escapeURLData PHP Code Examples

Example #1

0

Show file

File: getGUID.php Project: wavetronix/Entitlement-Admin

<?php

require_once "settings.php";
require_once "utils.php";
//ini_set('display_errors', 1);
$info = null;
$guid = null;
$token = null;
$success = false;
$adobeId = escapeURLData($_POST['adobeId']);
$password = escapeURLData($_POST['password']);
if (empty($adobeId)) {
    $info = "You must provide an Adobe ID";
} else {
    if (empty($password)) {
        $info = "You must provide a password";
    } else {
        $url = "https://edge.adobe-dcfs.com/ddp/issueServer/signInWithCredentials?emailAddress=" . urlencode($adobeId) . "&password="******"//accountId");
                if (empty($guid_array)) {

Example #2

0

Show file

File: getUsersForFolio.php Project: wavetronix/Entitlement-Admin

<?php

require_once "settings.php";
require_once "utils.php";
ini_set('display_errors', 1);
$mysqli = new mysqli($db_host, $db_user, $db_password, $db_name);
if ($mysqli->connect_errno) {
    echo '{"success":false,"description":"Sorry, unable to connect to the database."}';
} else {
    if ($stmt = $mysqli->prepare("SELECT user_id FROM folios_for_users WHERE guid = ? AND product_id = ?")) {
        $guid = escapeURLData($_POST["guid"]);
        $productId = escapeURLData($_POST["productId"]);
        if ($stmt->bind_param("ss", $guid, $productId)) {
            $stmt->execute();
            $stmt->bind_result($userId);
            $stmt->store_result();
            $rows = array();
            while ($stmt->fetch()) {
                $rows[] = $userId;
            }
            echo '{"success":true,"users":' . json_encode($rows) . '}';
        } else {
            echo '{"success":false,"description":"getUsersForFolio - Binding parameters failed: (' . $mysqli->errno . ')' . $mysqli->error . '"}';
        }
        $stmt->close();
    } else {
        echo '{"success":false,"description":"getUsersForFolio - Prepare failed: (' . $mysqli->errno . ')' . $mysqli->error . '"}';
    }
}

Example #3

0

Show file

File: updateFolio.php Project: wavetronix/Entitlement-Admin

                    exit;
                }
                $stmt->close();
            } else {
                echo '{"success":false,"description":"updateFolio - Prepare delete failed: (' . $mysqli->errno . ')' . $mysqli->error . '"}';
                exit;
            }
            // Add the new group ids.
            if (count($groupIds) > 0) {
                $insertFolios = array();
                foreach ($groupIds as $row) {
                    $insertFolios[] = '("' . $productId . '", "' . escapeURLData($row) . '", "' . $guid . '")';
                }
                $stmt = $mysqli->prepare("INSERT INTO folios_for_groups (product_id, group_id, guid) VALUES " . implode(",", $insertFolios));
                $stmt->execute();
                $stmt->close();
            }
            // Add the new user ids.
            if (count($userIds) > 0) {
                $insertFolios = array();
                foreach ($userIds as $row) {
                    $insertFolios[] = '("' . $productId . '", "' . escapeURLData($row) . '", "' . $guid . '")';
                }
                $stmt = $mysqli->prepare("INSERT INTO folios_for_users (product_id, user_id, guid) VALUES " . implode(",", $insertFolios));
                $stmt->execute();
                $stmt->close();
            }
            echo '{"success":true}';
        }
    }
}

Example #4

0

Show file

File: updateGroup.php Project: wavetronix/Entitlement-Admin

                     if (count($folios) > 0) {
                         $insertFolios = array();
                         foreach ($folios as $row) {
                             $insertFolios[] = '("' . escapeURLData($row) . '", ' . $id . ', "' . $guid . '")';
                         }
                         $stmt = $mysqli->prepare("INSERT INTO folios_for_groups (product_id, group_id, guid) VALUES " . implode(",", $insertFolios));
                         $stmt->execute();
                     }
                     // Delete the existing users from groups_for_users.
                     $stmt = $mysqli->prepare("DELETE FROM groups_for_users WHERE group_id = ? AND guid = ?");
                     $stmt->bind_param("is", $id, $guid);
                     $stmt->execute();
                     if (count($users) > 0) {
                         $insertUsers = array();
                         foreach ($users as $row) {
                             $insertUsers[] = '(' . escapeURLData($row) . ', ' . $id . ', "' . $guid . '")';
                         }
                         $stmt = $mysqli->prepare("INSERT INTO groups_for_users (user_id, group_id, guid) VALUES " . implode(",", $insertUsers));
                         $stmt->execute();
                     }
                     echo '{"success":true}';
                 }
             } else {
                 echo '{"success":false,"description":"updateGroup - Binding parameters failed: (' . $mysqli->errno . ')' . $mysqli->error . '"}';
             }
         } else {
             echo '{"success":false,"description":"updateGroup - Prepare failed: (' . $mysqli->errno . ')' . $mysqli->error . '"}';
         }
         $stmt->close();
     }
 }

Example #5

0

Show file

File: getGroups.php Project: wavetronix/Entitlement-Admin

<?php

require_once "settings.php";
require_once "utils.php";
// ini_set('display_errors', 1);
$guid = escapeURLData($_POST["guid"]);
$csrfToken = escapeURLData($_POST["csrfToken"]);
$mysqli = new mysqli($db_host, $db_user, $db_password, $db_name);
if (!isValidCsrfToken($mysqli, $guid, $csrfToken)) {
    echo '{"success":false,"description":"Sorry, invalid token."}';
    exit;
}
if ($mysqli->connect_errno) {
    echo '{"success":false,"description":"Sorry, unable to connect to the database."}';
} else {
    if ($stmt = $mysqli->prepare("SELECT guid, id, name, description FROM groups WHERE guid = ? ORDER BY name")) {
        if ($stmt->bind_param("s", $guid)) {
            $stmt->execute();
            $stmt->bind_result($guid, $id, $name, $description);
            $stmt->store_result();
            $rows = array();
            while ($stmt->fetch()) {
                $group = new stdClass();
                $group->guid = $guid;
                $group->id = $id;
                $group->name = $name;
                $group->description = $description;
                $rows[] = $group;
            }
            echo '{"success":true,"groups":' . json_encode($rows) . '}';
        } else {

Example #6

0

Show file

File: updateUser.php Project: wavetronix/Entitlement-Admin

                     if (count($folios) > 0) {
                         $insertFolios = array();
                         foreach ($folios as $row) {
                             $insertFolios[] = '("' . escapeURLData($row) . '", ' . $id . ', "' . $guid . '")';
                         }
                         $stmt = $mysqli->prepare("INSERT INTO folios_for_users (product_id, user_id, guid) VALUES " . implode(",", $insertFolios));
                         $stmt->execute();
                     }
                     // Delete the existing groups from groups_for_users.
                     $stmt = $mysqli->prepare("DELETE FROM groups_for_users WHERE user_id = ? AND guid = ?");
                     $stmt->bind_param("is", $id, $guid);
                     $stmt->execute();
                     if (count($groups) > 0) {
                         $insertGroups = array();
                         foreach ($groups as $row) {
                             $insertGroups[] = '("' . escapeURLData($row) . '", ' . $id . ', "' . $guid . '")';
                         }
                         $stmt = $mysqli->prepare("INSERT INTO groups_for_users (group_id, user_id, guid) VALUES " . implode(",", $insertGroups));
                         $stmt->execute();
                     }
                     echo '{"success":true}';
                 }
             } else {
                 echo '{"success":false,"description":"updateGroup - Binding parameters failed: (' . $mysqli->errno . ')' . $mysqli->error . '"}';
             }
         } else {
             echo '{"success":false,"description":"updateGroup - Prepare failed: (' . $mysqli->errno . ')' . $mysqli->error . '"}';
         }
         $stmt->close();
     }
 }

Example #7

0

Show file

File: getGroupsForUser.php Project: wavetronix/Entitlement-Admin

<?php

require_once "settings.php";
require_once "utils.php";
$mysqli = new mysqli($db_host, $db_user, $db_password, $db_name);
if ($mysqli->connect_errno) {
    echo '{"success":false,"description":"Sorry, unable to connect to the database."}';
} else {
    $guid = escapeURLData($_POST["guid"]);
    $id = escapeURLData($_POST["id"]);
    if ($stmt = $mysqli->prepare("SELECT group_id FROM groups_for_users WHERE guid = ? AND user_id = ?")) {
        if ($stmt->bind_param("ss", $guid, $id)) {
            $stmt->execute();
            $stmt->bind_result($id);
            $stmt->store_result();
            $rows = "";
            while ($stmt->fetch()) {
                $rows[] = $id;
            }
            echo '{"success":true,"groups":' . json_encode($rows) . '}';
        } else {
            echo '{"success":false,"description":"getGroupsForUser - Binding groups parameters failed: (' . $mysqli->errno . ')' . $mysqli->error . '"}';
        }
        $stmt->close();
    } else {
        echo '{"success":false,"description":"getGroupsForUser - Prepare groups failed: (' . $mysqli->errno . ')' . $mysqli->error . '"}';
    }
}

Example #8

0

Show file

File: setupCheck.php Project: wavetronix/Entitlement-Admin

    $output = new Output('Checking php modules:');
    if (!extension_loaded('mysql')) {
        $output->add_error_message('\'MySQL\' is not installed.');
    }
    if (!function_exists('mysqli_connect')) {
        $output->add_error_message('\'MySQLi\' extension is not installed.');
    }
    if (!function_exists('curl_exec')) {
        $output->add_error_message('\'cURL\' extension is not installed.');
    }
    if (!function_exists('file_get_contents')) {
        $output->add_error_message('\'file_get_contents\' extension is not installed.');
    }
    return $output->get_results();
}
$option = isset($_POST['check']) ? escapeURLData($_POST['check']) : 'all';
$output = array();
switch ($option) {
    case 'php_modules':
        array_push($output, check_php_modules());
        break;
    case 'config_file':
        array_push($output, check_config_file());
        break;
    case 'database_accessibility':
        array_push($output, check_database_accessibility());
        break;
    case 'http_connectivity':
        array_push($output, check_http_connectivity());
        break;
    case 'https_connectivity':

Example #9

0

Show file

File: index.php Project: wavetronix/Entitlement-Admin

function entitlements($mysqli)
{
    $authToken = escapeURLData($_REQUEST["authToken"]);
    // Get the group id for this authToken.
    $stmt = $mysqli->prepare("SELECT id FROM users WHERE auth_token = ?");
    $stmt->bind_param("s", $authToken);
    $stmt->execute();
    $stmt->store_result();
    $stmt->bind_result($userId);
    $stmt->fetch();
    if ($userId) {
        // Create the XML.
        $xml = simplexml_load_string("<result/>");
        $xml->addAttribute("httpResponseCode", "200");
        $entitlements = $xml->addChild("entitlements");
        // Get the groups for this user.
        $stmt = $mysqli->prepare("SELECT group_id FROM groups_for_users WHERE user_id = ?");
        $stmt->bind_param("i", $userId);
        $stmt->execute();
        $stmt->bind_result($groupId);
        $stmt->store_result();
        if ($stmt->num_rows > 0) {
            // Construct the "in"
            $groupIds = "";
            while ($stmt->fetch()) {
                $groupIds .= "," . $groupId;
            }
            // Remove the leading comma
            $groupIds = ltrim($groupIds, ",");
            $select = "SELECT product_id FROM folios_for_groups WHERE group_id IN ({$groupIds}) UNION SELECT product_id FROM folios_for_users WHERE user_id = ?";
        } else {
            $select = "SELECT product_id FROM folios_for_users WHERE user_id = ?";
        }
        $stmt->close();
        // Get the entitlements for the group and user.
        $stmt = $mysqli->prepare($select);
        $stmt->bind_param("i", $userId);
        $stmt->execute();
        $stmt->bind_result($productId);
        $stmt->store_result();
        while ($stmt->fetch()) {
            $entitlements->addChild("productId", $productId);
        }
        header("Content-Type: application/xml");
        echo $xml->asXML();
    } else {
        returnErrorResponse();
    }
}

Example #10

0

Show file

File: getAppId.php Project: wavetronix/Entitlement-Admin

<?php

require_once "settings.php";
require_once "utils.php";
$mysqli = new mysqli($db_host, $db_user, $db_password, $db_name);
$guid = isset($_POST["guid"]) ? escapeURLData($_POST["guid"]) : null;
$appId = isset($_POST["appId"]) ? escapeURLData($_POST["appId"]) : null;
if ($mysqli->connect_errno) {
    echo '{"success":false,"description":"Sorry, unable to connect to the database."}';
} else {
    if ($stmt = $mysqli->prepare("SELECT app_id FROM app_ids WHERE guid = ?")) {
        if ($stmt->bind_param("s", $guid)) {
            $stmt->execute();
            $stmt->bind_result($appId);
            $stmt->fetch();
            echo '{"appId":"' . $appId . '"}';
        } else {
            echo '{"success":false,"description":"getAppId - Binding groups parameters failed: (' . $mysqli->errno . ')' . $mysqli->error . '"}';
        }
        $stmt->close();
    } else {
        echo '{"success":false,"description":"getAppId - Prepare groups failed: (' . $mysqli->errno . ')' . $mysqli->error . '"}';
    }
}

Example #11

0

Show file

File: addGroup.php Project: wavetronix/Entitlement-Admin

 if (!isValidCsrfToken($mysqli, $guid, $csrfToken)) {
     echo '{"success":false,"description":"Sorry, invalid token."}';
 } else {
     if ($mysqli->connect_errno) {
         echo '{"success":false,"description":"Sorry, unable to connect to the database."}';
     } else {
         if ($stmt = $mysqli->prepare("SELECT name FROM groups WHERE guid = ? AND name = ?")) {
             if ($stmt->bind_param("ss", $guid, $name)) {
                 $stmt->execute();
                 $stmt->store_result();
                 if ($stmt->num_rows > 0) {
                     // The group name is already being used.
                     echo '{"success":false,"description":"Group names must be unique. Please use a different name."}';
                 } else {
                     if ($stmt = $mysqli->prepare("INSERT INTO groups (guid, name, description) VALUES (?, ?, ?)")) {
                         $description = escapeURLData($_POST["description"]);
                         if ($stmt->bind_param("sss", $guid, $name, $description)) {
                             $stmt->execute();
                             echo '{"success":true, "id":' . $stmt->insert_id . '}';
                         } else {
                             echo '{"success":false,"description":"addGroup - Binding insert parameters failed: (' . $mysqli->errno . ')' . $mysqli->error . '"}';
                         }
                     } else {
                         echo '{"success":false,"description":"addGroup - Prepare insert failed: (' . $mysqli->errno . ')' . $mysqli->error . '"}';
                     }
                 }
             } else {
                 echo '{"success":false,"description":"addGroup - Binding parameters failed: (' . $mysqli->errno . ')' . $mysqli->error . '"}';
             }
         } else {
             echo '{"success":false,"description":"addGroup - Prepare failed: (' . $mysqli->errno . ')' . $mysqli->error . '"}';

Example #12

0

Show file

File: setAppId.php Project: wavetronix/Entitlement-Admin

require_once "settings.php";
require_once "utils.php";
//ini_set('display_errors', 1);
$guid = escapeURLData($_POST["guid"]);
$csrfToken = escapeURLData($_POST["csrfToken"]);
$mysqli = new mysqli($db_host, $db_user, $db_password, $db_name);
if (!isValidCsrfToken($mysqli, $guid, $csrfToken)) {
    echo '{"success":false,"description":"Sorry, invalid token."}';
    exit;
}
if ($mysqli->connect_errno) {
    echo '{"success":false,"description":"Sorry, unable to connect to the database."}';
} else {
    if ($stmt = $mysqli->prepare("SELECT * FROM app_ids WHERE guid <> ? AND app_id = ?")) {
        $appId = escapeURLData($_POST["appId"]);
        if ($stmt->bind_param("ss", $guid, $appId)) {
            $stmt->execute();
            $stmt->store_result();
            if ($stmt->num_rows > 0) {
                // The group name is already being used by another account.
                echo '{"success":false,"description":"Sorry, the app id you entered is being used. Please enter a different one."}';
            } else {
                if ($stmt = $mysqli->prepare("SELECT * FROM app_ids WHERE guid = ?")) {
                    if ($stmt->bind_param("s", $guid)) {
                        $stmt->execute();
                        $stmt->store_result();
                        if ($stmt->num_rows > 0) {
                            // Check if an appId already exists for this guid.
                            $stmt = $mysqli->prepare("UPDATE app_ids SET app_id = ? WHERE guid = ?");
                            $stmt->bind_param("ss", $appId, $guid);

PHP escapeURLData Examples