function replaceSingleQuote(&$val) { if (is_array($val)) { foreach ($val as $k => $v) { $val[$k] = replaceSingleQuote($v); } } else { $val = str_replace("'", "''", $val); } }
protected function _getFilter() { $this->xss_clean = true; $this->FilterRequest(); $filter_arr = array(); if ($this->post['act'] == 'list_filter' && $this->post['list_filter']) { if (!$_SESSION[SESSION_APP][$this->ctrl]['list_filter']) { $_SESSION[SESSION_APP][$this->ctrl]['list_filter'] = $this->post['list_filter']; } else { $_SESSION[SESSION_APP][$this->ctrl]['list_filter'] = array_merge($_SESSION[SESSION_APP][$this->ctrl]['list_filter'], $this->post['list_filter']); } } if ($_SESSION[SESSION_APP][$this->ctrl]['list_filter']) { foreach ($_SESSION[SESSION_APP][$this->ctrl]['list_filter'] as $r) { $key = $r['key']; $filter_arr1 = array(); foreach ($r['values'] as $k => $v) { replaceSingleQuote($v); if (!empty($v)) { $filter_arr1[] = 'a.' . $key . " = '{$v}'"; } } $filter_str = implode(' or ', $filter_arr1); if ($filter_str) { $filter_arr[] = "({$filter_str})"; } } } if ($this->post['act'] == 'search') { $_SESSION[SESSION_APP][$this->ctrl]['keyword'] = $this->post['keyword']; } if ($_SESSION[SESSION_APP][$this->ctrl]['keyword']) { $this->data['keyword'] = $keyword = strtolower($_SESSION[SESSION_APP][$this->ctrl]['keyword']); replaceSingleQuote($keyword); $filter_arr[] = " (lower(nama) like '%{$keyword}%' or lower(isi) like '%{$keyword}%')"; } if ($this->post['act'] == 'list_search' && $this->post['list_search']) { if (!$_SESSION[SESSION_APP][$this->ctrl]['list_search']) { $_SESSION[SESSION_APP][$this->ctrl]['list_search'] = $this->post['list_search']; } else { $_SESSION[SESSION_APP][$this->ctrl]['list_search'] = array_merge($_SESSION[SESSION_APP][$this->ctrl]['list_search'], $this->post['list_search']); } } if ($_SESSION[SESSION_APP][$this->ctrl]['list_search']) { foreach ($_SESSION[SESSION_APP][$this->ctrl]['list_search'] as $k => $v) { replaceSingleQuote($v); if (!empty($v)) { $filter_arr[] = "lower({$k}) like '%{$v}%'"; } } } $this->data['filter_arr'] = $_SESSION[SESSION_APP][$this->ctrl]['list_search']; if (count($filter_arr)) { $this->filter .= ' and ' . implode(' and ', $filter_arr); } return $this->filter; }
protected function _getFilter() { $this->xss_clean = true; $this->FilterRequest(); $filter_arr = array(); if ($this->post['act'] == 'list_filter') { if (!count($this->post['list_filter'])) { $_SESSION[SESSION_APP][$this->ctrl]['list_filter'] = array(); } elseif (!$_SESSION[SESSION_APP][$this->ctrl]['list_filter']) { $_SESSION[SESSION_APP][$this->ctrl]['list_filter'] = $this->post['list_filter']; } else { $_SESSION[SESSION_APP][$this->ctrl]['list_filter'] = array_merge($_SESSION[SESSION_APP][$this->ctrl]['list_filter'], $this->post['list_filter']); } } #format lama data = array(array('key'=>'id_matapelajaran','value'=>array('1','2','3'))) #format baru data = array('id_matapelajaran'=>array(1,2,3,4,5)) if ($_SESSION[SESSION_APP][$this->ctrl]['list_filter']) { $this->data['list_filter'] = $_SESSION[SESSION_APP][$this->ctrl]['list_filter']; foreach ($_SESSION[SESSION_APP][$this->ctrl]['list_filter'] as $key => $values) { $filter_arr1 = array(); foreach ($values as $k => $v) { replaceSingleQuote($v); if (!empty($v)) { $filter_arr1[] = $key . " = '{$v}'"; } } $filter_str = implode(' or ', $filter_arr1); if ($filter_str) { $filter_arr[] = "({$filter_str})"; } } } if ($this->post['act'] == 'search') { $_SESSION[SESSION_APP][$this->ctrl]['keyword'] = $this->post['keyword']; } if ($_SESSION[SESSION_APP][$this->ctrl]['keyword']) { $this->data['keyword'] = $keyword = strtolower($_SESSION[SESSION_APP][$this->ctrl]['keyword']); replaceSingleQuote($keyword); $filter_arr[] = " (lower(nama) like '%{$keyword}%' or lower(isi) like '%{$keyword}%')"; } if ($this->post['act'] == 'list_search' && $this->post['list_search']) { if (!$_SESSION[SESSION_APP][$this->ctrl]['list_search']) { $_SESSION[SESSION_APP][$this->ctrl]['list_search'] = $this->post['list_search']; } else { $_SESSION[SESSION_APP][$this->ctrl]['list_search'] = array_merge($_SESSION[SESSION_APP][$this->ctrl]['list_search'], $this->post['list_search']); } } if ($_SESSION[SESSION_APP][$this->ctrl]['list_search']) { foreach ($_SESSION[SESSION_APP][$this->ctrl]['list_search'] as $k => $v) { replaceSingleQuote($v); if (!empty($v)) { $filter_arr[] = "lower({$k}) like '%{$v}%'"; } } } $this->data['filter_arr'] = $_SESSION[SESSION_APP][$this->ctrl]['list_search']; if (count($filter_arr)) { $this->filter .= ' and ' . implode(' and ', $filter_arr); } return $this->filter; }
function PMBP_save_global_conf($global_conf_path = "") { global $CONF; global $PMBP_SYS_VAR; // to ensure that all configuration settings are saved @ignore_user_abort(TRUE); // create content for global.conf $file = "<?php\n\n// This file is automatically generated and modified by phpMyBackupPro " . PMBP_VERSION . "\n\n"; if (is_array($CONF)) { foreach ($CONF as $item => $conf) { // don't save multi server settings to gloabl_conf.php if ($item == "sql_host_s" || $item == "sql_user_s" || $item == "sql_passwd_s" || $item == "sql_db_s") { continue; } // don't store sql data in mu mode if ($_SESSION['multi_user_mode'] && ($item == "sql_passwd" || $item == "sql_host" || $item == "sql_user" || $item == "sql_db")) { continue; } // update $_SESSION['sql_host_org'] etc. if new sql data were entered on the config page if (basename($_SERVER['SCRIPT_NAME']) == "config.php") { $_SESSION['sql_host_org'] = htmlspecialchars($CONF['sql_host']); $_SESSION['sql_user_org'] = htmlspecialchars($CONF['sql_user']); $_SESSION['sql_passwd_org'] = htmlspecialchars($CONF['sql_passwd']); $_SESSION['sql_db_org'] = htmlspecialchars($CONF['sql_db']); } // save current $CONF['sql_...'] values only if we use the multi server mode if ($item == "sql_host" && count($CONF['sql_host_s'])) { $file .= "\$CONF['" . $item . "']=ue('" . htmlspecialchars(replaceSingleQuote($_SESSION['sql_host_org'])) . "');\n"; } elseif ($item == "sql_user" && count($CONF['sql_host_s'])) { $file .= "\$CONF['" . $item . "']=ue('" . htmlspecialchars(replaceSingleQuote($_SESSION['sql_user_org'])) . "');\n"; } elseif ($item == "sql_passwd" && count($CONF['sql_host_s'])) { $file .= "\$CONF['" . $item . "']=ue('" . htmlspecialchars(replaceSingleQuote($_SESSION['sql_passwd_org'])) . "');\n"; } elseif ($item == "sql_db" && count($CONF['sql_host_s'])) { $file .= "\$CONF['" . $item . "']=ue('" . htmlspecialchars(replaceSingleQuote($_SESSION['sql_db_org'])) . "');\n"; } else { // save the current values for all other settings $file .= "\$CONF['" . $item . "']=ue('" . htmlspecialchars(replaceSingleQuote($conf)) . "');\n"; } } } // unset 'last_scheduled_' values in sys vars which no longer belong to an account foreach ($PMBP_SYS_VAR as $key => $value) { if (substr($key, 0, 15) == "last_scheduled_" && substr($key, 15) >= count($CONF['sql_host_s'])) { unset($PMBP_SYS_VAR[$key]); } } // add system variables $file .= "\n"; foreach ($PMBP_SYS_VAR as $item => $sys_var) { $file .= "\$PMBP_SYS_VAR['" . $item . "']=ue('" . htmlspecialchars(replaceSingleQuote($sys_var)) . "');\n"; } $file .= "\n?>"; if (!$global_conf_path) { $global_conf_path = PMBP_GLOBAL_CONF; } return PMBP_save_to_file($global_conf_path, FALSE, $file, "w"); }