PHP sanitize_word_for_sql Examples

Programming Language: PHP

Method/Function: sanitize_word_for_sql

Examples at hotexamples.com: 2

PHP sanitize_word_for_sql - 2 examples found. These are the top rated real world PHP examples of sanitize_word_for_sql extracted from open source projects. You can rate examples to help us improve the quality of examples.

Example #1

Show file

File: search.php Project: holandacz/nb4

         }
         if (empty($errors)) {
             ($hook = vBulletinHook::fetch_hook('search_process_postindex')) ? eval($hook) : false;
         }
     }
 } else {
     // Fulltext ...
     foreach ($queryWords as $word => $wordtype) {
         // Need something here to strip odd characters out of words that fulltext is probably not indexing
         $queryword = preg_replace('#"([^"]+)"#sie', "stripslashes(str_replace('*', ' ', '\\0'))", $word);
         if ($wordtype != 'NOT') {
             $display['highlight'][] = htmlspecialchars_uni(preg_replace('#"(.+)"#si', '\\1', $queryword));
         }
         // make sure word is safe to insert into the query
         $unsafeword = $queryword;
         $queryword = sanitize_word_for_sql($queryword);
         if (!$vbulletin->options['allowwildcards']) {
             # Don't allow wildcard searches so remove any *
             $queryword = str_replace('*', '', $queryword);
         }
         $wordlist = iif($wordlist, "{$wordlist} ", $wordlist);
         switch ($wordtype) {
             case 'AND':
                 $wordlist .= "+{$queryword}";
                 break;
             case 'OR':
                 $wordlist .= $queryword;
                 break;
             case 'NOT':
                 $wordlist .= "-{$queryword}";
                 break;

Example #2

Show file

File: criteria.php Project: 0hyeah/yurivn

 /**
  *	Set the user filter
  *
  * @param string $username.  The name of the user.
  * @param bool $exactname.  If we should only look for an exact match
  * @param enum $groupuser.  If we should only search for the group user, the item user,
  *  or the default for the search type. On of the group constants in vB_Search_Core
  */
 public function add_user_filter($username, $exactmatch, $groupuser)
 {
     //we don't actually have a username, do nothing.
     if (!trim($username)) {
         return;
     }
     global $vbphrase;
     $field = $this->switch_field('user', $groupuser);
     //todo -- figure out how to handle based on $groupuser/contenttype
     $intro = $vbphrase['user'];
     if (!$exactmatch and strlen($username) < 3) {
         $this->add_error('searchnametooshort');
         return array();
     }
     $username = htmlspecialchars_uni($username);
     if ($exactmatch) {
         $db = $GLOBALS['vbulletin']->db;
         $sql_filter = "username = '******'";
     } else {
         $sql_filter = "username LIKE('%" . sanitize_word_for_sql($username) . "%')";
     }
     ($hook = vBulletinHook::fetch_hook('search_add_user_filter')) ? eval($hook) : false;
     $users = $this->get_user_data($sql_filter);
     if (count($users)) {
         $this->add_filter($field, vB_Search_Core::OP_EQ, array_keys($users), true);
         $this->set_user_display_string($intro, $users);
     }
 }