Ejemplos de sanitizer::getWebData en PHP

Ejemplo n.º 1

Archivo: server.php Proyecto: hostellerie/nexpro

         $data['fid'] = $_CLEAN['fid'];
         $data['displayhtml'] = nexdocsrv_filedetails($_CLEAN['fid']);
     } else {
         $data['retcode'] = 400;
     }
     $retval = json_encode($data);
     break;
 case 'updatefile':
     $textvars = array('filetitle' => $_POST['filetitle'], 'description' => $_POST['description'], 'tags' => $_POST['tags'], 'approved' => $_POST['approved'], 'vernote' => $_POST['version_note']);
     $intvars = array('folder' => $_POST['folder'], 'fid' => $_POST['id'], 'version' => $_POST['version']);
     $filter->setCheckhtml(false);
     // Need to disable HTML filter or even new lines are removed
     $filter->cleanData('int', $intvars);
     $filter->cleanData('text', $textvars);
     $_CLEAN = $filter->normalize($filter->getDbData('', '', false));
     $_WEB = $filter->normalize($filter->getWebData());
     $data['tagerror'] = '';
     $query = DB_query("SELECT fname,cid,version FROM {$_TABLES['nxfile_files']} WHERE fid={$_CLEAN['fid']}");
     list($fname, $cid, $curVersion) = DB_fetchArray($query);
     $tagcloud = new nexfileTagCloud();
     if (fm_getPermission($cid, 'view', 0, false) and !$tagcloud->update_tags($_CLEAN['fid'], $_POST['tags'])) {
         $data['tagerror'] = 'Tags not added - Group view perms requried';
     }
     $date = time();
     $filemoved = false;
     if ($_CLEAN['approved'] == 'false') {
         $sql = "UPDATE {$_TABLES['nxfile_filesubmissions']} SET title='{$_CLEAN['filetitle']}', description='{$_CLEAN['description']}', ";
         $sql .= "version_note='{$_CLEAN['vernote']}', cid={$_CLEAN['folder']}, tags='{$_CLEAN['tags']}' WHERE id={$_CLEAN['fid']} ";
         DB_query($sql);
         fm_updateAuditLog("Updated File Submission ID: {$_CLEAN['fid']}");
         $data['cid'] = $_CLEAN['folder'];