function clean_text($text) { $text = strip_tags($text); $text = str_replace('\\', '', $text); $text = str_replace("\r\n", '', $text); $text = strip_chars($text); $text = utf8_encode($text); return $text; }
list($date, $name, $mesg) = explode('|', $line); echo '<p>Are you sure you want to delete this entry?</p>'; echo '<p><b>' . $name . '</b> - on ' . date(DATE_FORMAT, $date) . '<br />' . $mesg . '</p>'; echo '<p><a href="' . SELF . '?func=power2me&d=' . $_GET['d'] . '&c=1">Yes</a> - <a href="' . SELF . '?func=power2me">No</a></p>'; break 2; } } fclose($fp); echo '<p>There was an error finding this post, it doesn\'t seem to exist<br />Go back to the <a href="' . SELF . '?func=power2me">admin</a> page and try again</p>'; } elseif (isset($_GET['e'])) { /*================================*\ -- admin edit -- \*================================*/ if (isset($_GET['c'])) { $name = isset($_POST['name']) ? strip_chars($_POST['name']) : NULL; $mesg = isset($_POST['mesg']) ? strip_chars($_POST['mesg']) : NULL; $errors = NULL; $name_len = strlen($name); $mesg_len = strlen($mesg); if ($name) { if ($name_len > MAX_NAME_LEN) { $errors = '- Name is too long, ' . $name_len . ' (Max: ' . MAX_NAME_LEN . ')<br />'; } } else { $errors = '- Name field is empty<br />'; } if ($mesg) { if ($mesg_len > MAX_MESG_LEN) { $errors .= '- Message is too long, ' . $mesg_len . ' (Max: ' . MAX_MESG_LEN . ')<br />'; } elseif ($mesg_len < MIN_MESG_LEN) { $errors .= '- Message is too short (Min: ' . MIN_MESG_LEN . ')<br />';
$str_qry .= " AND t.CCnumber = '" . etelEnc(strip_chars($txt_cc)) . "' "; } if ($txt_telephone) { $str_qry .= " AND t.phonenumber = '" . strip_chars($txt_telephone) . "'"; } if ($txt_email) { $str_qry .= " AND t.email = '{$txt_email}' "; } if ($txt_reference) { $str_qry .= " AND t.reference_number = '" . strtoupper($txt_reference) . "' "; } if ($txt_cancel) { $str_qry .= " AND t.cancel_refer_num = '{$txt_cancel}' "; } if ($txt_checkingaccount && $txt_bankrouting) { $str_qry .= " AND t.bankaccountnumber = '" . strip_chars($txt_checkingaccount) . "' AND bankroutingcode = '{$txt_bankrouting}' "; } if (!$str_qry) { $str_qry = " And 0 "; } $i_customer_service_id = -1; if (isset($_SESSION["sessionService"])) { $i_customer_service_id = 0; } else { if (isset($_SESSION["sessionServiceUserId"])) { $i_customer_service_id = $_SESSION["sessionServiceUserId"]; } } if ($i_customer_service_id == 0) { $str_company_ids = "A"; }