Ejemplo n.º 1
0
function filter_request(&$request)
{
    if (MAGIC_QUOTES_GPC) {
        foreach ($request as $k => $v) {
            if (is_array($request[$k])) {
                filter_request($request[$k]);
            } else {
                $request[$k] = stripslashes(trim($v));
            }
        }
    }
}
Ejemplo n.º 2
0
 /**
  * @param $query
  * @param $request
  */
 public function scopeFilter($query, $request, $prefix)
 {
     $this->request = $request;
     $this->prefix = $prefix;
     //filter by lang
     if (!empty(filter_request($this->request, $this->prefix . 'lang'))) {
         $query->where('lang', '=', filter_request($this->request, $this->prefix . 'lang'));
     }
     //filter by title
     if (filter_request($this->request, $this->prefix . 'name') != null) {
         $query->where('name', 'like', '%' . filter_request($this->request, $this->prefix . 'name') . '%');
     }
 }
Ejemplo n.º 3
0
 function save()
 {
     filter_request($_POST);
     $data['user_id'] = intval($GLOBALS['user_info']['id']);
     //每次投标金额
     $data['fixed_amount'] = intval($_POST['fixedamount']);
     if ($data['fixed_amount'] < 50 || $data['fixed_amount'] % 50 != 0) {
         showErr($GLOBALS['lang']['PLASE_ENTER_TRUE_FIXED_AMOUNT']);
     }
     //利息
     $data['min_rate'] = floatval($_POST['min_rate']);
     $data['max_rate'] = floatval($_POST['max_rate']);
     if ($data['min_rate'] < 0) {
         showErr($GLOBALS['lang']['PLASE_ENTER_TRUE_MIN_RATE']);
     }
     if ($data['max_rate'] < 0) {
         showErr($GLOBALS['lang']['PLASE_ENTER_TRUE_MAX_RATE']);
     }
     if ($data['min_rate'] > $data['max_rate']) {
         showErr($GLOBALS['lang']['MIN_RATE_NOMORE_MAX_RATE']);
     }
     //借款期限
     $data['min_period'] = intval($_POST['min_period']);
     $data['max_period'] = intval($_POST['max_period']);
     if ($data['min_period'] > $data['max_period']) {
         showErr($GLOBALS['lang']['MIN_PERIOD_NOMORE_MAX_PERIOD']);
     }
     //等级
     $data['min_level'] = intval($_POST['min_level']);
     $data['max_level'] = intval($_POST['max_level']);
     if ($data['min_level'] > $data['max_level']) {
         showErr($GLOBALS['lang']['MIN_LEVEL_NOMORE_MAX_LEVEL']);
     }
     //保留金额
     $data['retain_amount'] = floatval($_POST['retain_amount']);
     if ($data['retain_amount'] < 0) {
         showErr($GLOBALS['lang']['PLASE_ENTER_TRUE_RETAIN_AMOUNT']);
     }
     $data['deal_cates'] = implode(",", $_POST['deal_cate']);
     if ($GLOBALS['db']->getOne("SELECT count(*) FROM " . DB_PREFIX . "user_autobid WHERE user_id=" . $data['user_id']) > 0) {
         //编辑
         $GLOBALS['db']->autoExecute(DB_PREFIX . "user_autobid", $data, "UPDATE", "user_id=" . $data['user_id']);
     } else {
         //添加
         $data['last_bid_time'] = TIME_UTC;
         $GLOBALS['db']->autoExecute(DB_PREFIX . "user_autobid", $data, "INSERT");
     }
     showSuccess($GLOBALS['lang']['SAVE_AUTOBID_SUCCESS']);
 }
Ejemplo n.º 4
0
 /**
  * @param $query
  * @param $request
  */
 public function scopeFilter($query, $request, $prefix)
 {
     $this->request = $request;
     $this->prefix = $prefix;
     if (filter_request($this->request, $this->prefix . 'author') != null) {
         $query->where('author', 'like', filter_request($this->request, $this->prefix . 'author') . '%');
     }
     if (filter_request($this->request, $this->prefix . 'from') != null or filter_request($this->request, $this->prefix . 'to') != null) {
         if (filter_request($this->request, $this->prefix . 'from') != null) {
             $this->to = !filter_request($this->request, $this->prefix . 'to') ? Carbon::now() : Carbon::createFromFormat('d/m/Y H:i', filter_request($this->request, $this->prefix . 'to'));
             $this->from = Carbon::createFromFormat('d/m/Y H:i', filter_request($this->request, $this->prefix . 'from'));
             $query->whereBetween('published_at', [$this->from, $this->to]);
         }
     }
 }
Ejemplo n.º 5
0
 /**
  * Display a listing of the resource.
  *
  * @return Response
  */
 public function index(Cat $cats, Request $request)
 {
     $movies = !filter_request($request, 'm_filter') ? Article::where('lang', App::getLocale())->orderBy('status', 'asc')->orderBy('published_at', 'desc')->ordercat([8])->paginate(get_setting('pagination_num')) : Article::where('lang', App::getLocale())->orderBy('status', 'asc')->orderBy('published_at', 'desc')->ordercat([8])->filter($request, 'm_')->paginate(get_setting('pagination_num'));
     $cats = $cats->select('id', 'name', 'parent')->posts(8)->orderBy('name')->get();
     return view('admin.movies.index', compact('movies', 'cats', 'request'));
 }
Ejemplo n.º 6
0
<?php

// +----------------------------------------------------------------------
// | Fanwe 方维众筹商业系统
// +----------------------------------------------------------------------
// | Copyright (c) 2010 http://www.fanwe.com All rights reserved.
// +----------------------------------------------------------------------
if (!defined('THINK_PATH')) {
    exit;
}
//过滤请求
filter_request($_REQUEST);
filter_request($_GET);
filter_request($_POST);
define("AUTH_NOT_LOGIN", 1);
//未登录的常量
define("AUTH_NOT_AUTH", 2);
//未授权常量
// 全站公共函数库
// 更改系统配置, 当更改数据库配置时为永久性修改, 修改配置文档中配置为临时修改
function conf($name, $value = false)
{
    if ($value === false) {
        return C($name);
    } else {
        if (M("Conf")->where("is_effect=1 and name='" . $name . "'")->count() > 0) {
            if (in_array($name, array('EXPIRED_TIME', 'SUBMIT_DELAY', 'SEND_SPAN', 'WATER_ALPHA', 'MAX_IMAGE_SIZE', 'INDEX_LEFT_STORE', 'INDEX_LEFT_TUAN', 'INDEX_LEFT_YOUHUI', 'INDEX_LEFT_DAIJIN', 'INDEX_LEFT_EVENT', 'INDEX_RIGHT_STORE', 'INDEX_RIGHT_TUAN', 'INDEX_RIGHT_YOUHUI', 'INDEX_RIGHT_DAIJIN', 'INDEX_RIGHT_EVENT', 'SIDE_DEAL_COUNT', 'DEAL_PAGE_SIZE', 'PAGE_SIZE', 'BATCH_PAGE_SIZE', 'HELP_CATE_LIMIT', 'HELP_ITEM_LIMIT', 'REC_HOT_LIMIT', 'REC_NEW_LIMIT', 'REC_BEST_LIMIT', 'REC_CATE_GOODS_LIMIT', 'SALE_LIST', 'INDEX_NOTICE_COUNT', 'RELATE_GOODS_LIMIT'))) {
                $value = intval($value);
            }
            M("Conf")->where("is_effect=1 and name='" . $name . "'")->setField("value", $value);
        }
Ejemplo n.º 7
0
if (!$checker)
    die("domain not authorized");
    **/
$sys_config = (require APP_ROOT_PATH . 'system/config.php');
function app_conf($name)
{
    return stripslashes($GLOBALS['sys_config'][$name]);
}
require APP_ROOT_PATH . 'system/cache/Cache.php';
$cache = CacheService::getInstance();
require_once APP_ROOT_PATH . "system/cache/CacheFileService.php";
$fcache = new CacheFileService();
$fcache->set_dir(APP_ROOT_PATH . "public/runtime/data/");
require APP_ROOT_PATH . 'system/db/db.php';
define('DB_PREFIX', app_conf('DB_PREFIX'));
if (!file_exists(APP_ROOT_PATH . 'public/runtime/app/db_caches/')) {
    mkdir(APP_ROOT_PATH . 'public/runtime/app/db_caches/', 0777);
}
$pconnect = false;
$db = new mysql_db(app_conf('DB_HOST') . ":" . app_conf('DB_PORT'), app_conf('DB_USER'), app_conf('DB_PWD'), app_conf('DB_NAME'), 'utf8', $pconnect);
require APP_ROOT_PATH . 'system/template/template.php';
if (!file_exists(APP_ROOT_PATH . 'public/runtime/app/tpl_caches/')) {
    mkdir(APP_ROOT_PATH . 'public/runtime/app/tpl_caches/', 0777);
}
if (!file_exists(APP_ROOT_PATH . 'public/runtime/app/tpl_compiled/')) {
    mkdir(APP_ROOT_PATH . 'public/runtime/app/tpl_compiled/', 0777);
}
$tmpl = new AppTemplate();
$_REQUEST = array_merge($_GET, $_POST);
filter_request($_REQUEST);
$lang = (require APP_ROOT_PATH . '/app/Lang/' . app_conf("SHOP_LANG") . '/lang.php');
Ejemplo n.º 8
0
 public function brightCove(Request $request)
 {
     if ($request->input('filter_video') == "Filter" or $request->input('reset_video') == "Reset") {
         $request->session()->put('search_video', $request->input('search_video'));
         $request->session()->put('search_type', $request->input('type'));
     }
     $search_video = filter_request($request, 'search_video');
     $search_type = filter_request($request, 'type');
     $selected = 0;
     if (!empty($search_video)) {
         if ($search_type == 1) {
             $selected = 1;
             $search_sql = '&any=display_name:' . str_replace(' ', '%20', $search_video);
         } elseif ($search_type == 2) {
             $selected = 2;
             $search_sql = '&any=tag:' . str_replace(' ', '%20', $search_video);
         } else {
             $search_sql = '&any=' . str_replace(' ', '%20', $search_video);
         }
     } else {
         $search_sql = '';
     }
     $page_number = $request->input('page') > 0 ? $request->input('page') : 0;
     $url = 'http://api.brightcove.com/services/library?command=search_videos' . $search_sql . '&page_size=15&video_fields=id%2Cname%2CshortDescription%2Ctags%2CthumbnailURL&media_delivery=default&sort_by=PUBLISH_DATE&sort_order=ASC&page_number=' . $page_number . '&get_item_count=true&callback=BCL.onSearchResponse&token=_FkpjudFGAdmchAxwVgh1XKZ88KPeC9itvIsTpEJHTrqAKOYA1P1Sg..';
     $content = file_get_contents($url) or die('can`t connect to brightcove server!');
     $content = str_replace('BCL.onSearchResponse(', '[', $content);
     $content = str_replace(');', ']', $content);
     $content = json_decode($content);
     $paging = new LengthAwarePaginator('', $content[0]->total_count, $content[0]->page_size, $content[0]->page_number, ['class' => 'pagination']);
     $type = ['All', 'Names and description', 'Tags'];
     //dump($request->input('search'));
     //dump($paging);
     return view('admin.brightcove.index', compact('content', 'paging', 'type', 'search_video', 'selected'));
 }
Ejemplo n.º 9
0
 /**
  * Display a listing of the resource.
  *
  * @return Response
  */
 public function index(Request $request)
 {
     $gallery = !filter_request($request, 'g_filter') ? Image::where('lang', App::getLocale())->orderBy('status', 'asc')->orderBy('published_at', 'desc')->paginate(get_setting('pagination_num')) : Image::where('lang', App::getLocale())->orderBy('status', 'asc')->orderBy('published_at', 'desc')->filter($request, 'g_')->paginate(get_setting('pagination_num'));
     return view('admin.gallery.index', compact('gallery', 'request'));
 }
Ejemplo n.º 10
0
 /**
  * @param $query
  * @param $request
  */
 public function scopeFilter($query, $request, $prefix)
 {
     $this->request = $request;
     $this->prefix = $prefix;
     //filter by category
     if (filter_request($this->request, $this->prefix . 'cat') != 0) {
         if (filter_request($this->request, $this->prefix . 'cat') > 2) {
             $query->whereHas('categories', function ($q) {
                 $q->where('cat_id', filter_request($this->request, $this->prefix . 'cat'));
             });
         }
         if (filter_request($this->request, $this->prefix . 'cat') == 2) {
             $query->whereHas('categories', function ($q) {
                 $q->where('parent', filter_request($this->request, $this->prefix . 'cat'));
             });
         }
     }
     //filter by status
     if (!empty(filter_request($this->request, $this->prefix . 'status'))) {
         $query->where('status', '=', filter_request($this->request, $this->prefix . 'status'));
     }
     //filter by lang
     if (!empty(filter_request($this->request, $this->prefix . 'lang'))) {
         $query->where('lang', '=', filter_request($this->request, $this->prefix . 'lang'));
     }
     //filter by title
     if (filter_request($this->request, $this->prefix . 'title') != null) {
         $query->where('title', 'like', '%' . filter_request($this->request, $this->prefix . 'title') . '%')->orWhere('original_title', 'like', '%' . filter_request($this->request, $this->prefix . 'title') . '%');
     }
     //filter by author
     if (filter_request($this->request, $this->prefix . 'author') != null) {
         $query->where('author', 'like', filter_request($this->request, $this->prefix . 'author') . '%');
     }
     //filter by date
     if (filter_request($this->request, $this->prefix . 'from') != null or filter_request($this->request, $this->prefix . 'to') != null) {
         if (filter_request($this->request, $this->prefix . 'from') != null) {
             $this->to = !filter_request($this->request, $this->prefix . 'to') ? Carbon::now() : Carbon::createFromFormat('d/m/Y H:i', filter_request($this->request, $this->prefix . 'to'));
             $this->from = Carbon::createFromFormat('d/m/Y H:i', filter_request($this->request, $this->prefix . 'from'));
             $query->whereBetween('published_at', [$this->from, $this->to]);
         }
     }
 }
Ejemplo n.º 11
0
 /**
 +----------------------------------------------------------
 * 创建数据对象 但不保存到数据库
 +----------------------------------------------------------
 * @access public
 +----------------------------------------------------------
 * @param mixed $data 创建数据
 * @param string $type 状态
 +----------------------------------------------------------
 * @return mixed
 +----------------------------------------------------------
 */
 public function create($data = '', $type = '')
 {
     // 如果没有传值默认取POST数据
     if (empty($data)) {
         filter_request($_POST);
         $data = $_POST;
     } elseif (is_object($data)) {
         $data = get_object_vars($data);
     } elseif (!is_array($data)) {
         $this->error = L('_DATA_TYPE_INVALID_');
         return false;
     }
     // 状态
     $type = $type ? $type : (!empty($data[$this->getPk()]) ? self::MODEL_UPDATE : self::MODEL_INSERT);
     // 表单令牌验证
     if (C('TOKEN_ON') && !$this->autoCheckToken($data)) {
         $this->error = L('_TOKEN_ERROR_');
         return false;
     }
     // 数据自动验证
     if (!$this->autoValidation($data, $type)) {
         return false;
     }
     // 检查字段映射
     if (!empty($this->_map)) {
         foreach ($this->_map as $key => $val) {
             if (isset($data[$key])) {
                 $data[$val] = $data[$key];
                 unset($data[$key]);
             }
         }
     }
     // 验证完成生成数据对象
     $vo = array();
     foreach ($this->fields as $key => $name) {
         if (substr($key, 0, 1) == '_') {
             continue;
         }
         $val = isset($data[$name]) ? $data[$name] : null;
         //保证赋值有效
         if (!is_null($val)) {
             $vo[$name] = MAGIC_QUOTES_GPC && is_string($val) ? stripslashes($val) : $val;
         }
     }
     // 创建完成对数据进行自动处理
     $this->autoOperation($vo, $type);
     // 赋值当前数据对象
     $this->data = $vo;
     // 返回创建的数据以供其他调用
     return $vo;
 }
Ejemplo n.º 12
0
 /**
  * Display a listing of the resource.
  *
  * @return \Illuminate\Http\Response
  */
 public function index(Request $request)
 {
     $items = !filter_request($request, 'a_filter') ? $items = Artist::select('*')->paginate(get_setting('pagination')) : ($items = Artist::select('*')->filter($request, 'a_')->paginate(get_setting('pagination')));
     return view('admin.artists.index', compact('items', 'request'));
 }
Ejemplo n.º 13
0
/**
 * Checks the submitted nonce with the stored session nonce.
 * @return boolean: Whether the submitted nonce matches the SESSION (expected)
 * NONCE
 */
function checkNonce() {
  $form_nonce = $_SESSION['form_nonce'];
  $request_nonce = filter_request('form_nonce');
  if ($request_nonce == $form_nonce) {
    return true;
  } else {
    pkdebug("FORM NONCE:'$form_nonce'; REQUEST_NONCE: '$request_nonce'");
    return false;
  }
}