (int) $_GET['page_id'];
    $section_id = (int) $_GET['section_id'];
    $topic_id = (int) $_GET['topic_id'];
    // Check captcha
    $query_settings = $database->query("SELECT use_captcha,default_link, various_values, commenting FROM " . TABLE_PREFIX . "mod_" . $tablename . "_settings WHERE section_id = '{$section_id}'");
    if ($query_settings->numRows() == 0) {
        exit(header('Location: ' . WB_URL . '/modules/' . $mod_dir . '/nopage.php?err=6'));
        //exit(header("Location: ".WB_URL.PAGES_DIRECTORY.""));
    } else {
        $settings = $query_settings->fetchRow();
        //various values
        $use_commenting_settings = 0;

Beispiel #4

Datei: submit_comment.php Projekt: WBCE/news

$requestMethod = '_' . strtoupper($_SERVER['REQUEST_METHOD']);
$page_id = intval(isset(${$requestMethod}['page_id'])) ? ${$requestMethod}['page_id'] : (isset($page_id) ? intval($page_id) : 0);
// Get post_id
$requestMethod = '_' . strtoupper($_SERVER['REQUEST_METHOD']);
$post_id = intval(isset(${$requestMethod}['post_id'])) ? ${$requestMethod}['post_id'] : (isset($post_id) ? intval($post_id) : 0);
// Get section id if there is one
$requestMethod = '_' . strtoupper($_SERVER['REQUEST_METHOD']);
$section_id = intval(isset(${$requestMethod}['section_id'])) ? ${$requestMethod}['section_id'] : (isset($section_id) ? intval($section_id) : 0);
// Check if we should show the form or add a comment
if (isset($_GET['page_id']) and is_numeric($_GET['page_id']) and isset($_GET['section_id']) and is_numeric($_GET['section_id']) and isset($_GET['post_id']) and is_numeric($_GET['post_id']) and (ENABLED_ASP and isset($_POST['comment_' . date('W')]) and $_POST['comment_' . date('W')] != '' or !ENABLED_ASP and isset($_POST['comment']) and $_POST['comment'] != '')) {
    if (ENABLED_ASP) {
        $comment = $_POST['comment_' . date('W')];
    } else {
        $comment = $_POST['comment'];
    }
    $comment = $wb->add_slashes(strip_tags($comment));
    $title = $wb->add_slashes(strip_tags($_POST['title']));
    // do not allow droplets in user input!
    $title = str_replace(array("[[", "]]"), array("[[", "]]"), $title);
    $comment = str_replace(array("[[", "]]"), array("[[", "]]"), $comment);
    $page_id = (int) $_GET['page_id'];
    $section_id = (int) $_GET['section_id'];
    $post_id = (int) $_GET['post_id'];
    // Check captcha
    $query_settings = $database->query("SELECT use_captcha FROM " . TABLE_PREFIX . "mod_news_settings WHERE section_id = '{$section_id}'");
    if (!$query_settings->numRows()) {
        header("Location: " . WB_URL . PAGES_DIRECTORY . "");
        exit(0);
    } else {
        $settings = $query_settings->fetchRow();
        $t = time();