Ejemplo n.º 1
0
 /**
  * A pointer to mysql_real_escape_string() - see http://www.php.net/mysql_real_escape_string
  *
  * @param string $data
  * @return string
  */
 function escape($data, $strip = true)
 {
     if ($this->pdo) {
         return $data;
     }
     if ($strip) {
         $data = strip_if_magic($data);
     }
     if (!$this->mySQLaccess) {
         global $db_ConnectionID;
         $this->mySQLaccess = $db_ConnectionID;
     }
     return mysql_real_escape_string($data, $this->mySQLaccess);
 }
Ejemplo n.º 2
0
$ns = e107::getRender();
if (isset($_POST['metasubmit'])) {
    $tmp = $pref['meta_tag'];
    $langs = explode(",", e_LANLIST);
    foreach ($langs as $lan) {
        $meta_tag[$lan] = $tmp[$lan];
        $meta_diz[$lan] = $pref['meta_description'][$lan];
        $meta_keywords[$lan] = $pref['meta_keywords'][$lan];
        $meta_copyright[$lan] = $pref['meta_copyright'][$lan];
        $meta_author[$lan] = $pref['meta_author'][$lan];
    }
    $meta_tag[e_LANGUAGE] = strip_if_magic(chop($_POST['meta']));
    $meta_diz[e_LANGUAGE] = strip_if_magic(chop($_POST['meta_description']));
    $meta_keywords[e_LANGUAGE] = strip_if_magic(chop($_POST['meta_keywords']));
    $meta_copyright[e_LANGUAGE] = strip_if_magic(chop($_POST['meta_copyright']));
    $meta_author[e_LANGUAGE] = strip_if_magic(chop($_POST['meta_author']));
    $pref['meta_news_summary'] = intval($_POST['meta_news_summary']);
    $pref['meta_tag'] = $meta_tag;
    $pref['meta_description'] = $meta_diz;
    $pref['meta_keywords'] = $meta_keywords;
    $pref['meta_copyright'] = $meta_copyright;
    $pref['meta_author'] = $meta_author;
    /*
        if($pref['meta_tag'][e_LANGUAGE] == ""){
            unset($meta_tag[e_LANGUAGE]);
        }*/
    e107::getLog()->add('META_01', 'meta_news_summary=>' . $pref['meta_news_summary'] . '[!br!]' . e_LANGUAGE, E_LOG_INFORMATIVE, '');
    save_prefs();
}
$meta = vartrue($pref['meta_tag']);
$meta_diz = vartrue($pref['meta_description']);
Ejemplo n.º 3
0
 /**
  *	Get user ID matching a name
  *
  *	@param string var - name to match
  *
  *	@return boolean|array - FALSE if no match, array of user info if found
  */
 function pm_getuid($var)
 {
     $sql = e107::getDb();
     $var = strip_if_magic($var);
     $var = str_replace("'", ''', trim($var));
     // Display name uses entities for apostrophe
     if ($sql->select('user', 'user_id, user_name, user_class, user_email', "user_name LIKE '" . $sql->escape($var, FALSE) . "'")) {
         $row = $sql->fetch();
         return $row;
     }
     return FALSE;
 }
Ejemplo n.º 4
0
require_once "../../class2.php";
if (!is_object($tp)) {
    $tp = new e_parse();
}
if (!getperms("P") || !plugInstalled('poll')) {
    header("location:" . e_BASE . "index.php");
    exit;
}
$e_sub_cat = 'poll';
include_lan(e_PLUGIN . 'poll/languages/' . e_LANGUAGE . '_admin_poll.php');
require_once e_ADMIN . "auth.php";
require_once e_PLUGIN . "poll/poll_class.php";
require_once e_HANDLER . "form_handler.php";
require_once e_HANDLER . "userclass_class.php";
if (isset($_POST)) {
    $_POST = strip_if_magic($_POST);
}
$rs = new form();
$poll = new poll();
if (isset($_POST['reset'])) {
    unset($poll_id, $_POST['poll_title'], $_POST['poll_option'], $_POST['activate'], $_POST['multipleChoice'], $_POST['showResults'], $_POST['startday'], $_POST['startmonth'], $_POST['startyear'], $_POST['endday'], $_POST['endmonth'], $_POST['endyear']);
    define("RESET", TRUE);
}
$emessage = eMessage::getInstance();
if (varset($_POST['delete'])) {
    $message = $poll->delete_poll(key($_POST['delete']));
    unset($poll_id, $_POST['poll_title'], $_POST['poll_option'], $_POST['activate']);
    $_GET['mode'] = 'list';
}
if (isset($_POST['submit'])) {
    if ($_POST['poll_title']) {