function filter_request(&$request)
{
if (MAGIC_QUOTES_GPC) {
foreach ($request as $k => $v) {
if (is_array($request[$k])) {
filter_request($request[$k]);
} else {
$request[$k] = stripslashes(trim($v));
}
}
}
}
/**
* @param $query
* @param $request
*/
public function scopeFilter($query, $request, $prefix)
{
$this->request = $request;
$this->prefix = $prefix;
//filter by lang
if (!empty(filter_request($this->request, $this->prefix . 'lang'))) {
$query->where('lang', '=', filter_request($this->request, $this->prefix . 'lang'));
}
//filter by title
if (filter_request($this->request, $this->prefix . 'name') != null) {
$query->where('name', 'like', '%' . filter_request($this->request, $this->prefix . 'name') . '%');
}
}
function save()
{
filter_request($_POST);
$data['user_id'] = intval($GLOBALS['user_info']['id']);
//每次投标金额
$data['fixed_amount'] = intval($_POST['fixedamount']);
if ($data['fixed_amount'] < 50 || $data['fixed_amount'] % 50 != 0) {
showErr($GLOBALS['lang']['PLASE_ENTER_TRUE_FIXED_AMOUNT']);
}
//利息
$data['min_rate'] = floatval($_POST['min_rate']);
$data['max_rate'] = floatval($_POST['max_rate']);
if ($data['min_rate'] < 0) {
showErr($GLOBALS['lang']['PLASE_ENTER_TRUE_MIN_RATE']);
}
if ($data['max_rate'] < 0) {
showErr($GLOBALS['lang']['PLASE_ENTER_TRUE_MAX_RATE']);
}
if ($data['min_rate'] > $data['max_rate']) {
showErr($GLOBALS['lang']['MIN_RATE_NOMORE_MAX_RATE']);
}
//借款期限
$data['min_period'] = intval($_POST['min_period']);
$data['max_period'] = intval($_POST['max_period']);
if ($data['min_period'] > $data['max_period']) {
showErr($GLOBALS['lang']['MIN_PERIOD_NOMORE_MAX_PERIOD']);
}
//等级
$data['min_level'] = intval($_POST['min_level']);
$data['max_level'] = intval($_POST['max_level']);
if ($data['min_level'] > $data['max_level']) {
showErr($GLOBALS['lang']['MIN_LEVEL_NOMORE_MAX_LEVEL']);
}
//保留金额
$data['retain_amount'] = floatval($_POST['retain_amount']);
if ($data['retain_amount'] < 0) {
showErr($GLOBALS['lang']['PLASE_ENTER_TRUE_RETAIN_AMOUNT']);
}
$data['deal_cates'] = implode(",", $_POST['deal_cate']);
if ($GLOBALS['db']->getOne("SELECT count(*) FROM " . DB_PREFIX . "user_autobid WHERE user_id=" . $data['user_id']) > 0) {
//编辑
$GLOBALS['db']->autoExecute(DB_PREFIX . "user_autobid", $data, "UPDATE", "user_id=" . $data['user_id']);
} else {
//添加
$data['last_bid_time'] = TIME_UTC;
$GLOBALS['db']->autoExecute(DB_PREFIX . "user_autobid", $data, "INSERT");
}
showSuccess($GLOBALS['lang']['SAVE_AUTOBID_SUCCESS']);
}
/**
* @param $query
* @param $request
*/
public function scopeFilter($query, $request, $prefix)
{
$this->request = $request;
$this->prefix = $prefix;
if (filter_request($this->request, $this->prefix . 'author') != null) {
$query->where('author', 'like', filter_request($this->request, $this->prefix . 'author') . '%');
}
if (filter_request($this->request, $this->prefix . 'from') != null or filter_request($this->request, $this->prefix . 'to') != null) {
if (filter_request($this->request, $this->prefix . 'from') != null) {
$this->to = !filter_request($this->request, $this->prefix . 'to') ? Carbon::now() : Carbon::createFromFormat('d/m/Y H:i', filter_request($this->request, $this->prefix . 'to'));
$this->from = Carbon::createFromFormat('d/m/Y H:i', filter_request($this->request, $this->prefix . 'from'));
$query->whereBetween('published_at', [$this->from, $this->to]);
}
}
}
/**
* Display a listing of the resource.
*
* @return Response
*/
public function index(Cat $cats, Request $request)
{
$movies = !filter_request($request, 'm_filter') ? Article::where('lang', App::getLocale())->orderBy('status', 'asc')->orderBy('published_at', 'desc')->ordercat([8])->paginate(get_setting('pagination_num')) : Article::where('lang', App::getLocale())->orderBy('status', 'asc')->orderBy('published_at', 'desc')->ordercat([8])->filter($request, 'm_')->paginate(get_setting('pagination_num'));
$cats = $cats->select('id', 'name', 'parent')->posts(8)->orderBy('name')->get();
return view('admin.movies.index', compact('movies', 'cats', 'request'));
}
<?php
// +----------------------------------------------------------------------
// | Fanwe 方维众筹商业系统
// +----------------------------------------------------------------------
// | Copyright (c) 2010 http://www.fanwe.com All rights reserved.
// +----------------------------------------------------------------------
if (!defined('THINK_PATH')) {
exit;
}
//过滤请求
filter_request($_REQUEST);
filter_request($_GET);
filter_request($_POST);
define("AUTH_NOT_LOGIN", 1);
//未登录的常量
define("AUTH_NOT_AUTH", 2);
//未授权常量
// 全站公共函数库
// 更改系统配置, 当更改数据库配置时为永久性修改, 修改配置文档中配置为临时修改
function conf($name, $value = false)
{
if ($value === false) {
return C($name);
} else {
if (M("Conf")->where("is_effect=1 and name='" . $name . "'")->count() > 0) {
if (in_array($name, array('EXPIRED_TIME', 'SUBMIT_DELAY', 'SEND_SPAN', 'WATER_ALPHA', 'MAX_IMAGE_SIZE', 'INDEX_LEFT_STORE', 'INDEX_LEFT_TUAN', 'INDEX_LEFT_YOUHUI', 'INDEX_LEFT_DAIJIN', 'INDEX_LEFT_EVENT', 'INDEX_RIGHT_STORE', 'INDEX_RIGHT_TUAN', 'INDEX_RIGHT_YOUHUI', 'INDEX_RIGHT_DAIJIN', 'INDEX_RIGHT_EVENT', 'SIDE_DEAL_COUNT', 'DEAL_PAGE_SIZE', 'PAGE_SIZE', 'BATCH_PAGE_SIZE', 'HELP_CATE_LIMIT', 'HELP_ITEM_LIMIT', 'REC_HOT_LIMIT', 'REC_NEW_LIMIT', 'REC_BEST_LIMIT', 'REC_CATE_GOODS_LIMIT', 'SALE_LIST', 'INDEX_NOTICE_COUNT', 'RELATE_GOODS_LIMIT'))) {
$value = intval($value);
}
M("Conf")->where("is_effect=1 and name='" . $name . "'")->setField("value", $value);
}
if (!$checker)
die("domain not authorized");
**/
$sys_config = (require APP_ROOT_PATH . 'system/config.php');
function app_conf($name)
{
return stripslashes($GLOBALS['sys_config'][$name]);
}
require APP_ROOT_PATH . 'system/cache/Cache.php';
$cache = CacheService::getInstance();
require_once APP_ROOT_PATH . "system/cache/CacheFileService.php";
$fcache = new CacheFileService();
$fcache->set_dir(APP_ROOT_PATH . "public/runtime/data/");
require APP_ROOT_PATH . 'system/db/db.php';
define('DB_PREFIX', app_conf('DB_PREFIX'));
if (!file_exists(APP_ROOT_PATH . 'public/runtime/app/db_caches/')) {
mkdir(APP_ROOT_PATH . 'public/runtime/app/db_caches/', 0777);
}
$pconnect = false;
$db = new mysql_db(app_conf('DB_HOST') . ":" . app_conf('DB_PORT'), app_conf('DB_USER'), app_conf('DB_PWD'), app_conf('DB_NAME'), 'utf8', $pconnect);
require APP_ROOT_PATH . 'system/template/template.php';
if (!file_exists(APP_ROOT_PATH . 'public/runtime/app/tpl_caches/')) {
mkdir(APP_ROOT_PATH . 'public/runtime/app/tpl_caches/', 0777);
}
if (!file_exists(APP_ROOT_PATH . 'public/runtime/app/tpl_compiled/')) {
mkdir(APP_ROOT_PATH . 'public/runtime/app/tpl_compiled/', 0777);
}
$tmpl = new AppTemplate();
$_REQUEST = array_merge($_GET, $_POST);
filter_request($_REQUEST);
$lang = (require APP_ROOT_PATH . '/app/Lang/' . app_conf("SHOP_LANG") . '/lang.php');
public function brightCove(Request $request)
{
if ($request->input('filter_video') == "Filter" or $request->input('reset_video') == "Reset") {
$request->session()->put('search_video', $request->input('search_video'));
$request->session()->put('search_type', $request->input('type'));
}
$search_video = filter_request($request, 'search_video');
$search_type = filter_request($request, 'type');
$selected = 0;
if (!empty($search_video)) {
if ($search_type == 1) {
$selected = 1;
$search_sql = '&any=display_name:' . str_replace(' ', '%20', $search_video);
} elseif ($search_type == 2) {
$selected = 2;
$search_sql = '&any=tag:' . str_replace(' ', '%20', $search_video);
} else {
$search_sql = '&any=' . str_replace(' ', '%20', $search_video);
}
} else {
$search_sql = '';
}
$page_number = $request->input('page') > 0 ? $request->input('page') : 0;
$url = 'http://api.brightcove.com/services/library?command=search_videos' . $search_sql . '&page_size=15&video_fields=id%2Cname%2CshortDescription%2Ctags%2CthumbnailURL&media_delivery=default&sort_by=PUBLISH_DATE&sort_order=ASC&page_number=' . $page_number . '&get_item_count=true&callback=BCL.onSearchResponse&token=_FkpjudFGAdmchAxwVgh1XKZ88KPeC9itvIsTpEJHTrqAKOYA1P1Sg..';
$content = file_get_contents($url) or die('can`t connect to brightcove server!');
$content = str_replace('BCL.onSearchResponse(', '[', $content);
$content = str_replace(');', ']', $content);
$content = json_decode($content);
$paging = new LengthAwarePaginator('', $content[0]->total_count, $content[0]->page_size, $content[0]->page_number, ['class' => 'pagination']);
$type = ['All', 'Names and description', 'Tags'];
//dump($request->input('search'));
//dump($paging);
return view('admin.brightcove.index', compact('content', 'paging', 'type', 'search_video', 'selected'));
}
/**
* Display a listing of the resource.
*
* @return Response
*/
public function index(Request $request)
{
$gallery = !filter_request($request, 'g_filter') ? Image::where('lang', App::getLocale())->orderBy('status', 'asc')->orderBy('published_at', 'desc')->paginate(get_setting('pagination_num')) : Image::where('lang', App::getLocale())->orderBy('status', 'asc')->orderBy('published_at', 'desc')->filter($request, 'g_')->paginate(get_setting('pagination_num'));
return view('admin.gallery.index', compact('gallery', 'request'));
}
/**
* @param $query
* @param $request
*/
public function scopeFilter($query, $request, $prefix)
{
$this->request = $request;
$this->prefix = $prefix;
//filter by category
if (filter_request($this->request, $this->prefix . 'cat') != 0) {
if (filter_request($this->request, $this->prefix . 'cat') > 2) {
$query->whereHas('categories', function ($q) {
$q->where('cat_id', filter_request($this->request, $this->prefix . 'cat'));
});
}
if (filter_request($this->request, $this->prefix . 'cat') == 2) {
$query->whereHas('categories', function ($q) {
$q->where('parent', filter_request($this->request, $this->prefix . 'cat'));
});
}
}
//filter by status
if (!empty(filter_request($this->request, $this->prefix . 'status'))) {
$query->where('status', '=', filter_request($this->request, $this->prefix . 'status'));
}
//filter by lang
if (!empty(filter_request($this->request, $this->prefix . 'lang'))) {
$query->where('lang', '=', filter_request($this->request, $this->prefix . 'lang'));
}
//filter by title
if (filter_request($this->request, $this->prefix . 'title') != null) {
$query->where('title', 'like', '%' . filter_request($this->request, $this->prefix . 'title') . '%')->orWhere('original_title', 'like', '%' . filter_request($this->request, $this->prefix . 'title') . '%');
}
//filter by author
if (filter_request($this->request, $this->prefix . 'author') != null) {
$query->where('author', 'like', filter_request($this->request, $this->prefix . 'author') . '%');
}
//filter by date
if (filter_request($this->request, $this->prefix . 'from') != null or filter_request($this->request, $this->prefix . 'to') != null) {
if (filter_request($this->request, $this->prefix . 'from') != null) {
$this->to = !filter_request($this->request, $this->prefix . 'to') ? Carbon::now() : Carbon::createFromFormat('d/m/Y H:i', filter_request($this->request, $this->prefix . 'to'));
$this->from = Carbon::createFromFormat('d/m/Y H:i', filter_request($this->request, $this->prefix . 'from'));
$query->whereBetween('published_at', [$this->from, $this->to]);
}
}
}
/**
+----------------------------------------------------------
* 创建数据对象 但不保存到数据库
+----------------------------------------------------------
* @access public
+----------------------------------------------------------
* @param mixed $data 创建数据
* @param string $type 状态
+----------------------------------------------------------
* @return mixed
+----------------------------------------------------------
*/
public function create($data = '', $type = '')
{
// 如果没有传值默认取POST数据
if (empty($data)) {
filter_request($_POST);
$data = $_POST;
} elseif (is_object($data)) {
$data = get_object_vars($data);
} elseif (!is_array($data)) {
$this->error = L('_DATA_TYPE_INVALID_');
return false;
}
// 状态
$type = $type ? $type : (!empty($data[$this->getPk()]) ? self::MODEL_UPDATE : self::MODEL_INSERT);
// 表单令牌验证
if (C('TOKEN_ON') && !$this->autoCheckToken($data)) {
$this->error = L('_TOKEN_ERROR_');
return false;
}
// 数据自动验证
if (!$this->autoValidation($data, $type)) {
return false;
}
// 检查字段映射
if (!empty($this->_map)) {
foreach ($this->_map as $key => $val) {
if (isset($data[$key])) {
$data[$val] = $data[$key];
unset($data[$key]);
}
}
}
// 验证完成生成数据对象
$vo = array();
foreach ($this->fields as $key => $name) {
if (substr($key, 0, 1) == '_') {
continue;
}
$val = isset($data[$name]) ? $data[$name] : null;
//保证赋值有效
if (!is_null($val)) {
$vo[$name] = MAGIC_QUOTES_GPC && is_string($val) ? stripslashes($val) : $val;
}
}
// 创建完成对数据进行自动处理
$this->autoOperation($vo, $type);
// 赋值当前数据对象
$this->data = $vo;
// 返回创建的数据以供其他调用
return $vo;
}
/**
* Display a listing of the resource.
*
* @return \Illuminate\Http\Response
*/
public function index(Request $request)
{
$items = !filter_request($request, 'a_filter') ? $items = Artist::select('*')->paginate(get_setting('pagination')) : ($items = Artist::select('*')->filter($request, 'a_')->paginate(get_setting('pagination')));
return view('admin.artists.index', compact('items', 'request'));
}
/**
* Checks the submitted nonce with the stored session nonce.
* @return boolean: Whether the submitted nonce matches the SESSION (expected)
* NONCE
*/
function checkNonce() {
$form_nonce = $_SESSION['form_nonce'];
$request_nonce = filter_request('form_nonce');
if ($request_nonce == $form_nonce) {
return true;
} else {
pkdebug("FORM NONCE:'$form_nonce'; REQUEST_NONCE: '$request_nonce'");
return false;
}
}
