pf_check_number PHP Code Examples

Example #1

0

Show file

File: adminmodquestions.php Project: ShadonSniper/Practical-PHP-and-MySQL

function set_validid()
{
    global $config_basedir;
    if (pf_check_number($_GET['id']) == TRUE) {
        return $_GET['id'];
    } else {
        header("Location: " . $config_basedir);
    }
}

Example #2

0

Show file

File: addquestion.php Project: ShadonSniper/Practical-PHP-and-MySQL

<?php

session_start();
require "db.php";
require "functions.php";
if (pf_check_number($_GET['subject']) == TRUE) {
    $validsubject = $_GET['subject'];
} else {
    header("Location: " . $config_basedir);
}
if (isset($_GET['topic']) == TRUE) {
    if (is_numeric($_GET['topic']) == TRUE) {
        $validtopic = $_GET['topic'];
    } else {
        header("Location: " . $config_basedir);
    }
}
if (!$_SESSION['SESS_USERNAME']) {
    header("Location: " . $config_basedir . "login.php");
}
if ($_POST['submit']) {
    $authsql = "SELECT * FROM subjects WHERE id = " . $validsubject . " AND owner_id = " . $_SESSION['SESS_USERID'] . ";";
    //	$authresult = mysql_query($authsql);
    //	$authnumrows = mysql_num_rows($authresult);
    $authresult = $db->query($authsql);
    $authnumrows = $authresult->rowCount();
    if ($authnumrows == 1) {
        $qsql = "INSERT INTO questions(topic_id, question, answer, addedby_id, dateadded, active) VALUES(" . $_POST['topic'] . ", '" . pf_fix_slashes($_POST['question']) . "', '" . pf_fix_slashes($_POST['answer']) . "', " . $_SESSION['SESS_USERID'] . ", NOW()" . ", 1);";
        //$qresult = mysql_query($qsql);
        $qresult = $db->query($qsql);
        header("Location: " . $config_basedir . "answer.php?id=" . mysql_insert_id());

Example #3

0

Show file

File: project_admindeletescreenshot.php Project: ShadonSniper/Practical-PHP-and-MySQL

<?php

require_once "../project_functions.php";
pf_protect_admin_page();
if (pf_check_number($_GET['imageid']) == TRUE) {
    $validimageid = $_GET['imageid'];
} else {
    header("Location: " . $config_projectadminbasedir);
}
if ($_GET['conf']) {
    $imagesql = "SELECT * FROM homeproject_screenshots WHERE id = " . $validimageid;
    //	$imageresult = mysql_query($imagesql);
    //	$imagerow = mysql_fetch_assoc($imageresult);
    $imageresult = $db->query($imagesql);
    $imagerow = $imageresult->fetchAll(PDO::FETCH_ASSOC);
    unlink($config_projectdir . $_SESSION['SESS_PROJECTPATH'] . "/screenshots/" . $imagerow[0]['name']);
    $delsql = "DELETE FROM homeproject_screenshots WHERE id = " . $validimageid;
    //	mysql_query($delsql);
    $db->query($delsql);
    header("Location: " . $config_projectadminbaseurl . basename($_SERVER['SCRIPT_NAME']) . "?func=screenshots");
} else {
    echo "<h2>Delete image?</h2>";
    echo "<form action=" . $_SERVER['SCRIPT_NAME'] . "?func=deletescreenshot' method='post'>";
    echo "<p>Are you sure you want to delete this image?</p>";
    echo "<p>";
    echo "<a href=" . $_SERVER['SCRIPT_NAME'] . "?func=deletescreenshot&conf=1&imageid=" . $validimageid . ">Yes</a> / <a href=" . $_SERVER['SCRIPT_NAME'] . "?func=screenshots>No</a>";
    echo "</p>";
    echo "</form>";
}
?>

Example #4

0

Show file

File: ratestory.php Project: webguyca/PHP-news-website

<?php

require "db.php";
require "functions.php";
if (pf_check_number($_GET['id']) == TRUE) {
    $validid = $_GET['id'];
} else {
    header("Location: " . $config_basedir);
}
if (pf_check_number($_GET['rating']) == TRUE) {
    $validrating = $_GET['rating'];
} else {
    header("Location: " . $config_basedir);
}
require "header.php";
$checksql = "SELECT * FROM ratings WHERE user_id = " . $_SESSION['SESS_USERID'] . " AND story_id = " . $validid . ";";
$checkresult = mysql_query($checksql);
$checknumrows = mysql_num_rows($checkresult);
if ($checknumrows == 1) {
    echo "<h1>Already voted</h1>";
    echo "<p>You have already voted for this story.</p>";
} else {
    $inssql = "INSERT INTO ratings(user_id, story_id, rating) VALUES(" . $_SESSION['SESS_USERID'] . "," . $validid . "," . $validrating . ");";
    mysql_query($inssql);
    echo "<h1>Thankyou!</h1>";
    echo "<p>Thankyou for your vote.</p>";
}

Example #5

0

Show file

File: deletequestion.php Project: ShadonSniper/Practical-PHP-and-MySQL

session_start();
require "db.php";
require "functions.php";
if ($_SESSION['SESS_ADMIN']) {
    header("Location: " . $config_basedir);
}
if (pf_check_number($_GET['topic']) == TRUE) {
    $validtopic = $_GET['topic'];
} else {
    header("Location: " . $config_basedir);
}
if (pf_check_number($_GET['subject']) == TRUE) {
    $validsubject = $_GET['subject'];
} else {
    header("Location: " . $config_basedir);
}
if (pf_check_number($_GET['questionid']) == TRUE) {
    $validquestionid = $_GET['questionid'];
} else {
    header("Location: " . $config_basedir);
}
if ($_GET['conf']) {
    $delsql = "DELETE FROM questions WHERE id = " . $validquestionid . ";";
    mysql_query($delsql);
    header("Location: " . $config_basedir . "questions.php?subject=" . $validsubject . "&topic=" . $validtopic);
} else {
    require "header.php";
    echo "<h1>Are you sure you want to delete this question?</h1>";
    echo "<p>[<a href='" . $SCRIPT_NAME . "?conf=1&subject=" . $validsubject . "&topic=" . $validtopic . "&questionid=" . $validquestionid . "'>Yes</a>] [<a href='questions.php?subject=" . $validsubject . "&topic=" . $validtopic . "'>No</a>]</p>";
}
require "footer.php";

Example #6

0

Show file

File: deletetopic.php Project: ShadonSniper/Practical-PHP-and-MySQL

<?php

session_start();
require "db.php";
require "functions.php";
if (isset($_SESSION['SESS_ADMINUSER']) == FALSE) {
    header("Location: " . $config_basedir);
}
if (pf_check_number($_GET['topic']) == TRUE) {
    $validtopic = $_GET['topic'];
} else {
    header("Location: " . $config_basedir);
}
if ($_GET['conf']) {
    $delsql = "DELETE FROM topics WHERE id = " . $validtopic . ";";
    //	mysql_query($delsql);
    $db->query($delsql);
    header("Location: " . $config_basedir);
} else {
    require "header.php";
    echo "<h1>Are you sure you want to delete this topic?</h1>";
    echo "<p>[<a href='" . $_SERVER['SCRIPT_NAME'] . "?conf=1&topic=" . $validtopic . "'>Yes</a>] [<a href='" . $config_basedir . "'>No</a>]";
}
require "footer.php";

Example #7

0

Show file

File: project_admindeleterelease.php Project: ShadonSniper/Practical-PHP-and-MySQL

<?php

require_once "../project_functions.php";
pf_protect_admin_page();
if (pf_check_number($_GET['relid']) == TRUE) {
    $validrelid = $_GET['relid'];
} else {
    header("Location: " . $config_projectadminbasedir);
}
if ($_GET['conf']) {
    $uploaddir = $config_projectdir . $_SESSION['SESS_PROJECTPATH'] . "/releases/";
    $filesql = "SELECT filename FROM homeproject_releasefiles WHERE id = " . $validrelid . ";";
    //	$fileresult = mysql_query($filesql);
    //	$filerow = mysql_fetch_assoc($fileresult);
    $fileresult = $db->query($filesql);
    $filerow = $fileresult->fetchAll(PDO::FETCH_ASSOC);
    $fullfile = $uploaddir . $filerow['filename'];
    if (file_exists($fullfile) == TRUE) {
        unlink($fullfile);
        $delsql = "DELETE FROM homeproject_releasefiles WHERE id = " . $validrelid . ";";
        //		mysql_query($delsql);
        $db->query($delsql);
        header("Location: " . $config_projectadminbasedir . basename($_SERVER['SCRIPT_NAME']) . "?func=downloads");
    } else {
        echo "<h1>File does not exist</h1>";
        echo "The file you tried to delete does not exist.";
    }
} else {
    echo "<h1>Are you sure you want to delete this release?</h1>";
    echo "<p>[<a href='" . $_SERVER['SCRIPT_NAME'] . "?func=deleterelease&conf=1&relid=" . $validrelid . "'>Yes</a>] [<a href='" . $_SERVER['SCRIPT_NAME'] . "?func=main'>No</a>]";
}

PHP pf_check_number Examples