/** * Generate breadcrumbs from an array of name and URLs */ public static function breadcrumbs_admin(array $links) { foreach ($links as $name => $url) { if ($name != '' && $url != '') { $tmp[] = '<span><a href="' . $url . '">' . Utils::escape($name) . '</a></span>'; } else { $tmp[] = '<span>' . __('Deleted') . '</span>'; return implode(' » ', $tmp); } } return implode(' » ', $tmp); }
public function code($code, $lang = null, $escaped = false) { if (isset($this->options['highlight'])) { $out = $this->options['highlight']($code, $lang); if ($out != null && $out !== $code) { $escaped = true; $code = out; } } if (!$lang) { return '<pre><code>' . ($escaped ? $code : Utils::escape($code, true)) . "\n</code></pre>"; } return '<pre><code class="' . $this->options['langPrefix'] . Utils::escape($lang, true) . '">' . ($escaped ? $code : Utils::escape($code, true)) . "\n</code></pre>\n"; }
protected function error($msg, $http_status = null, $no_back_link) { // Did we receive a custom header? if (!is_null($http_status)) { header('HTTP/1.1 ' . $http_status); } $http_status = (int) $http_status; if ($http_status > 0) { $this->feather->response->setStatus($http_status); } // Overwrite existing body $this->feather->response->setBody(''); if (!defined('FEATHER_HEADER')) { $this->feather->template->setPageInfo(array('title' => array(Utils::escape($this->feather->config['o_board_title']), __('Info')))); } $this->feather->template->setPageInfo(array('msg' => $msg, 'no_back_link' => $no_back_link))->addTemplate('message.php')->display(); // Don't display anything after a message $this->feather->stop(); }
* along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA **/ define('__ARMORY__', true); define('load_characters_class', true); define('load_mangos_class', true); define('load_items_class', true); define('load_search_class', true); if (!@(include 'includes/armory_loader.php')) { die('<b>Fatal error:</b> unable to load system files.'); } header('Content-type: text/xml'); $advancedItemsSearch = false; $findGearUpgrade = false; if (isset($_GET['searchQuery'])) { $search->searchQuery = Utils::escape($_GET['searchQuery']); } if (isset($_GET['source'])) { $advancedItemsSearch = true; $search->get_array = $_GET; } if (isset($_GET['pi']) && is_numeric($_GET['pi']) && $_GET['pi'] > 0) { $findGearUpgrade = true; $itemID = (int) $_GET['pi']; } if (isset($_GET['rrt']) && $_GET['rrt'] == 'hm') { $search->heirloom = true; } if (!isset($_GET['searchQuery']) && !isset($_GET['source']) && !isset($_GET['pi']) && !isset($_GET['rrt'])) { $xml->LoadXSLT('error/error.xsl'); $xml->XMLWriter()->startElement('page');
foreach ($allOrders as $eachOrder) { ?> <?php if ($_SESSION['user_id'] == $eachOrder->getUserId()) { ?> <tr> <td> <?php echo $eachOrder->getId(); ?> </td> <td> <?php echo $eachOrder->getBusinessId(); ?> </td> <td> <?php Utils::escape(Utils::formatDateTime($eachOrder->getDate())); ?> </td> <td> <?php echo $eachOrder->getStatus(); ?> </td> <td> <?php echo $eachOrder->getAssignedTo(); ?> </td> <td> <?php echo $eachOrder->getOrderDetails(); ?> </td> </tr>
echo Utils::escape($eachOrder->getBusinessId()); ?> </td> <td> <?php Utils::escape(Utils::formatDateTime($eachOrder->getDate())); ?> </td> <td> <?php echo Utils::escape($eachOrder->getStatus()); ?> </td> <td> <?php echo Utils::escape($eachOrder->getAssignedTo()); ?> </td> <td> <?php echo Utils::escape($eachOrder->getOrderDetails()); ?> </td> </tr> <?php } ?> <?php } ?> </tbody> </table> </div> </div>
} ?> <form action="#" method="post"> <fieldset> <div class="field"> <label>First name:</label> <input type="text" name="flight_booking[first_name]" value="<?php echo Utils::escape($flightBooking->getFirstName()); ?> "/> </div> <div class="field"> <label>Date:</label> <input type="date" name="flight_booking[date]" value="<?php echo Utils::escape($flightBooking->getDate()->format('Y-m-d')); ?> "/> </div> <div class="field"> <label>No of passengers:</label> <select name="flight_booking[no_of_passengers]"> <?php for ($i = 1; $i < 6; ++$i) { ?> <option value="<?php echo $i; ?> " <?php if ($i == $flightBooking->getNoOfPassengers()) {
?> " required> <span id="firstnameError" class="error">Please enter your first name</span> </div> <div> <label for="lastname">Last Name</label> <input onblur="validateForm('lastname')" id="lastname" type="text" name="member[last_name]" value="<?php echo Utils::escape($member->getLast_name()); ?> " required> <span id="lastnameError" class="error">Please enter your last name</span> </div> <div> <label for="email">Email</label> <input onblur="validateEmail()" id="email" type="text" name="member[email]" value="<?php echo Utils::escape($member->getEmail()); ?> " required> <span id="emailError" class="error">Please enter your email</span> <span id="emailNotValid" class="error">Not a valid Email</span> </div> <div id="sign_up"> <input type="submit" name="sign_up" value="Sign Up" class="submit" /> </div> </form> <script src="../scripts/formvalidation.js"></script> </body>
public function addAsset($type, $asset, $params = array()) { $type = (string) $type; if (!in_array($type, array('js', 'css', 'feed', 'canonical', 'prev', 'next'))) { throw new \Exception('Invalid asset type : ' . $type); } if (in_array($type, array('js', 'css')) && !is_file($this->app->forum_env['FEATHER_ROOT'] . $asset)) { throw new \Exception('The asset file ' . $asset . ' does not exist'); } $params = array_merge(static::getDefaultParams($type), $params); if (isset($params['title'])) { $params['title'] = Utils::escape($params['title']); } $this->assets[$type][] = array('file' => (string) $asset, 'params' => $params); }
?> "><img class="item_img" src="<?php echo Utils::escape($item->getImg_url()); ?> " alt="item"></a> <div class="tags"> <a class="item_button" href="index.php?page=detail&item_id=<?php echo Utils::escape($item->getItem_id()); ?> "><?php echo Utils::escape($item->getItem_name()); ?> </a> <div class="price"> <p class="price"><?php echo '$' . Utils::escape($item->getItem_price()); ?> </p> </div> </div> </div> <?php } ?> <?php } ?>
<form action="#" method="post"> <fieldset> <div class="field"> <label>First name:</label> <input type="text" name="flight_booking[first_name]" value="<?php echo Utils::escape($flightBooking->getFirstName()); ?> "/> <label>Last name:</label> <input type="text" name="flight_booking[last_name]" value="<?php echo Utils::escape($flightBooking->getLastName()); ?> "/> <label>Flight date:</label> <input type="date" name="flight_booking[flight_date]" value="<?php echo Utils::escape($flightBooking->getFlightDate()); ?> "/> </div> <div class="field"> <label>No of passengers:</label> <select name="flight_booking[no_of_passengers]"> <?php for ($i = 1; $i < 6; ++$i) { ?> <option value="<?php echo $i; ?> " <?php if ($i == $flightBooking->getNoOfPassengers()) {
/* define variable */ $list = $page->list; ?> <div class="container"> <div class="row"> <div class="col-md-8 col-md-offset-2"> <h3 class="text-left"> Delete list <b><?php echo Utils::escape($list['name']); ?> </b> ? </h3> <form method="post" action=""> <input type="submit" class="btn btn-t-contrast" value="Yes"> <a href="<?php echo $routes['list_view'] . '?id=' . Utils::escape($list['id']); ?> " class="btn btn-t-plain">Cancel</a> </form> <hr> </div> </div> </div> <?php require 'includes/scripts.php'; ?> </body> </html>
while ($item = $page->items->fetchArray(SQLITE3_ASSOC)) { ?> <li data-id="<?php echo $item['id']; ?> " <?php echo $item['completed'] == 1 ? 'class="completed"' : ''; ?> > <input type="checkbox" <?php echo $item['completed'] == 1 ? 'checked' : ''; ?> > <input type="text" value="<?php echo Utils::escape($item['content']); ?> "> <a href="#">Remove</a> </li> <?php } ?> </ul> </div> </div> </div> <?php require 'includes/scripts.php';
public function __construct($message, $code = 400, $backlink = true) { parent::__construct(Utils::escape($message), $code); $this->backlink = (bool) $backlink; }
<div class="field"> <label>id:</label> <input type="text" name="user[id]" value="<?php echo Utils::escape($foundUser->getId()); ?> "/> <label>name:</label> <input type="text" name="user[first_name]" value="<?php echo Utils::escape($foundUser->getFirstName()); ?> "/> <label>Password:</label> <input type="text" name="user[user_password]" value="<?php echo Utils::escape($foundUser->getUserPassword()); ?> "/> </div> <div class="wrapper"> <input type="submit" name="update" value="UPDATE RECORD" class="submit" /> </div> </fieldset> </form> <?php } ?>
<?php foreach ($foodOrders as $foodOrder) { ?> <tr> <td><?php echo $foodOrder->getProductName(); ?> </td> <td><?php echo $foodOrder->getFullName(); ?> </td> <!--<td>//php echo $foodOrder->getPhoneNumber(); ?></td>--> <td><?php echo Utils::escape(Utils::formatDateTime($foodOrder->getDate())); ?> </td> <!--<td>//php echo $foodOrder->pickupTime();?></td>>--> <td><a href="index.php?page=order-add-edit&id=<?php echo $foodOrder->getOrderId(); ?> &product_id=<?php echo $foodOrder->getProductId(); ?> ">Change status</a> <a href="index.php?page=change-status&id=<?php echo $foodOrder->getOrderId(); ?> &cmd=<?php echo FoodOrder::VOIDED;
?> </li> <?php } ?> </ul> <?php } ?> <form action="#" method="post"> <fieldset> <div class="field"> <label>First name:</label> <input type="text" name="flight_booking[first_name]" value="<?php echo Utils::escape($flightBooking->getFirstName()); ?> "/> </div> <div class="field"> <label>No of passengers:</label> <select name="flight_booking[no_of_passengers]"> <?php for ($i = 1; $i < 6; ++$i) { ?> <option value="<?php echo $i; ?> " <?php if ($i == $flightBooking->getNoOfPassengers()) {
protected function getDefaultPageInfo() { // Check if config file exists to avoid error when installing forum if (!$this->app->cache->isCached('quickjump') && is_file($this->app->forum_env['FORUM_CONFIG_FILE'])) { $this->app->cache->store('quickjump', \FeatherBB\Model\Cache::get_quickjump()); } $data = array('title' => Utils::escape($this->app->forum_settings['o_board_title']), 'page_number' => null, 'active_page' => 'index', 'focus_element' => null, 'is_indexed' => true, 'admin_console' => false, 'page_head' => null, 'paging_links' => null, 'required_fields' => null, 'footer_style' => null, 'quickjump' => $this->app->cache->retrieve('quickjump'), 'fid' => null, 'pid' => null, 'tid' => null); if (is_object($this->app->user) && $this->app->user->is_admmod) { $data['has_reports'] = \FeatherBB\Model\Header::get_reports(); } if ($this->app->forum_env['FEATHER_SHOW_INFO']) { $data['exec_info'] = \FeatherBB\Model\Debug::get_info(); if ($this->app->forum_env['FEATHER_SHOW_QUERIES']) { $data['queries_info'] = \FeatherBB\Model\Debug::get_queries(); } } return $data; }
?> <tr> <td> <?php echo $flightBooking->getFirstName(); ?> </td> <td> <?php echo $flightBooking->getNoOfPassengers(); ?> </td> <td> <?php echo $flightBooking->getLastName(); ?> </td> <td> <?php echo Utils::escape(Utils::formatDateTime($flightBooking->getDate())); ?> </td> <td> <a href="index.php?page=add-edit&id=<?php echo $flightBooking->getId(); ?> ">Edit</a> | <a href="index.php?page=change-status&id=<?php echo $flightBooking->getId(); ?> &cmd=<?php echo $flightBooking::VOIDED; ?> &status=<?php echo $flightBooking->getStatus(); ?>
* but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA **/ define('__ARMORY__', true); define('load_characters_class', true); define('load_achievements_class', true); define('load_mangos_class', true); if (!@(include 'includes/armory_loader.php')) { die('<b>Fatal error:</b> can not load main system files!'); } $characters->name = Utils::escape($_GET['cn']); $achievementsCategory = (int) $_GET['c']; $characters->_structCharacter(); $faction = $characters->faction == 1 ? 0 : 1; if (empty($characters->name) || empty($achievementsCategory)) { die('{"js":{"achievements":"' . $armory->tpl->get_config_vars('armory_character_achievements_unable_to_load') . '"},"text":""}'); } $query = $armory->aDB->select("\n SELECT `id`, `parentAchievement`, `name_" . $_locale . "`, `description_" . $_locale . "`, `points`, `iconname`, `titleReward_" . $_locale . "`\n FROM `armory_achievement`\n WHERE `categoryId`=? AND `factionFlag` IN (?, '-1')", $achievementsCategory, $faction); $cc = $armory->aDB->selectPage($totalCount, "SELECT `id`\n FROM `armory_achievement`\n WHERE `categoryId`=? AND `factionFlag` IN (?, '-1')", $achievementsCategory, $faction); $total = 0; $string = ''; $uncompleted = ''; $prestring = ''; $achievements->guid = $characters->guid; foreach ($query as $ach) { $achievements->achId = $ach['id'];
<?php } ?> ><?php echo $i; ?> </option> <?php } ?> </select> </div> <div class="field"> <label>Content:</label> <textarea cols="50" rows="4" type="text" name="content" value="<?php echo Utils::escape($blogPost->getContent()); ?> "></textarea> </div> <script src="//tinymce.cachefly.net/4.0/tinymce.min.js"></script> <script> tinymce.init({ selector: "textarea", plugins: [ "advlist autolink lists link image charmap print preview anchor", "searchreplace visualblocks code fullscreen", "insertdatetime media table contextmenu paste" ], toolbar: "insertfile undo redo | styleselect | bold italic | alignleft aligncenter alignright alignjustify | bullist numlist outdent indent | link image" }); </script>
<select name = "food_order[status]"> <option value = "PENDING">Pending</option> <option value= "COOKING">Cooking</option> <option value= "READY">Ready</option> </select> <?php } ?> <!--<div class="field"> <label>Date:</label> <input type="date" name="food_order[date]" value="<?php echo Utils::escape($foodOrder->getDate()->format('Y-m-d')); ?> "/> </div> --> <!--<select name = "food_order[pickup_time]">--> <!--<option value=""disabled selected>Pick up time --> <!--<option value="a">17:00</option>--> <!--<option value="b">17:15</option>--> <!--<option value="c">17:30</option>--> <!--<option value="d">17:45</option>--> <!--<option value="e">18:00</option>--> <!--<option value="f">18:15</option>--> <!--<option value="g">18:30</option>--> <!--<option value="h">18:45</option>-->
**/ define('__ARMORY__', true); define('load_characters_class', true); define('load_guilds_class', true); define('load_achievements_class', true); if (!@(include 'includes/armory_loader.php')) { die('<b>Fatal error:</b> can not load main system files!'); } // Additional CSS $armory->tpl->assign('addCssSheet', '@import "_css/int.css";'); if (isset($_GET['n'])) { $charname = $_GET['n']; } elseif (isset($_GET['cn'])) { $charname = $_GET['cn']; } $characters->name = Utils::escape($charname); // Check if (!$characters->IsCharacter()) { $armory->ArmoryError($armory->tpl->get_config_vars('armory_error_profile_unavailable_title'), $armory->tpl->get_config_vars('armory_error_profile_unavailable_text')); } // All ok, generate basic character info $characters->_structCharacter(); $achievements->guid = $characters->guid; $guilds->guid = $characters->guid; // Send data to Smarty $armory->tpl->assign('class', $characters->class); $armory->tpl->assign('race', $characters->race); $armory->tpl->assign('name', $characters->name); $armory->tpl->assign('level', $characters->level); $armory->tpl->assign('realm', $armory->armoryconfig['defaultRealmName']); $armory->tpl->assign('portrait_path', $characters->characterAvatar());
<?php foreach ($comment_list as $cmt) { ?> <?php while (Utils::escape($cmt->getItem_id() == $item_id)) { ?> <div class="single_comment"> <h1> <?php echo Utils::escape($cmt->getUsername()); ?> </h1> <p> <?php echo Utils::escape($cmt->getComment()); ?> </p> </div> <?php break; ?> <?php } ?> <?php } ?> <?php }
protected function getDefaultPageInfo() { // Check if config file exists to avoid error when installing forum if (!Container::get('cache')->isCached('quickjump') && is_file(ForumEnv::get('FORUM_CONFIG_FILE'))) { Container::get('cache')->store('quickjump', \FeatherBB\Model\Cache::get_quickjump()); } $title = Container::get('forum_settings') ? ForumSettings::get('o_board_title') : 'FeatherBB'; $data = array('title' => Utils::escape($title), 'page_number' => null, 'active_page' => 'index', 'focus_element' => null, 'is_indexed' => true, 'admin_console' => false, 'page_head' => null, 'paging_links' => null, 'required_fields' => null, 'footer_style' => null, 'quickjump' => Container::get('cache')->retrieve('quickjump'), 'fid' => null, 'pid' => null, 'tid' => null); if (is_object(User::get()) && User::get()->is_admmod) { $data['has_reports'] = \FeatherBB\Model\Admin\Reports::has_reports(); } if (ForumEnv::get('FEATHER_SHOW_INFO')) { $data['exec_info'] = \FeatherBB\Model\Debug::get_info(); if (ForumEnv::get('FEATHER_SHOW_QUERIES')) { $data['queries_info'] = \FeatherBB\Model\Debug::get_queries(); } } return $data; }
<input type="email" name="email" value="<?php echo Utils::escape($blogMember->getEmail()); ?> "/> </div> <div class="field"> <label>Password:</label> <input type="password" name="password" value="<?php echo Utils::escape($blogMember->getPassword()); ?> "/> </div> <div class="field"> <label>Confirm Password:</label> <input type="password" name="password" value="<?php echo Utils::escape($blogMember->getPassword()); ?> "/> </div> </fieldset> <div class="wrapper"> <!-- <input type="submit" name="cancel" value="CANCEL" class="submit" />--> <input type="submit" name="save" value="<?php echo $edit ? 'EDIT' : 'ADD'; ?> " class="submit" /> </div> </fieldset> </form>
echo Utils::escape($eachOrder->getStatus()); ?> ">PAID</a> </td> <td><button class="all-orders-table-button"> <a class="all-orders-table-button-a-tag" href="index.php?page=changestatus&id=<?php echo Utils::escape($eachOrder->getId()); ?> &user_id=<?php echo Utils::escape($eachOrder->getUserId()); ?> &cmd=<?php echo $eachOrder::DELIVERED; ?> &status=<?php echo Utils::escape($eachOrder->getStatus()); ?> ">DELIVERED</a> </td> </tr> <?php } ?> </tbody> </table> <?php } ?> </div> </div> </div>
<button><a href="index.php?page=dashboard&order=1"> make order </a></button> <?php if (!isset($_GET['order'])) { $_GET['order'] = null; } if ($_GET['order'] == 1) { ?> <form action="#" method="post"> <fieldset> <div class="field"> <label>order details:</label> <textarea name="orders[order_details]" value=""></textarea></br> <label>order date:</label> <input type="date" name="orders[order_date]" value="<?php echo Utils::escape($orderObj->getDate()->format('Y-m-d')); ?> "/></br> <label>Business:</label> <select name="business[id]"> <?php foreach ($businesses as $business_id => $business) { ?> <option value="<?php echo $business['id']; ?> "> <?php echo $business['business_name']; ?> </option>
* GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA **/ define('__ARMORY__', true); define('load_characters_class', true); define('load_guilds_class', true); define('load_items_class', true); if (!@(include 'includes/armory_loader.php')) { die('<b>Fatal error:</b> unable to load system files.'); } header('Content-type: text/xml'); if (isset($_GET['gn'])) { $guilds->guildName = Utils::escape($_GET['gn']); } else { $guilds->guildName = false; } $isGuild = $guilds->initGuild(); if (!$isGuild) { // Load XSLT template $xml->LoadXSLT('error/error.xsl'); $xml->XMLWriter()->startElement('page'); $xml->XMLWriter()->writeAttribute('globalSearch', 1); $xml->XMLWriter()->writeAttribute('lang', $armory->_locale); $xml->XMLWriter()->startElement('errorhtml'); $xml->XMLWriter()->endElement(); //errorhtml $xml->XMLWriter()->endElement(); //page
public function GetItemIdByName($name) { $name = Utils::escape(urldecode($name)); return $this->armory->wDB->selectCell("SELECT `entry` FROM `item_template` WHERE `name` = '%s' LIMIT 1", $name); }