PHP prevent_xss Examples

Example #1

File: filter.class.php Project: spiritwild/biorhythm

 function filter_has_same_birthday($a)
 {
     //Call back function to filter array by role ID
     global $dob, $fullname;
     if (isset($a['dob']) && $dob != '' && isset($a['name'])) {
         if (has_birthday($a['dob'], strtotime($dob)) == $this->num && prevent_xss($a['name']) != $fullname) {
             return true;
         } else {
             return false;
         }
     }
 }

Example #2

File: login.php Project: rodbegbie/threequarters

				</fieldset>
			</form>
		</div>
		
		<div id="pane-password-content" class="content">
			<form method="post" action="">
				<fieldset>
					<input type="hidden" name="MintPath" value="Auth" />
					<input type="hidden" name="action" value="Send Password" />
					<table>
						<tr>
							<td colspan="2">Enter the email address used to administer Mint below and your password will be emailed to you shortly.</td>
						</tr>
						<tr>
							<td><span><input type="text" id="emailReminder" name="emailReminder" value="<?php 
echo isset($_POST['email']) ? prevent_xss($_POST['email']) : '';
?>
" onblur="document.getElementById('email').value=this.value;" /></span></td>
							<td width="1"><input type="image" src="styles/<?php 
echo $Mint->cfg['preferences']['style'];
?>
/images/btn-send.png" alt="Send" class="btn-r" /></td>
						</tr>
					</table>
				</fieldset>
			</form>
		</div>
			
		<div class="footer">
			<div>
			</div>

Example #3

File: thank_you.tpl.php Project: spiritwild/biorhythm

<?php

$sponsor_id = prevent_xss($_GET['sponsor_id']);
?>
<h2>Thank you for your sponsor</h2>
<p>This is your Sponsor ID: <strong><?php 
echo $sponsor_id;
?>
</strong> , please <strong>REMEMBER</strong> this KEY to verify your payment! Should you have any question, please contact me via Email <a title="*****@*****.**" href="mailto:tung.42@gmail.com" class="rotate"><span data-title="*****@*****.**">tung.42@gmail.com</span></a>.</p>
<a class="button" href="/?p=race">Bonus Game</a>

Example #4

File: prep.inc.php Project: spiritwild/biorhythm

function init_lang_code()
{
    global $geoip_record;
    global $lang_codes;
    global $one_lang;
    $lang_code = 'vi';
    $country_code = isset($geoip_record) ? $geoip_record->country_code : 'VN';
    $country_codes = array('vi' => array('VN'), 'en' => array('UK', 'US'), 'ru' => array('RU', 'AM', 'AZ', 'BY', 'KZ', 'KG', 'MD', 'TJ', 'UZ', 'TM', 'UA'), 'es' => array('ES', 'CO', 'PE', 'VE', 'EC', 'GT', 'CU', 'BO', 'HN', 'PY', 'SV', 'CR', 'PA', 'GQ', 'MX', 'AR', 'CL', 'DO', 'NI', 'UY', 'PR'), 'zh' => array('CN', 'HK', 'MO', 'TW', 'SG'), 'ja' => array('JP'));
    if (isset($one_lang)) {
        setcookie('NSH:lang', $one_lang, time() + 10 * 365 * 24 * 60 * 60, '/' . $one_lang . '/');
        $lang_code = $one_lang;
    }
    if (!isset($_COOKIE['NSH:lang'])) {
        if (in_array($country_code, $country_codes['vi']) || is_public_server() || is_bot()) {
            setcookie('NSH:lang', 'vi', time() + 10 * 365 * 24 * 60 * 60, '/');
            $lang_code = 'vi';
        } else {
            if (in_array($country_code, $country_codes['en'])) {
                setcookie('NSH:lang', 'en', time() + 10 * 365 * 24 * 60 * 60, '/');
                $lang_code = 'en';
            } else {
                if (in_array($country_code, $country_codes['ru'])) {
                    setcookie('NSH:lang', 'ru', time() + 10 * 365 * 24 * 60 * 60, '/');
                    $lang_code = 'ru';
                } else {
                    if (in_array($country_code, $country_codes['es'])) {
                        setcookie('NSH:lang', 'es', time() + 10 * 365 * 24 * 60 * 60, '/');
                        $lang_code = 'es';
                    } else {
                        if (in_array($country_code, $country_codes['zh'])) {
                            setcookie('NSH:lang', 'zh', time() + 10 * 365 * 24 * 60 * 60, '/');
                            $lang_code = 'zh';
                        } else {
                            if (in_array($country_code, $country_codes['ja'])) {
                                setcookie('NSH:lang', 'ja', time() + 10 * 365 * 24 * 60 * 60, '/');
                                $lang_code = 'ja';
                            }
                        }
                    }
                }
            }
        }
    } else {
        if (isset($_COOKIE['NSH:lang'])) {
            $lang_code = $_COOKIE['NSH:lang'];
        }
    }
    $lang_code = isset($one_lang) ? $one_lang : (isset($_GET['lang']) && in_array($_GET['lang'], $lang_codes) ? prevent_xss($_GET['lang']) : $lang_code);
    return $lang_code;
}

Example #5

File: variables.inc.php Project: spiritwild/biorhythm

require_once realpath($_SERVER['DOCUMENT_ROOT']) . '/includes/ip/geoipcity.inc.php';
require_once realpath($_SERVER['DOCUMENT_ROOT']) . '/includes/ip/timezone.php';
$geoip = geoip_open(realpath($_SERVER['DOCUMENT_ROOT']) . '/includes/ip/GeoIPCity.dat', GEOIP_STANDARD);
$geoip_record = geoip_record_by_addr($geoip, $_SERVER['REMOTE_ADDR']);
$lang_codes = array('vi', 'en', 'ru', 'es', 'zh', 'ja');
$lang_fb_apis = array('vi' => 'vi_VN', 'en' => 'en_US', 'ru' => 'ru_RU', 'es' => 'es_ES', 'zh' => 'zh_CN', 'ja' => 'ja_JP');
$lang_g_apis = array('vi' => 'vi', 'en' => 'en-US', 'ru' => 'ru', 'es' => 'es', 'zh' => 'zh-CN', 'ja' => 'ja');
$lang_cse_apis = array('vi' => 'lang_vi', 'en' => 'lang_en', 'ru' => 'lang_ru', 'es' => 'lang_es', 'zh' => 'lang_zh-CN', 'ja' => 'lang_ja');
$navs = array('member/home', 'intro', 'bmi', 'lunar', '2048');
require_once realpath($_SERVER['DOCUMENT_ROOT']) . '/includes/prep.inc.php';
$brand = 'Nhip Sinh Hoc . VN';
$p = isset($_GET['p']) ? prevent_xss($_GET['p']) : 'home';
$q = isset($_GET['q']) ? prevent_xss($_GET['q']) : '';
$dob = isset($_GET['dob']) ? prevent_xss($_GET['dob']) : (isset($_COOKIE['NSH:remembered_dob']) ? $_COOKIE['NSH:remembered_dob'] : '');
$fullname = isset($_GET['fullname']) ? prevent_xss($_GET['fullname']) : (isset($_COOKIE['NSH:remembered_fullname']) ? $_COOKIE['NSH:remembered_fullname'] : '');
$embed = isset($_GET['embed']) ? prevent_xss($_GET['embed']) : 0;
$lang_code = init_lang_code();
$time_zone = 7;
$show_ad = true;
$show_donate = false;
$show_sponsor = false;
$show_addthis = false;
$show_sumome = false;
$clicktale = false;
$credential_id = 4;
//change this to 4 in DEMO
//$cdn_url = 'http://nhipsinhhoc.cdn.vccloud.vn';
$cdn_url = '';
$number = calculate_life_path($dob);
if (isset($_GET['dob']) && isset($_GET['diff']) && isset($_GET['is_secondary']) && isset($_GET['dt_change']) && isset($_GET['partner_dob']) && isset($_GET['lang_code'])) {
    $chart = new Chart($_GET['dob'], $_GET['diff'], $_GET['is_secondary'], $_GET['dt_change'], $_GET['partner_dob'], $_GET['lang_code']);