protected function clean_str($string) { if (defined('STRICT_TYPES') && CAMEL_CASE == '1') { return (string) self::parameters(['string' => DT::TEXT])->call(__FUNCTION__)->with($string)->returning(DT::TEXT); } else { return (string) clean_str($string); } }
<?php // Copyright (C) 2012 Mark Vejvoda, Titus Tscharntke and Tom Reynolds // The MegaGlest Team, under GNU GPL v3.0 // ============================================================== define('INCLUSION_PERMITTED', true); require_once 'config.php'; require_once 'functions.php'; define('DB_LINK', db_connect()); if (isset($_GET['glestVersion'])) { $glestVersion = (string) clean_str($_GET['glestVersion']); } else { $glestVersion = ""; } $maps_in_db = mysql_db_query(MYSQL_DATABASE, 'SELECT * FROM glestmaps WHERE disabled=0 ORDER BY mapname;'); $all_maps = array(); while ($map = mysql_fetch_array($maps_in_db)) { array_push($all_maps, $map); } unset($maps_in_db); unset($map); db_disconnect(DB_LINK); // Representation starts here header('Content-Type: text/plain; charset=utf-8'); foreach ($all_maps as &$map) { $itemVersion = 'v' . "{$map['glestversion']}"; $addItem = false; if ($glestVersion == '') { if (version_compare("v3.6.0.3", $itemVersion, ">=")) { $addItem = true; }
} $quitBeforeGameEnd = 0; if (isset($_GET['quitBeforeGameEnd_' . $factionNumber])) { $quitBeforeGameEnd = clean_str($_GET['quitBeforeGameEnd_' . $factionNumber]); } $quitTime = 0; if (isset($_GET['quitTime_' . $factionNumber])) { $quitTime = clean_str($_GET['quitTime_' . $factionNumber]); } $playerUUID = ""; if (isset($_GET['playerUUID_' . $factionNumber])) { $playerUUID = (string) clean_str($_GET['playerUUID_' . $factionNumber]); } $playerPlatform = ""; if (isset($_GET['platform_' . $factionNumber])) { $playerPlatform = (string) clean_str($_GET['platform_' . $factionNumber]); } if ($player_statsCount[0] > 0) { $result = mysql_query('UPDATE glestgameplayerstats SET ' . 'gameUUID=\'' . mysql_real_escape_string($gameUUID) . '\', ' . 'factionIndex=' . $factionIndex . ', ' . 'controlType=' . $controlType . ', ' . 'resourceMultiplier=' . $resourceMultiplier . ', ' . 'factionTypeName=\'' . mysql_real_escape_string($factionTypeName) . '\', ' . 'personalityType=' . $personalityType . ', ' . 'teamIndex=' . $teamIndex . ', ' . 'wonGame=' . $wonGame . ', ' . 'killCount=' . $killCount . ', ' . 'enemyKillCount=' . $enemyKillCount . ', ' . 'deathCount=' . $deathCount . ', ' . 'unitsProducedCount=' . $unitsProducedCount . ', ' . 'resourceHarvestedCount=' . $resourceHarvestedCount . ', ' . 'playerName=\'' . mysql_real_escape_string($playerName) . '\', ' . 'quitBeforeGameEnd=' . $quitBeforeGameEnd . ', ' . 'quitTime=' . $quitTime . ', ' . 'playerUUID=\'' . mysql_real_escape_string($playerUUID) . '\', ' . 'platform=\'' . mysql_real_escape_string($playerPlatform) . '\', ' . 'lasttime=' . 'now()' . ' ' . 'WHERE ' . $whereClause . ' AND factionIndex = ' . $factionIndex . ';'); if (!$result) { die('part 1b: Invalid query: ' . mysql_error()); } //echo 'OK1 $factionNumber = ' . $factionNumber; echo 'OK1b' . $factionNumber; } else { $result = mysql_query('INSERT INTO glestgameplayerstats SET ' . 'gameUUID=\'' . mysql_real_escape_string($gameUUID) . '\', ' . 'factionIndex=' . $factionIndex . ', ' . 'controlType=' . $controlType . ', ' . 'resourceMultiplier=' . $resourceMultiplier . ', ' . 'factionTypeName=\'' . mysql_real_escape_string($factionTypeName) . '\', ' . 'personalityType=' . $personalityType . ', ' . 'teamIndex=' . $teamIndex . ', ' . 'wonGame=' . $wonGame . ', ' . 'killCount=' . $killCount . ', ' . 'enemyKillCount=' . $enemyKillCount . ', ' . 'deathCount=' . $deathCount . ', ' . 'unitsProducedCount=' . $unitsProducedCount . ', ' . 'resourceHarvestedCount=' . $resourceHarvestedCount . ', ' . 'playerName=\'' . mysql_real_escape_string($playerName) . '\', ' . 'quitBeforeGameEnd=' . $quitBeforeGameEnd . ', ' . 'quitTime=' . $quitTime . ', ' . 'platform=\'' . mysql_real_escape_string($playerPlatform) . '\', ' . 'playerUUID=\'' . mysql_real_escape_string($playerUUID) . '\';'); if (!$result) { die('part 2b: Invalid query: ' . mysql_error()); } //echo 'OK2 $factionNumber = ' . $factionNumber; echo 'OK2b' . $factionNumber;
function clean_ar(array $array) { foreach ($array as $key => $value) { $array[$key] = clean_str($value); } }
$sql = "SELECT username FROM brandon.2601166_entity_users WHERE username = '******'uname']}'"; $response = $connect->query($sql); if ($response === null) { //Do nothing } else { if ($response->num_rows != 0) { $error['extras'] .= "<br />Username already in use!"; $_POST['uname'] = ""; } } } if (!empty($_POST['fname'])) { clean_str($_POST['fname']); } if (!empty($_POST['lname'])) { clean_str($_POST['lname']); } if (!empty($_POST['pass']) && !empty($_POST['cpass'])) { if ($_POST['pass'] != $_POST['cpass']) { $_POST['cpass'] = ""; $error['extras'] .= "<br />Passwords don't match!"; } } $error['display'] = "table-header-group"; foreach ($_POST as $key => $value) { if (empty($value)) { $error[$key] = "*"; $content[$key] = ""; } else { $error[$key] = ""; $content[$key] = trim($value);
} $html .= '</ul></div>'; echo $html; } date_default_timezone_set('GMT'); $data_file = dirname(__FILE__) . DIRECTORY_SEPARATOR . 'data.dat'; $timezone = 'Asia/Kuala_Lumpur'; $per_page = 25; $sys_msg = ''; $status = array(0 => 'Not started', 1 => 'In progress', 2 => 'Done', 3 => 'Archived'); $priority = array(1 => 'Low', 2 => 'Normal', 3 => 'High'); $input = array_map('urldecode', $_GET) + $_POST; $checklist = ds_get(); $input['do'] = @clean_str($input['do']); $input['task'] = @clean_str($input['task']); $input['remark'] = @clean_str($input['remark']); $input['status'] = @(int) $input['status']; $input['priority'] = @(int) $input['priority']; $input['id'] = @(int) $input['id']; $input['pg'] = @(int) $input['pg']; if ($input['pg'] == 0) { $input['pg'] = 1; } if (in_array($input['do'], array('save', 'update'))) { if (strlen($input['task']) < 5) { $sys_msg = 'Min. length for new task is 5 characters.'; } if (strlen($input['task']) > 500) { $sys_msg = 'Max. length for new task is 500 characters.'; } }
<?php if (isset($_POST['register'])) { clean_ar($_POST); $gender = null; if (isset($_POST['gender'])) { $gender = clean_str($_POST['gender']); } $_POST['city'] = strtolower($_POST['city']); Auth::Register($user, $gender, $_POST['birthday'], $_POST['state'], $_POST['city'], $_POST['like_sex'], (int) $_POST['height'], (double) $_POST['weight'], sqlc_bool(isset($_POST['search_chat'])), sqlc_bool(isset($_POST['search_friend'])), sqlc_bool(isset($_POST['search_relation'])), sqlc_bool(isset($_POST['search_sex']))); header("Location: main.php"); } $body .= "\n<article class='fm-post fm-article'>\n <h2 class='fm-postheader'><a href='Blog Posts/new-post-2.html'>Registrazione</a>\n </h2>\n <div class='fm-postcontent fm-postcontent-2 clearfix'>\n <div class='fm-content-layout'>\n <div class='fm-content-layout-row'>\n <div class='fm-layout-cell layout-item-0' style='width: 100%'>\n <p>\n <form method='post' action='?pg=register'>\n <table border='1'>\n <tr><td>Nome:</td><td>" . $user->getFirstName() . "</td></tr>\n<tr><td>Cognome:</td><td>" . $user->getLastName() . "</td></tr>\n<tr><td>Sesso:</td>\n <td><input type='radio' name='gender' value='m' "; if ($user->getGender() == 'male') { $body .= 'checked'; } $body .= "> M\n <input type='radio' name='gender' value='f' "; if ($user->getGender() == 'female') { $body .= 'checked'; } $body .= "> F\n <input type='radio' name='gender' value='na' "; if ($user->getGender() == null) { $body .= 'checked'; } $body .= "> N/A\n </td>\n</tr>\n<tr><td>Compleanno:</td><td><input type='date' name='birthday' required></td></tr>\n<tr><td>Stato:</td><td><input type='text' name='state' required></td></tr>\n<tr><td>Città:</td><td><input type='text' name='city' required></td></tr>\n<tr><td>Mi piacciono:</td><td>\n <input type='radio' name='like_sex' value='m'> Uomini\n <input type='radio' name='like_sex' value='f'> Donne\n <input type='radio' name='like_sex' value='mf' checked> Uomini e Donne\n </td></tr>\n<tr><td>Cerco:</td><td> <input type='checkbox' name='search_chat'> Chat\n <input type='checkbox' name='search_friend'> Amicizia\n <input type='checkbox' name='search_relation'> Relazione\n <input type='checkbox' name='search_sex'> Sesso\n</td></tr>\n<tr><td>Peso:</td><td><input type='text' name='weight' required></td></tr>\n<tr><td>Altezza:</td><td><input type='text' name='height' required></td></tr>\n<tr><td colspan='2'><input type='submit' name='register' value=' Registrami! '></td> </tr>\n</table>\n</form>\n</p>\n</div>\n</div>\n</div>\n</div>\n\n</article>";
function save_data_sql($i, &$SQL, $imp, $txt, $numCM, $numC, $arrPK, $cols, &$numIns, $numL, $sql) { $arr = @explode($imp['sepC'], $txt, $numCM); foreach ($arr as $j => $v) { $arr[$j] = @clean_str($v); } for ($k = 0; $k < $numC; $k++) { $v = $arr[$k]; if (@strtoupper($v) == 'NULL') { $v = 'NULL'; } elseif (!@is_numeric($v)) { $v = "'" . @addslashes($v) . "'"; } if (!$imp['pk']) { $arrD[] = $v; } elseif (@in_array($k, $arrPK)) { $arrWhere[] = $cols[$k] . ($v == 'NULL' ? ' IS ' : '=') . $v; } else { $arrD[] = $cols[$k] . "={$v}"; } } if (!$imp['pk']) { $numIns++; if (!$SQL) { $SQL = $sql; } $SQL .= "(" . @implode(",", $arrD) . ")"; if ($numIns == $numL) { @save_data_sql_run($i, $SQL, $imp); $SQL = ""; $numIns = 0; } else { $SQL .= ",\n"; } } else { @save_data_sql_run($i, $sql . @implode(",", $arrD) . " WHERE " . @implode(" AND ", $arrWhere), $imp); } }
?> <?php foreach ($groups as $group) { ?> <label class="checkbox"<?php if (!empty($group->group_description)) { echo ' title="' . clean_str($group->group_description) . '"'; } ?> > <input type="checkbox" name="group[]" value="<?php echo $group->id; ?> " /> <strong><?php echo clean_str($group->group_name); ?> </strong> - (<em><?php echo $this->newsletters->count_users($group->id); ?> Users</em>) </label><br /> <?php } ?> </fieldset> </td> <td> <h4>You may add as many additional recipients as you like. Please provide a comma or line separated list of email addresses to send this mail to. Each user will be emailed separately.</h4> <textarea name="additional_recipients"></textarea>
echo "ERROR fb_album is not a number! ({$fb_album_id})"; exit; } $photos = $fb->get("/{$fb_album_id}/photos?fields=picture", $token)->getGraphEdge()->asArray(); foreach ($photos as $photo) { echo "<a href='?pg=album&show_album={$album_id}&fb_upload={$photo['id']}'> <img src='{$photo['picture']}'> </a>"; } break; default: echo "ERROR!"; } exit; } //delete image if (isset($_GET['delete_photo'])) { $photo_id = clean_str($_GET['delete_photo']); if (is_numeric($photo_id)) { $DB->query("delete from photo where id= {$photo_id}"); } } //facebook upload image if (isset($_GET['fb_upload'])) { $fb_photo_id = $_GET['fb_upload']; $fb_photo = $fb->get("/{$fb_photo_id}?fields=picture", $token)->getGraphNode()->asArray(); $DB->query("insert into photo values ( null, {$album_id}, '{$fb_photo['picture']}', 'facebook' )"); if ($DB->error != null) { echo "DB error: {$DB->error} ({$DB->errno})"; } } //upload image if (isset($_GET['uploaded'])) {
function remove_tag_with_this_needle($str, $needle) { $pos = stripos($str, $needle); //get pos of needle if ($pos != "") { $char = ""; $accumulate = ""; $start_get = false; while ($char != "<") { $pos--; $char = substr($str, $pos, 1); if ($char == " ") { $start_get = true; } if ($start_get) { $accumulate .= $char; } } //print "pos_of_start_tag [$pos]<br>"; $pos_of_start_tag = $pos; //now determine what type of tag it is $accumulate = substr($accumulate, 0, strlen($accumulate) - 1); $accumulate = reverse_str($accumulate); //print "<hr>$str<hr>$accumulate"; //now find the pos of the end tag e.g. </div $char = ""; $pos = $pos_of_start_tag; $end_tag = "</" . $accumulate . ">"; //print "<br>end tag is " . $end_tag; while ($char != $end_tag) { $pos++; $char = substr($str, $pos, strlen($end_tag)); } //print"<hr>pos of end tag [$pos]<hr>"; $pos_of_end_tag = $pos; $str = remove_substr_from_this_position($str, $pos_of_start_tag, $pos_of_end_tag, strlen($end_tag)); if (stripos($str, $needle) != "") { $str = remove_tag_with_this_needle($str, $needle); } } return trim(clean_str($str)); }
public function GetIDOrganization($sekondname) { include_once 'db.php'; $sekondname = clean_str($sekondname); $resull_org = mysql_query("SELECT * FROM `site_base.organization` WHERE `findnamesecond`='{$sekondname}'"); echo $sekondname; if ($myorg = mysql_fetch_array($resull_org)) { return $myorg['id']; } else { $ret = 0; echo ' ошибка '; return $ret; } }
function get_agent($str) { $str = trim(clean_str($str)); $str = strip_tags($str); $agent = ""; if (substr($str, strlen($str) - 1) != ")") { return ""; } //get start pos of agent $pos = find_pos_of_this_char_by_moving_backwards($str, "("); if ($pos != "") { $agent = trim(substr($str, $pos, strlen($str))); //get end pos of agent $pos = find_pos_of_this_char_by_moving_backwards($agent, ")"); if ($pos != "") { $agent = substr($agent, 0, $pos + 1); } $agent = str_replace("e.g.,", '', $agent); //remove 1st char if ';' or '"' or '(' if (in_array(substr($agent, 0, 1), array(';', '"'))) { $agent = trim(substr($agent, 1, strlen($agent))); } } else { $agent = ""; } $agent = trim(remove_chars($agent)); return $agent; }
function get_tabular_data($str) { global $wrap; /* <table> <tr> <td>field 1</td> <td>value 1</td> </tr> <tr> <td>field 2</td> <td>value 3</td> </tr> </table> */ $str = str_ireplace('<tr', "xxx<tr", $str); $str = str_ireplace('xxx', "&arr[]=", $str); $str = trim($str); $arr = array(); parse_str($str); //print "after parse_str recs = " . count($arr) . "$wrap $wrap"; $arr_tr = $arr; $i = 0; $rights = ""; $publisher = ""; foreach ($arr_tr as $tr) { $i++; $tr = str_ireplace("<td", "xxx<td", $tr); $tr = str_ireplace('xxx', "&arr[]=", $tr); $arr = array(); parse_str($tr); /* print "after parse_str recs = " . count($arr) . "$wrap $wrap"; print"<pre>";print_r($arr);print"</pre>"; */ $field = trim(strip_tags($arr[0])); $value = trim(strip_tags($arr[1])); //print "$field = $value <br>"; if ($field == "Rights:") { $rights = clean_str($value); } if ($field == "Publisher:") { $publisher = clean_str($value); } } //print"<pre>";print_r($return_arr);print"</pre>"; return array($rights, $publisher); }
$min_weight = (double) $_GET['min_weight']; $max_weight = (double) $_GET['max_weight']; $min_height = (int) $_GET['min_height']; $max_height = (int) $_GET['max_height']; $qr_str = "select *, (datediff( curdate(), birthday ) /365) as age from user\n where datediff( curdate(), `birthday` ) /365 between {$age_min} and {$age_max} and weight between {$min_weight} and {$max_weight} and height between {$min_height} and {$max_height} "; if (!(isset($_GET['m']) && isset($_GET['f']) && isset($_GET['sex_na']))) { if (isset($_GET['m']) && !isset($_GET['f'])) { $qr_str .= "and gender= 'm' "; } else { if (!isset($_GET['m']) && isset($_GET['f'])) { $qr_str .= "and gender= 'f' "; } } } if (!empty($_GET['city'])) { $qr_str .= "and city= '" . clean_str($_GET['city']) . "' "; } switch ($_GET['order']) { case 'login': $qr_str .= " order by last_login desc"; break; } //echo '<br>'.$qr_str.'<br>'; $qr = $DB->query($qr_str); if ($DB->error != null) { echo $DB->error . ' ( ' . $DB->errno . ' ) <br>'; } if ($qr->num_rows == 0) { $body .= '<h3>NESSUN RISULTATO!</h3>'; } else { $body .= "<table><tr> <th>Nome</th> <th>Età</th> <th>Città</th> <th>Altezza</th> <th>Peso</th> <th>Cerco</th> <th>Ultimo login</th> </tr>";
/** * determine which sport is active and collect the ids * @return: array */ function get_active_sport($result, $sport) { //debug_show($sport); //exit(); $arr = array(); $ids['sports'] = array(); $ids['leagues'] = array(); $ids['match'] = array(); $requested_sport = strtolower($sport); $temp_array = array(); foreach ($result as $sport => $parent) { if (empty($parent) === FALSE) { $key_id = key($parent); if (isset($parent[$key_id]['sport'])) { $sport_name = strtolower($parent[$key_id]['sport']); } else { echo "sport name can't be found."; exit; } if ($sport_name != "soccer") { // set 6 matches per page $batch = array(6, 12, 18, 24, 30); $ctr = 1; $n = 1; foreach ($parent as $key => $row) { if (isset($row['odds_id'])) { // remove odds id key $odds_info = $row[$row['odds_id']]; unset($row[$row['odds_id']]); $row['odds_details'] = $odds_info; } // combine same league $my_country_league = $row['country_league'] . $n; //$arr[$sport_name][$my_country_league][$key] = $row; $arr[$sport_name . ' - ' . $my_country_league][$key] = $row; if ($requested_sport == 'all' || $sport_name == $requested_sport) { // collect all id's array_push($ids['leagues'], $my_country_league); array_push($ids['match'], $key); } if (in_array($ctr, $batch)) { $n++; } $ctr++; } } if ($requested_sport == 'all' || $sport_name == $requested_sport) { // collect all the id's array_push($ids['sports'], clean_str($sport_name)); } } } $requestedsport = str_replace(' ', '', $requested_sport); if ($requested_sport != 'all') { if (array_key_exists($requested_sport, $arr)) { $temp_array = $arr[$requested_sport]; unset($arr); $arr[$requested_sport] = $temp_array; } else { if (array_key_exists($requestedsport, $this->json_sports_config())) { unset($arr); $arr[$requested_sport] = "NOTACTIVE"; } else { return "NOTFOUND"; } } } $arr['myids'] = $ids; //debug_show($arr); return $arr; }
require_once 'config.php'; require_once 'functions.php'; // Representation starts here header('Content-Type: text/html; charset=utf-8'); // echo ' <h1>Game Stats</h1>' . PHP_EOL; echo ' <table>' . PHP_EOL; echo ' <tr>' . PHP_EOL; echo ' <th title="gameDuration">Game Duration</th>' . PHP_EOL; echo ' <th title="maxConcurrentUnitCount">Maximum Concurrent Units</th>' . PHP_EOL; echo ' <th title="totalEndGameConcurrentUnitCount">Total Units at End</th>' . PHP_EOL; echo ' <th title="isHeadlessServer">Headless Server</th>' . PHP_EOL; echo ' </tr>' . PHP_EOL; // get stats for a specific game $gameUUID = ""; if (isset($_GET['gameUUID'])) { $gameUUID = (string) clean_str($_GET['gameUUID']); //printf( "Game UUID = %s\n", htmlspecialchars( $gameUUID, ENT_QUOTES ), PHP_EOL ); define('DB_LINK', db_connect()); // consider replacing this by a cron job cleanupServerList(); $whereClause = 'gameUUID=\'' . mysql_real_escape_string($gameUUID) . '\''; $stats_in_db = mysql_query('SELECT * FROM glestgamestats WHERE ' . $whereClause . ';'); $all_stats = array(); while ($stats = mysql_fetch_array($stats_in_db)) { array_push($all_stats, $stats); } unset($stats_in_db); unset($stats); $player_stats_in_db = mysql_query('SELECT * FROM glestgameplayerstats WHERE ' . $whereClause . ' ORDER BY factionIndex;'); $all_player_stats = array(); while ($player_stats = mysql_fetch_array($player_stats_in_db)) {
<link rel="stylesheet" href="css/scrollup.css" type="text/css" media="screen"> <script src="js/scrollup.js" type="text/javascript"></script> <title>Данные по ценам</title> <body bgcolor="#EEE9E9"> <?php include_once 'system/user.php'; include_once 'system/file.php'; include_once 'system/funktions.php'; $curent_user = new user(); //$curent_user->Create_user('xoe01','kwR145vvh','*****@*****.**',1,7); if ($curent_user->Login($_POST['username'], $_POST['password'])) { include 'interf/top.php'; include 'interf/left.php'; $action = clean_str($_GET['action']); //$actionmode=clean_str($_GET['actionmode']); if (!$action) { $action = "action/main_use.php"; } if (file_exists('action/' . $action . '.php')) { include 'action/' . $action . '.php'; // include 'action/upload.php?id=1'; } else { include 'action/main_use.php'; } //echo "action= $action"; ?> <?php } else {