/** * Controller for a new_service request * @global array $_POST only set if the browser has POSTed data * @return null */ function add_new_se_to_service_group() { require_once __DIR__ . '/../../../../lib/Gocdb_Services/Factory.php'; // Check to see whether to show the link to "add a new SE to this virtual site" if (!Factory::getConfigService()->IsOptionalFeatureSet("siteless_services")) { throw new Exception("This feature isn't enabled on this GOCDB " . "instance. Configuration keyword: siteless_services"); } if ($_POST) { // If we receive a POST request it's to add a new SE submit_form(); } else { // If there is no post data, draw the New SE form draw_form(); } }
/** * Builds a form from an array. */ function build_form($elements) { static $form_number; $output = ''; // For multiple forms, create a counter. $form_number = isset($form_number) ? 1 : $form_number + 1; // Check for submitted form and validate if (isset($_POST['action']) && $_POST['action'] == 'submit_' . $form_number) { if (validate_form($elements)) { submit_form($elements); } } // Loop through each form element and render it. foreach ($elements as $name => $settings) { switch ($settings['type']) { case 'textarea': $input = '<textarea name="' . $name . '" ></textarea>'; break; case 'submit': $input = '<input type="submit" name="' . $name . '" value="' . $settings['title'] . '">'; $label = ''; default: $input = '<input type="' . $settings['type'] . '" name="' . $name . '" />'; break; } $output .= '<label>' . $settings['title'] . '</label><p>' . $input . '</p>'; } // Wrap a form around the inputs. $output = ' <form action="' . $_SERVER['PHP_SELF'] . '" method="post"> <input type="hidden" name="action" value="submit_' . $form_number . '" /> ' . $output . ' </form>'; // Return the form. return $output; }
$international_paper_conf_presented_desc = addslashes($_POST['international_paper_conf_presented_desc']); $no_paper_published_journal_national = addslashes($_POST['no_paper_published_journal_national']); $no_paper_published_journal_international = addslashes($_POST['no_paper_published_journal_international']); $no_paper_published_books = addslashes($_POST['no_paper_published_books']); $no_paper_published_patents = addslashes($_POST['no_paper_published_patents']); $no_phd_guided_sole = addslashes($_POST['no_phd_guided_sole']); $no_phd_guided_supervisor = addslashes($_POST['no_phd_guided_supervisor']); $no_projects_as_coordinator_sf_completed = addslashes($_POST['no_projects_as_coordinator_sf_completed']); $no_projects_as_coordinator_sf_ongoing = addslashes($_POST['no_projects_as_coordinator_sf_ongoing']); $no_projects_as_coordinator_s_completed = addslashes($_POST['no_projects_as_coordinator_s_completed']); $no_projects_as_coordinator_s_ongoing = addslashes($_POST['no_projects_as_coordinator_s_ongoing']); $dosubmit = date('Y-m-d'); $particulars_prof_exp_other = addslashes($_POST['particulars_prof_exp_other']); $certificates = addslashes($_POST['certificates']); $submitted = 1; $submit1_query = "UPDATE user_info SET name_applicant = '" . $name_applicant . "',name_father = '" . $name_father . "',permanent_address = '" . $permanent_address . "',present_address = '" . $present_address . "',mobile = '" . $mobile . "',phone_no = '" . $phone_no . "',dob = '" . $dob . "',nationality = '" . $nationality . "',place_birth = '" . $place_birth . "',caste = '" . $caste . "' WHERE reg_id = '" . $reg_id . "' "; $submit1_result = mysql_query($submit1_query) or die(mysql_error()); $submit2_query = "UPDATE user_exams SET exam1_name = '" . $exam_name[0] . "',exam1_year = '" . $exam_year[0] . "',exam1_percentage = '" . $exam_percentage[0] . "',exam1_divn = '" . $exam_divn[0] . "',exam1_institute = '" . $exam_institute[0] . "',exam1_univ = '" . $exam_univ[0] . "', exam2_name = '" . $exam_name[1] . "',exam2_year = '" . $exam_year[1] . "',exam2_percentage = '" . $exam_percentage[1] . "',exam2_divn = '" . $exam_divn[1] . "',exam2_institute = '" . $exam_institute[1] . "',exam2_univ = '" . $exam_univ[1] . "',exam3_name = '" . $exam_name[2] . "',exam3_year = '" . $exam_year[2] . "',exam3_percentage = '" . $exam_percentage[2] . "',exam3_divn = '" . $exam_divn[2] . "',exam3_institute = '" . $exam_institute[2] . "',exam3_univ = '" . $exam_univ[2] . "',exam4_name = '" . $exam_name[3] . "',exam4_year = '" . $exam_year[3] . "',exam4_percentage = '" . $exam_percentage[3] . "',exam4_divn = '" . $exam_divn[3] . "',exam4_institute = '" . $exam_institute[3] . "',exam4_univ = '" . $exam_univ[3] . "',exam5_name = '" . $exam_name[4] . "',exam5_year = '" . $exam_year[4] . "',exam5_percentage = '" . $exam_percentage[4] . "',exam5_divn = '" . $exam_divn[4] . "',exam5_institute = '" . $exam_institute[4] . "',exam5_univ = '" . $exam_univ[4] . "' WHERE reg_id = '" . $reg_id . "' "; $submit2_result = mysql_query($submit2_query) or die(mysql_error()); $submit3_query = "UPDATE user_earlier_posts SET post1_name = '" . $post_name[0] . "',post1_from = '" . $post_from[0] . "',post1_to = '" . $post_to[0] . "',post1_total_year = '" . $post_total_year[0] . "',post1_total_month = '" . $post_total_month[0] . "',post1_pay = '" . $post_pay[0] . "',post2_name = '" . $post_name[1] . "',post2_from = '" . $post_from[1] . "',post2_to = '" . $post_to[1] . "',post2_total_year = '" . $post_total_year[1] . "',post2_total_month = '" . $post_total_month[1] . "',post2_pay = '" . $post_pay[1] . "',post3_name = '" . $post_name[2] . "',post3_from = '" . $post_from[2] . "',post3_to = '" . $post_to[2] . "',post3_total_year = '" . $post_total_year[2] . "',post3_total_month = '" . $post_total_month[2] . "',post3_pay = '" . $post_pay[2] . "',post4_name = '" . $post_name[3] . "',post4_from = '" . $post_from[3] . "',post4_to = '" . $post_to[3] . "',post4_total_year = '" . $post_total_year[3] . "',post4_total_month = '" . $post_total_month[3] . "',post4_pay = '" . $post_pay[3] . "',post5_name = '" . $post_name[4] . "',post5_from = '" . $post_from[4] . "',post5_to = '" . $post_to[4] . "',post5_total_year = '" . $post_total_year[4] . "',post5_total_month = '" . $post_total_month[4] . "',post5_pay = '" . $post_pay[4] . "' WHERE reg_id = '" . $reg_id . "'"; $submit3_result = mysql_query($submit3_query) or die(mysql_error()); $submit4_query = "UPDATE user_other_details SET national_paper_conf_count='" . $national_paper_conf_count . "', national_paper_conf_desc='" . $national_paper_conf_desc . "',international_paper_conf_presented_count='" . $international_paper_conf_presented_count . "',international_paper_conf_presented_desc='" . $international_paper_conf_presented_desc . "',no_paper_published_journal_national='" . $no_paper_published_journal_national . "', no_paper_published_journal_national='" . $no_paper_published_journal_international . "',no_paper_published_books='" . $no_paper_published_books . "', no_paper_published_patents='" . $no_paper_published_patents . "',no_phd_guided_sole='" . $no_phd_guided_sole . "',no_phd_guided_supervisor='" . $no_phd_guided_supervisor . "',no_projects_as_coordinator_sf_completed='" . $no_projects_as_coordinator_sf_completed . "',no_projects_as_coordinator_sf_ongoing='" . $no_projects_as_coordinator_sf_ongoing . "',no_projects_as_coordinator_s_completed='" . $no_projects_as_coordinator_s_completed . "',no_projects_as_coordinator_s_ongoing='" . $no_projects_as_coordinator_s_ongoing . "',particulars_prof_exp_other='" . $particulars_prof_exp_other . "',certificates='" . $certificates . "',submitted='" . $submitted . "', dosubmit='" . $dosubmit . "' WHERE reg_id='" . $reg_id . "'"; $submit4_result = mysql_query($submit4_query) or die(mysql_error()); } if (isset($_GET['type']) && $_GET['type'] == 'save') { save_form(); } elseif (isset($_GET['type']) && $_GET['type'] == 'submit') { submit_form(); } else { echo "Invalid request. . ."; }
$injection = $_POST['injection']; $validation = $_POST['validation']; $success = 0; if (0 == strcmp($validation, "allow")) { $success = form_validation($uname, $pwd, $message, $injection); } else { if (0 == strcmp($validation, "block")) { $success = 1; } } if ($success == 1) { $attack = check_blacklist($uname, $pwd); $user_details = strict_form_checking($injection, $uname, $pwd, $message); $uname = $user_details[0]; $pwd = $user_details[1]; submit_form($uname, $pwd, $attack); } } else { echo "<h2>Hmm...I think you reached this page by mistake.</h2>"; } /* * ---------------------------------------------------------------------------# * Perform HTML sanitizing if code injection is blocked. While sanitizing data, * ensure that suspicious characters are subsitututed or encoded with * respective HTML character entities * ---------------------------------------------------------------------------# * */ function strict_form_checking($injection, $uname, $pwd, $message) { if (0 == strcmp($injection, "block")) {
* # form validation. After all tests succeed, submit the signup form * #---------------------------------------------------------------------------# * */ if ($_POST['submit']) { $uname = $_POST['uname']; $pwd = $_POST['pwd']; $email = $_POST['email']; $dob = $_POST['dob']; $sex = $_POST['sex']; $state = $_POST['state']; $city = $_POST['city']; $news = $_POST['news']; $success = form_validation($uname, $pwd, $email, $dob, $sex, $state, $city, $news); if ($success == 1) { submit_form($uname, $pwd, $email, $dob, $sex, $state, $city, $news); } } /* * ---------------------------------------------------------------------------# * Perform form validation and print errors, if any. User goes back to * signup page, if any errors persist, for refilling form correctly this time. * ---------------------------------------------------------------------------# * */ function form_validation($uname, $pwd, $email, $dob, $sex, $state, $city, $news) { $error_message = ""; $error_message = validate_username($uname, $error_message); $error_message = validate_password($pwd, $error_message); $error_message = validate_email($email, $error_message);
echo $element_size['sizer']; ?> "> <?php if (isset($options['zn_cf_desc']) && !empty($options['zn_cf_desc'])) { echo '<p>' . do_shortcode($options['zn_cf_desc']) . '</p>'; } ?> <div id="contact_form" class="rapid_contact "> <form method="post" class="cf_validate form-horizontal zn_form"> <div id="success"></div> <?php submit_form($options); ?> <?php if (isset($options['zn_cf_fields'])) { foreach ($options['zn_cf_fields'] as $field) { if (function_exists($field['zn_cf_type'])) { $field['zn_cf_type']($field); } } } ?> <input type="hidden" name="cform_submit" value="cf_submitted" /> <div class="control-group"> <div class="controls">
function hs_home_slider_scripts() { wp_enqueue_script('jquery'); wp_register_script('easing', plugins_url('js/rhinoslider/easing.js', __FILE__), array("jquery")); wp_enqueue_script('easing'); wp_register_script('mousewheel', plugins_url('js/rhinoslider/mousewheel.js', __FILE__), array("jquery")); wp_enqueue_script('mousewheel'); wp_register_script('rhinoslider-1.05.min', plugins_url('js/rhinoslider/rhinoslider-1.05.min.js', __FILE__), array("jquery")); wp_enqueue_script('rhinoslider-1.05.min'); wp_register_script('rhinoslider-options', plugins_url('js/rhinoslider/rhinoslider-options.js', __FILE__), array("jquery")); wp_enqueue_script('rhinoslider-options'); wp_enqueue_script('rhinoslider-options'); $avalable_options = array('effect', 'easing', 'effecttime', 'showtime', 'animateActive', 'partDelay', 'parts', 'shiftValue', 'slideNextDirection', 'slidePrevDirection', 'changeBullets', 'controlFadeTime', 'controlsKeyboard', 'controlsMousewheel', 'controlsPlayPause', 'controlsPrevNext', 'nextText', 'pauseText', 'playText', 'prevText', 'showBullets', 'showControls', 'autoPlay', 'cycled', 'pauseOnHover', 'randomOrder', 'captionsFadeTime', 'captionsOpacity', 'showCaptions', 'width', 'height'); $config_array[] = array(); foreach ($avalable_options as $AO) { $submited = submit_form($AO); $config_array[$AO] = $submited; } wp_localize_script('rhinoslider-options', 'setting', $config_array); }