Ejemplos de código de filterString en PHP

Ejemplo n.º 1

0

Mostrar archivo

Archivo: conversion_helper.php Proyecto: rajashekarreddy/test2

/**
 * Generate Form Token
 *
 * @access	public
 * @return	string	unique form token
 *
 */
function conversion($postvar, $className)
{
    $object = new $className();
    $rc = new ReflectionClass($className);
    if (!array_key_exists('id', $postvar) || empty($postvar['id'])) {
        $postvar['date_added'] = gmdate("Y-m-d H:i:s", time());
    }
    $postvar['last_modified'] = gmdate("Y-m-d H:i:s", time());
    //if(!array_key_exists('ipaddress',$objReturn))
    $postvar['ip_address'] = ipaddress();
    //if(!array_key_exists('last_modified_by',$objReturn))
    //{
    $CI =& get_instance();
    $session = $CI->db_session->userdata('userObj');
    if ($session) {
        $postvar['last_modified_by'] = $session->id;
    } else {
        $postvar['last_modified_by'] = 0;
    }
    $postVarKeys = array_keys($postvar);
    //$reflect = new ReflectionObject($object);
    foreach ($rc->getProperties(ReflectionProperty::IS_PRIVATE) as $prop) {
        if (in_array($prop->getName(), $postVarKeys) && $rc->hasMethod("set" . ucfirst($prop->getName()))) {
            $refMethod = new ReflectionMethod($className, "set" . ucfirst($prop->getName()));
            //echo $postvar[$prop->getName()];
            $refMethod->invokeArgs($object, array(filterString($postvar[$prop->getName()])));
        }
    }
    //return $object;
    return conversion2($postvar, $object, $check = 1);
}

Ejemplo n.º 2

0

Mostrar archivo

Archivo: treeMenu.inc.php Proyecto: mokal/DCN_TestLink

/**
 * 
 * 
 * @param integer $level
 * @param array &$node reference to recursive map
 * @param array &$tcases_map reference to map that contains info about testcase exec status
 *              when node is of testcase type.
 * 
 * @return datatype description
 * 
 */
function renderExecTreeNode($level, &$node, &$tcase_node, $hash_id_descr, $linkto, $testCasePrefix, $opt)
{
    static $resultsCfg;
    static $l18n;
    static $pf;
    static $doColouringOn;
    static $cssClasses;
    $node_type = $hash_id_descr[$node['node_type_id']];
    $menustring = '';
    if (!$resultsCfg) {
        $doColouringOn['testcase'] = 1;
        $doColouringOn['counters'] = 1;
        if (!is_null($opt['useColors'])) {
            $doColouringOn['testcase'] = $opt['useColors']->testcases;
            $doColouringOn['counters'] = $opt['useColors']->counters;
        }
        $resultsCfg = config_get('results');
        $status_descr_code = $resultsCfg['status_code'];
        foreach ($resultsCfg['status_label'] as $key => $value) {
            $l18n[$status_descr_code[$key]] = lang_get($value);
            // here we use ONLY key
            $cssClasses[$status_descr_code[$key]] = $doColouringOn['testcase'] ? 'class="light_' . $key . '"' : '';
        }
        // Very BAD CHOICE => SIDE EFFECT
        $pf['testsuite'] = $opt['hideTestCases'] ? 'TPLAN_PTS' : ($opt['showTestSuiteContents'] ? 'STS' : null);
        $pf['testproject'] = $opt['hideTestCases'] ? 'TPLAN_PTP' : 'SP';
        if (isset($opt['actionJS'])) {
            if (isset($opt['actionJS']['testproject'])) {
                $pf['testproject'] = $opt['actionJS']['testproject'];
            }
            if (isset($opt['actionJS']['testsuite'])) {
                $pf['testsuite'] = $opt['actionJS']['testsuite'];
            }
        }
        // manage defaults
        $opt['showTestCaseExecStatus'] = isset($opt['showTestCaseExecStatus']) ? $opt['showTestCaseExecStatus'] : true;
        $opt['nodeHelpText'] = isset($opt['nodeHelpText']) ? $opt['nodeHelpText'] : array();
    }
    $name = filterString($node['name']);
    // custom Property that will be accessed by EXT-JS using node.attributes
    $node['testlink_node_name'] = $name;
    $node['testlink_node_type'] = $node_type;
    switch ($node_type) {
        case 'testproject':
        case 'testsuite':
            $node['leaf'] = false;
            // $versionID = 0;
            $pfn = !is_null($pf[$node_type]) ? $pf[$node_type] . "({$node['id']})" : null;
            $testcase_count = isset($node['testcase_count']) ? $node['testcase_count'] : 0;
            $node['text'] = $name . " (" . $testcase_count . ")";
            if ($opt['useCounters']) {
                $node['text'] .= create_counters_info($node, $doColouringOn['counters']);
            }
            if (isset($opt['nodeHelpText'][$node_type])) {
                $node['text'] = '<span title="' . $opt['nodeHelpText'][$node_type] . '">' . $node['text'] . '</span>';
            }
            break;
        case 'testcase':
            $node['leaf'] = true;
            // $versionID = $node['tcversion_id'];
            $pfn = $opt['tc_action_enabled'] ? "ST({$node['id']},{$node['tcversion_id']})" : null;
            $node['text'] = "<span ";
            if (isset($tcase_node[$node['id']])) {
                if ($opt['showTestCaseExecStatus']) {
                    $status_code = $tcase_node[$node['id']]['exec_status'];
                    $node['text'] .= "{$cssClasses[$status_code]} " . '  title="' . $l18n[$status_code] . '" alt="' . $l18n[$status_code] . '">';
                }
            }
            if ($opt['showTestCaseID']) {
                $node['text'] .= "<b>" . htmlspecialchars($testCasePrefix . $node['external_id']) . "</b>:";
            }
            $node['text'] .= "{$name}</span>";
            break;
        default:
            $pfn = "ST({$node['id']})";
            break;
    }
    $node['position'] = isset($node['node_order']) ? $node['node_order'] : 0;
    $node['href'] = is_null($pfn) ? '' : "javascript:{$pfn}";
    // ----------------------------------------------------------------------------------------------
    if (isset($tcase_node[$node['id']])) {
        unset($tcase_node[$node['id']]);
        // dam it NO COMMENT!
    }
    if (isset($node['childNodes']) && $node['childNodes']) {
        // need to work always original object in order to change it's values using reference .
        // Can not assign anymore to intermediate variables.
        $nodes_qty = sizeof($node['childNodes']);
        for ($idx = 0; $idx < $nodes_qty; $idx++) {
            if (is_null($node['childNodes'][$idx])) {
                continue;
            }
            $menustring .= renderExecTreeNode($level + 1, $node['childNodes'][$idx], $tcase_node, $hash_id_descr, $linkto, $testCasePrefix, $opt);
        }
    }
    return $menustring;
}

Ejemplo n.º 3

0

Mostrar archivo

Archivo: updateSentenceAttributes.php Proyecto: bassels/Fraser

/**
 * Updates all attributes from a specific sentence in specific language
 */
function updateSentenceAttributes($db, $input)
{
    foreach ($input as $key => $dataRaw) {
        $data[$key] = filterString($dataRaw);
    }
    $data['lang'] = strtolower($data['lang']);
    $stmt = 'UPDATE fr_' . $data['lang'] . '_sentences SET ';
    if ($data['fact'] === "on") {
        $stmt .= 'fr_' . $data['lang'] . '_sentences.sentence_fact = 1, ';
    } else {
        $stmt .= 'fr_' . $data['lang'] . '_sentences.sentence_fact = 0, ';
    }
    if ($data['passive'] === "on") {
        $stmt .= 'fr_' . $data['lang'] . '_sentences.sentence_passive = 1, ';
    } else {
        $stmt .= 'fr_' . $data['lang'] . '_sentences.sentence_passive = 0, ';
    }
    if ($data['v_basic'] !== false) {
        $stmt .= 'fr_' . $data['lang'] . '_sentences.sentence_verb_basic = "' . $data['v_basic'] . '", ';
    } else {
        $stmt .= 'fr_' . $data['lang'] . '_sentences.sentence_verb_basic = "", ';
    }
    if ($data['v_grammar'] !== false) {
        $stmt .= 'fr_' . $data['lang'] . '_sentences.sentence_verb_grammar = "' . $data['v_grammar'] . '", ';
    } else {
        $stmt .= 'fr_' . $data['lang'] . '_sentences.sentence_verb_grammar = "", ';
    }
    if ($data['sipl'] === "1") {
        $stmt .= 'fr_' . $data['lang'] . '_sentences.sentence_singular = 1, ';
        $stmt .= 'fr_' . $data['lang'] . '_sentences.sentence_plural = 0, ';
    } else {
        if ($data['sipl'] === "2") {
            $stmt .= 'fr_' . $data['lang'] . '_sentences.sentence_singular = 0, ';
            $stmt .= 'fr_' . $data['lang'] . '_sentences.sentence_plural = 1, ';
        } else {
            $stmt .= 'fr_' . $data['lang'] . '_sentences.sentence_singular = 0, ';
            $stmt .= 'fr_' . $data['lang'] . '_sentences.sentence_plural = 0, ';
        }
    }
    if ($data['person'] !== false) {
        $stmt .= 'fr_' . $data['lang'] . '_sentences.sentence_person = ' . $data['person'] . ', ';
    } else {
        $stmt .= 'fr_' . $data['lang'] . '_sentences.sentence_person = "", ';
    }
    if ($data['diff'] !== false) {
        $stmt .= 'fr_' . $data['lang'] . '_sentences.sentence_difficulty = ' . $data['diff'] . ', ';
    } else {
        $error = true;
    }
    $stmt .= 'fr_' . $data['lang'] . '_sentences.sentence_attributes_status = 1, ';
    $stmt .= 'fr_' . $data['lang'] . '_sentences.sentence_proof_attributes_user_name = "' . $_SESSION['user_name'] . '", ';
    $stmt .= 'fr_' . $data['lang'] . '_sentences.sentence_proof_attributes_date = NOW() ';
    $stmt .= 'WHERE fr_' . $data['lang'] . '_sentences.sentence_id = ' . $data['id'];
    $stmt = $db->prepare($stmt);
    if ($stmt !== false || isset($error)) {
        $stmt->execute();
        $c = $stmt->rowCount();
        if ($c) {
            return true;
        } else {
            return false;
        }
    } else {
        return false;
    }
}

Ejemplo n.º 4

0

Mostrar archivo

Archivo: func5.php Proyecto: denson7/phpstudy

//3.给你一个字符串，将字符串中的特殊字符转换成HTML 实体 > < ' " &
//得到转换之后的字符串
$string = <<<EOF
\tA>B > > >
EOF;
echo '<hr/>';
/**
 * 过滤字符串中的特殊字符
 * @param string $string
 * @return string
 */
function filterString($string)
{
    return htmlspecialchars($string, ENT_QUOTES);
}
echo filterString($string);
/*
 * 4.
$arr=array(
		'username'=>'king',
		'age'=>'12',
		'addr'=>'北京'
);
INSERT user(username,age,addr) VALUES('king','12','北京');
UPDATE user SET username='******',age='12',addr='北京'
*/
echo '<hr/>';
$array = array('username' => 'king', 'age' => '12', 'addr' => '北京', 'email' => '*****@*****.**', 'test' => 'this is ate est', 'test1' => 'hello world');
echo insert($array);
/**
 * 添加记录

Ejemplo n.º 5

0

Mostrar archivo

Archivo: contactController.php Proyecto: bassels/moebel-mafia

 $msg = filter_input(INPUT_POST, 'msg', FILTER_SANITIZE_STRING);
 $contactErrors = [];
 if (!empty($name) && !filterName($name)) {
     $contactErrors[] = 'Bitte verwenden Sie nur Buchstaben in ihrem Namen.';
 }
 if (empty($mail)) {
     $contactErrors[] = 'Bitte geben Sie Ihre E-Mail Adresse an.';
 } elseif (!filterEmail($mail)) {
     $contactErrors[] = 'Ihre angegebene E-Mail Adresse ist ungültig.';
 }
 if (!empty($subject) && !filterName($subject)) {
     $contactErrors[] = 'Bitte verwenden Sie nur Buchstaben in ihrem Namen.';
 }
 if (empty($msg)) {
     $contactErrors[] = 'Bitte geben Sie eine Nachricht ein.';
 } elseif (!filterString($msg)) {
     $contactErrors[] = 'Ihre Nachricht enthält unzulässige Zeichen';
 }
 if (empty($contactErrors)) {
     $to = '*****@*****.**';
     $msgSubject = $subject or 'Kontaktformular: Neue Nachricht an Möbel Mafia';
     $message = $msg;
     $headers = "From: <*****@*****.**> Kontaktformular" . "\r\n";
     $headers .= "Reply-To: " . $mail;
     $sent = mail($to, $msgSubject, $message, $headers);
     if ($sent) {
         $contactSuccess = 'Ihre Nachricht wurde erfolgreich übermittelt.';
     } else {
         $contactSuccess = false;
     }
 }

Ejemplo n.º 6

0

Mostrar archivo

Archivo: filter_demo.php Proyecto: Chi-Hime/mysql_mini_assignment

<?php

$badString = "Ke<script src='...'>n";
$sanitized = filter_var($badString, FILTER_SANITIZE_STRING);
echo $sanitized;
$badNumber = "12)<br>4";
$sanitizeNumber = filter_var($badNumber, FILTER_SANITIZE_NUMBER_INT);
echo "<br>";
echo $sanitizeNumber;
$model_update = filterString($_POST["car_model"]);
function filterString($string)
{
    return filter_var($string, FILTER_SANITIZE_STRING);
}

Ejemplo n.º 7

0

Mostrar archivo

Archivo: treeMenu.inc.php Proyecto: viglesiasce/tl_RC1

/** VERY IMPORTANT: node must be passed BY REFERENCE */
function extjs_renderTestSpecTreeNodeOnOpen(&$node, $node_type, $tc_action_enabled, $bForPrinting, $showTestCaseID, $testCasePrefix)
{
    $name = filterString($node['name']);
    $buildLinkTo = 1;
    $pfn = "ET";
    $testcase_count = isset($node['testcase_count']) ? $node['testcase_count'] : 0;
    switch ($node_type) {
        case 'testproject':
            $pfn = $bForPrinting ? 'TPROJECT_PTP' : 'EP';
            $label = $name . " (" . $testcase_count . ")";
            break;
        case 'testsuite':
            $pfn = $bForPrinting ? 'TPROJECT_PTS' : 'ETS';
            $label = $name . " (" . $testcase_count . ")";
            break;
        case 'testcase':
            $buildLinkTo = $tc_action_enabled;
            if (!$buildLinkTo) {
                $pfn = "void";
            }
            $label = "";
            if ($showTestCaseID) {
                $label .= "<b>{$testCasePrefix}{$node['external_id']}</b>:";
            }
            $label .= $name;
            break;
    }
    // switch
    $node['text'] = $label;
    $node['position'] = isset($node['node_order']) ? $node['node_order'] : 0;
    $node['href'] = is_null($pfn) ? '' : "javascript:{$pfn}({$node['id']})";
    // Remove useless keys
    $resultsCfg = config_get('results');
    $status_descr_code = $resultsCfg['status_code'];
    foreach ($status_descr_code as $key => $code) {
        if (isset($node[$key])) {
            unset($node[$key]);
        }
    }
    $key2del = array('node_type_id', 'parent_id', 'node_order', 'node_table', 'tcversion_id', 'external_id', 'version', 'testcase_count');
    foreach ($key2del as $key) {
        if (isset($node[$key])) {
            unset($node[$key]);
        }
    }
}

Ejemplo n.º 8

0

Mostrar archivo

Archivo: results.class.php Proyecto: moraesmv/testlink-code

 /**
  * parent_suite_name is used to construct the full hierachy name of the suite
  * ex: "A->A.A->A.A.A"
  */
 private function processExecTreeNode($level, &$node, $hash_id_descr, $parent_suite_name = '')
 {
     $currentNode = null;
     $currentNodeIndex = 0;
     $suiteFound = false;
     if (isset($node['childNodes']) && $node['childNodes']) {
         $childNodes = $node['childNodes'];
         for ($i = 0; $i < sizeof($childNodes); $i++) {
             $current = $childNodes[$i];
             if (!$current) {
                 continue;
             }
             $nodeDesc = $hash_id_descr[$current['node_type_id']];
             $id = $current['id'];
             $parentId = $current['parent_id'];
             if ($parentId == $this->tprojectID && $this->suitesSelected != 'all') {
                 if (!in_array($id, $this->suitesSelected)) {
                     // skip processing of this top level suite
                     continue;
                 }
             }
             //end if
             $name = filterString($current['name']);
             if ($id && $name && $nodeDesc == 'testsuite') {
                 if ($parent_suite_name) {
                     $hierarchySuiteName = $parent_suite_name . " / " . $name;
                 } else {
                     $hierarchySuiteName = $current['name'];
                 }
                 /* flat array logic */
                 $CONSTANT_DEPTH_ADJUSTMENT = 2;
                 $this->depth = $level - $CONSTANT_DEPTH_ADJUSTMENT;
                 $changeInDepth = $this->depth - $this->previousDepth;
                 $this->previousDepth = $this->depth;
                 // depth only used by flatArrayIndex to help describe the tree
                 $this->flatArray[$this->flatArrayIndex] = $changeInDepth;
                 $this->flatArrayIndex++;
                 $this->flatArray[$this->flatArrayIndex] = $hierarchySuiteName;
                 $this->flatArrayIndex++;
                 $this->flatArray[$this->flatArrayIndex] = $id;
                 $this->flatArrayIndex++;
                 /* end flat array logic */
                 /* suiteStructure logic */
                 $currentNode[$currentNodeIndex] = $hierarchySuiteName;
                 $currentNodeIndex++;
                 $currentNode[$currentNodeIndex] = $id;
                 $currentNodeIndex++;
                 $currentNode[$currentNodeIndex] = $this->processExecTreeNode($level + 1, $current, $hash_id_descr, $hierarchySuiteName);
                 $currentNodeIndex++;
                 /* end suiteStructure logic */
             }
         }
         // end for
     }
     return $currentNode;
 }

Ejemplo n.º 9

0

Mostrar archivo

Archivo: newSentenceController.php Proyecto: bassels/Fraser

<?php

$languages = getAllLanguages($db);
if (isset($do) && $do == "create") {
    if (isset($_POST) && !empty($_POST)) {
        foreach ($_POST as $key => $dataRaw) {
            if (isset($dataRaw) && !empty($dataRaw)) {
                if (is_array($dataRaw)) {
                    $dataFine = filterArrayStrings($dataRaw, true);
                } else {
                    $dataFine = filterString($dataRaw);
                }
                if (isset($dataFine) && !empty($dataFine)) {
                    $data[$key] = $dataFine;
                } else {
                    $error[$key] = 1;
                }
            } else {
                $error[$key] = 1;
            }
        }
        //var_dump($data);
        if (empty($data['languages'][strtolower($data['master-language'])])) {
            $error[] = 1;
        }
        if (!isset($error)) {
            $success = createSentence($data, $db);
        }
    } else {
        header('Location:' . createUrl(array("action" => "new-sentence")));
    }

Ejemplo n.º 10

0

Mostrar archivo

Archivo: searchController.php Proyecto: bassels/moebel-mafia

 if (isset($_POST['distance']) && !empty($_POST['distance'])) {
     $distance = filterInt($_POST['distance']);
     if ($distance) {
         $data['distance'] = $distance;
     }
 }
 // Wurde ein Mindestpreis angegeben? Keine Pflicht
 if (isset($_POST['price_from']) && !empty($_POST['price_from'])) {
     $price_from = filterString($_POST['price_from']);
     if ($price_from) {
         $data['price_from'] = $price_from;
     }
 }
 // Wurde ein Maximalpreis angegeben? Keine Pflicht
 if (isset($_POST['price_max']) && !empty($_POST['price_max'])) {
     $price_max = filterString($_POST['price_max']);
     if ($price_max) {
         $data['price_max'] = $price_max;
     }
 }
 if (!isset($do)) {
     if (isset($data) && !empty($data)) {
         unset($_SESSION['last_search_result']);
         $_SESSION['last_search_result'] = search($data, $db);
         $_SESSION['last_search_params'] = $data;
         $_SESSION['search'] = true;
         header('Location: /suche/1');
     } else {
         $_SESSION['search'] = true;
         header('Location: /home');
     }

Ejemplo n.º 11

0

Mostrar archivo

Archivo: getSentencesByMultipleSelection.php Proyecto: bassels/Fraser

/**
 * Funktion zum Laden von Sätzen mit mehrfach filter
 */
function getSentencesByMultipleSelection($db, $data)
{
    foreach ($data as $key => $dataRaw) {
        if (!empty($dataRaw)) {
            if (is_numeric($dataRaw)) {
                $data[$key] = filterInt($dataRaw);
            } else {
                $data[$key] = filterString($dataRaw);
            }
        }
    }
    $data['startLang'] = strtolower($data['startLang']);
    $data['endLang'] = strtolower($data['endLang']);
    //debug($data);
    $stmt = 'SELECT ';
    $stmt .= 'fr_' . $data['startLang'] . '_sentences.sentence_id,';
    $stmt .= 'fr_' . $data['startLang'] . '_sentences.sentence_text,';
    $stmt .= 'fr_' . $data['startLang'] . '_sentences.sentence_difficulty,';
    $stmt .= 'fr_' . $data['startLang'] . '_sentences.sentence_lang, ';
    if (isset($data['time']) && !empty($data['time'])) {
        $stmt .= 'fr_languages.language_id, ';
        $stmt .= 'fr_sentences_has_times.sentences_has_times_times_id, ';
        $stmt .= 'fr_times.times_id, ';
    }
    $stmt .= 'fr_' . $data['endLang'] . '_sentences.sentence_id ';
    $stmt .= 'FROM fr_' . $data['startLang'] . '_sentences ';
    $stmt .= 'JOIN fr_' . $data['endLang'] . '_sentences ON fr_' . $data['endLang'] . '_sentences.sentence_id = fr_' . $data['startLang'] . '_sentences.sentence_id ';
    if (isset($data['time']) && !empty($data['time'])) {
        $stmt .= 'JOIN fr_languages ON fr_languages.language_shortcode = fr_' . $data['startLang'] . '_sentences.sentence_lang ';
        $stmt .= 'JOIN fr_sentences_has_times ON fr_sentences_has_times.sentences_has_times_sentence_id = fr_' . $data['startLang'] . '_sentences.sentence_id ';
        $stmt .= 'JOIN fr_times ON fr_times.times_id = fr_sentences_has_times.sentences_has_times_times_id ';
    }
    $stmt .= 'WHERE fr_' . $data['startLang'] . '_sentences.sentence_text_status = 1 ';
    $stmt .= 'AND fr_' . $data['startLang'] . '_sentences.sentence_attributes_status = 1 ';
    $stmt .= 'AND fr_' . $data['endLang'] . '_sentences.sentence_text_status = 1 ';
    $stmt .= 'AND fr_' . $data['endLang'] . '_sentences.sentence_attributes_status = 1 ';
    if (isset($data['level']) && !empty($data['level']) && $data['level'] !== 0) {
        $stmt .= 'AND fr_' . $data['startLang'] . '_sentences.sentence_difficulty = "' . $data['level'] . '" ';
    }
    if (isset($data['searchWord']) && !empty($data['searchWord'])) {
        $stmt .= 'AND fr_' . $data['startLang'] . '_sentences.sentence_text LIKE "%' . $data['searchWord'] . '%" ';
    }
    if (isset($data['mainCat']) && !empty($data['mainCat'])) {
        $stmt .= 'AND fr_' . $data['startLang'] . '_sentences.sentence_category_no = "' . $data['mainCat'] . '" ';
    }
    if (isset($data['verbBasic']) && !empty($data['verbBasic'])) {
        $stmt .= 'AND fr_' . $data['startLang'] . '_sentences.sentence_verb_basic = "' . $data['verbBasic'] . '" ';
    }
    if (isset($data['verbGrammar']) && !empty($data['verbGrammar'])) {
        $stmt .= 'AND fr_' . $data['startLang'] . '_sentences.sentence_verb_grammar = "' . $data['verbGrammar'] . '" ';
    }
    if (isset($data['person']) && !empty($data['person'])) {
        $stmt .= 'AND fr_' . $data['startLang'] . '_sentences.sentence_person = "' . $data['person'] . '" ';
    }
    if (isset($data['sipl']) && !empty($data['sipl'] && $data['sipl'] == 'singular')) {
        $stmt .= 'AND fr_' . $data['startLang'] . '_sentences.sentence_singular = 1 ';
    }
    if (isset($data['sipl']) && !empty($data['sipl'] && $data['sipl'] == 'plural')) {
        $stmt .= 'AND fr_' . $data['startLang'] . '_sentences.sentence_plural = 1 ';
    }
    if (isset($data['time']) && !empty($data['time'])) {
        $stmt .= 'AND fr_times.times_id = "' . $data['time'] . '" ';
    }
    $stmt = $db->prepare($stmt);
    if ($stmt !== false) {
        $stmt->execute();
        $result = $stmt->fetchAll(PDO::FETCH_ASSOC);
    }
    if ($result) {
        return $result;
    } else {
        return false;
    }
}

Ejemplo n.º 12

0

Mostrar archivo

Archivo: registerUser.php Proyecto: bassels/Fraser

function registerUser($db)
{
    $username = filterString($_POST['username']);
    $mail = filterEmail($_POST['mail']);
    $cmail = filterEmail($_POST['cmail']);
    $pass = filterPassword($_POST['password']);
    $cpass = filterPassword($_POST['cpassword']);
    $agb = filterString($_POST['cagb']);
    if (!isset($username) || empty($username)) {
        $error['username'] = 1;
        $error['msg']['username'] = '******';
    }
    if (!isset($mail) || empty($mail)) {
        $error['mail'] = 1;
        $error['msg']['mail'] = 'Sie haben keine E-Mail angegeben';
    }
    if (!isset($cmail) || empty($cmail)) {
        $error['cmail'] = 1;
        $error['msg']['cmail'] = 'Bitte bestätigen Sie Ihre E-Mail';
    }
    if ($mail != $cmail) {
        $error['unequal_mail'] = 1;
        $error['msg']['unequal_mail'] = 'Die angegebenen Mails stimmen nicht überein';
    }
    if (!isset($pass) || empty($pass)) {
        $error['pass'] = 1;
        $error['msg']['pass'] = '******';
    }
    if (!isset($cpass) || empty($cpass)) {
        $error['cpass'] = 1;
        $error['msg']['cpass'] = '******';
    }
    if ($pass != $cpass) {
        $error['unequal_pass'] = 1;
        $error['msg']['unequal_pass'] = '******';
    }
    if (!isset($agb) || $agb != 'on') {
        $error['agb'] = 1;
        $error['msg']['agb'] = 'Bitte akzeptieren Sie unsere AGB';
    }
    if (empty($error)) {
        $proofedName = checkIfExists($username, "fr_users", "user_name", $db);
        if ($proofedName) {
            $proofedMail = checkIfExists($mail, "fr_users", "user_mail", $db);
            if ($proofedMail) {
                // User wird angelegt
                // random salt
                $randomSalt = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true));
                // Create salted password
                //$hashedPassword = hash('sha512', $password . $randomSalt);
                $hashedPassword = hash('sha512', $pass . $randomSalt);
                // Create randomHash to salt mail for validation-process
                $randomHash = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true));
                // Created salted mail for validation-process
                $validationHash = hash('sha512', $mail . $randomHash);
                try {
                    $db->beginTransaction();
                    $stmt = $db->prepare('INSERT INTO fr_users(user_name,' . 'user_mail, ' . 'user_hash, ' . 'user_salt, ' . 'user_validation, ' . 'user_regDate, ' . 'user_lastLogin, ' . 'user_role, ' . 'user_status, ' . 'user_base_lang, ' . 'user_newsletter) ' . 'VALUES (:name, :mail, :hash, :salt, :validation, NOW(), NOW(), :role, :status, :base_lang, :newsletter)');
                    $stmt->execute(array(':name' => $username, ':mail' => $mail, ':hash' => $hashedPassword, ':salt' => $randomSalt, ':validation' => $validationHash, ':role' => 0, ':status' => 'pending', ':base_lang' => 'de', ':newsletter' => 1));
                    $db->commit();
                } catch (PDOException $e) {
                    $e->getMessage();
                    $db->rollBack();
                }
                if (empty($e)) {
                    $mail = sendValidationMail($mail, $validationHash);
                    if ($mail) {
                        header('Location:' . createUrl(array("action" => "register", "do" => "success")));
                    } else {
                        $error['mail_error'] = 1;
                        return $error;
                    }
                } else {
                    $error['db_error'] = 1;
                    return $error;
                }
            } else {
                $error['mail_used'] = 1;
                $error['msg']['mail_used'] = 'Die eingegebe E-Mail wird bereits verwendet';
                return $error;
            }
        } else {
            $error['name_used'] = 1;
            $error['msg']['username_used'] = 'Der eingegeben Nutzername wird bereits verwendet';
            return $error;
        }
    } else {
        return $error;
    }
}

Ejemplos de filterString en PHP