function display_date_range_selector($athlete_id, $start, $end) { # $monthago=date("j/n/Y",strtotime($start)); # $nextweek=date("j/n/Y",strtotime($end)); $start = validate_date($start, "eu", "eu"); $end = validate_date($end, "eu", "eu"); echo <<<ENDHTML <form action=view_log.php method=post > Select Date range: From <input type=text id=cal1_container name=startdate value="{$start}" > to <input type=text id=cal2_container name=enddate value="{$end}" > <input type=submit value=Go> <input type=hidden name=athlete_id value={$athlete_id} > </form> <!-- <TD> Experimental links: <a href=my_event_calendar.php > My Event Calendar </a> <a href=my_training_plan.php> My Training Plan</a> <a href=my_training_plan.php> My Training Plan</a> </TD> </TR> --> ENDHTML; }
protected function _post_args($key, $type = ARGS_TYPE_STRING, $default = '', $params = array()) { $value = ''; $post_default = ''; $key_exist = array_key_exists($key, $_POST); $override = array_key_exists('override', $params) ? $params['override'] : FALSE; $entities_to_ascii = array_key_exists('entities_to_ascii', $params) ? $params['entities_to_ascii'] : FALSE; $gtzero = array_key_exists('gtzero', $params) ? $params['gtzero'] : TRUE; switch ($type) { case ARGS_TYPE_STRING: $post_default = $override ? $default : ''; $value = $key_exist ? $this->input->post($key, TRUE) ? $this->input->post($key, TRUE) : $post_default : $default; if ($entities_to_ascii) { $value = entities_to_ascii($value); } break; case ARGS_TYPE_INT: $default = validate_integer($default) ? to_int($default) : 0; $post_default = $override ? $default : 0; $value = $key_exist ? ($value = $this->input->post($key)) && gtzero_integer($value) ? to_int($value) : $post_default : $default; break; case ARGS_TYPE_TRUE_FALSE: $default = validate_integer($default) ? gtzero_integer($default) ? TRUE : FALSE : FALSE; $post_default = $override ? $default : FALSE; $value = $key_exist ? ($value = $this->input->post($key)) && ($gtzero && gtzero_integer($value) || !$gtzero && validate_integer($value)) ? TRUE : $post_default : $default; break; case ARGS_TYPE_ARRAY: $value = $key_exist ? ($value = $this->input->post($key)) && is_array($value) ? $value : array() : (is_array($default) ? $default : array()); break; case ARGS_TYPE_DECIMAL: $default = gtzero_decimal($default) ? to_float($default) : 0; $post_default = $override ? $default : 0; $value = $key_exist ? ($value = $this->input->post($key)) && gtzero_decimal($value) ? to_float($value) : $post_default : $default; break; case ARGS_TYPE_DATE: $default = validate_date($default) ? $default : ''; $post_default = $override ? $default : ''; $value = $key_exist ? ($value = $this->input->post($key)) && validate_date($value) ? $value : $post_default : $default; break; case ARGS_TYPE_DATETIME: $default = validate_datetime($default) ? $default : ''; $post_default = $override ? $default : ''; $value = $key_exist ? ($value = $this->input->post($key)) && validate_date($value) ? $value : $post_default : $default; break; default: $post_default = $override ? $default : ''; $value = $key_exist ? $this->input->post($key, TRUE) ? $this->input->post($key, TRUE) : $post_default : $default; break; } unset($post_default); return $value; }
protected function execute(InputInterface $input, OutputInterface $output) { $app = $this->app; $yaml = new Parser(); $dir = Migration::getDirectory(); $files = Migration::getUnMigratedFiles($app); $output = Output::style($output); $total = count($files); $helper = $this->getHelper('question'); if ($total == 0) { $output->writeln('<error>No new files to be migrated.</error>'); return; } $output->writeln('<highlight>Migration will run the following files:</highlight>'); foreach ($files as $file) { $output->writeln("<info>- {$file}</info>"); } $question = new ConfirmationQuestion('<question>Are you sure you want to proceed? (Y/n):</question> ', false); if (!$helper->ask($input, $output, $question)) { return; } foreach ($files as $file) { $output->writeln("<info>- Migrating ({$file})</info>"); $content = $yaml->parse(file_get_contents($dir . '/' . $file)); $up = explode(';', trim($content['up'])); $up = array_filter($up); $date = element('date', $content); $author = element('author', $content); $changelog = element('changelog', $content); $dateFormat = validate_date($date); $fileFormat = Migration::validateFileFormat($file); if (!$fileFormat) { $output->writeln('<error>Invalid file format.</error>'); return; } elseif (!$dateFormat) { $output->writeln('<error>Invalid date (YYYY-mm-dd HH:mm:ss).</error>'); return; } elseif (!$author) { $output->writeln('<error>Invalid author.</error>'); return; } elseif (!$changelog) { $output->writeln('<error>Invalid changelog.</error>'); return; } foreach ($up as $query) { $app['db']::statement(trim($query)); } $info = Migration::getFileInfo($file); $app['db']->table('migrations')->insert(['version' => $info['version'], 'author' => $author, 'filename' => $file, 'changelog' => $changelog, 'created_at' => $date, 'updated_at' => new \DateTime()]); } }
$seconds = array(convert_time_seconds($duration[0]), convert_time_seconds($duration[1]), convert_time_seconds($duration[2]), convert_time_seconds($duration[3])); $distance = array($_POST["s_distance"], $_POST["b_distance"], $_POST["r_distance"], 0); $notes = array($_POST["s_notes"], $_POST["b_notes"], $_POST["r_notes"], $_POST["str_notes"]); $min_hr = array($_POST["s_min_hr"], $_POST["b_min_hr"], $_POST["r_min_hr"], 0); $avg_hr = array($_POST["s_avg_hr"], $_POST["b_avg_hr"], $_POST["r_avg_hr"], 0); $max_hr = array($_POST["s_max_hr"], $_POST["b_max_hr"], $_POST["r_max_hr"], 0); $avg_rpms = $_POST["avg_rpms"]; $calsburned = array($_POST["s_calsburned"], $_POST["b_calsburned"], $_POST["r_calsburned"], 0); $updatingswim = $_POST["updatingswim"]; $updatingbike = $_POST["updatingbike"]; $updatingrun = $_POST["updatingrun"]; $updatingblognotes = $_POST["updatingblognotes"]; $blog_notes = $_POST["blog_notes"]; for ($i = 0; $i < 3; $i++) { // Validate data. if (!validate_date($workout_date[$i])) { $error[$i] = true; } if (!validate_time($workout_time[$i])) { $error[$i] = true; } if (!validate_time($duration[$i])) { $error[$i] = true; } if (!validate_distance($distance[$i])) { $error[$i] = true; } if (!validate_notes($notes[$i])) { $error[$i] = true; } if (!validate_heartrate($min_hr[$i])) {
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ require "headers.php"; $search_phase = mysql_escape_string($_POST['query']); // for normal search $next_link = $_GET['a']; // for pagination $predefined = $_GET['b']; // for predefined if ($predefined) { $search_phase = decode_predefined($predefined, $token, $url_key); } // for predefined if ($next_link) { $s_variables = decode_search_url($next_link, $token, $url_key); $tslice_next = validate_date($s_variables[tslice]); $search_phase = $s_variables[search_phase]; $offset_arch = $s_variables[offset_arch]; $offset_day = $s_variables[offset_day]; $tag_count = $s_variables[tag_count]; } if ($tag_count == "t") { $start_from = $offset_day; } $plain_phase = $search_phase; // fix me include "upper.php"; //need to initialize counter here $r = 0; // we need to rewrite this part internaly... if (!$search_phase) {
return ''; } //error msgs - - - - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - $image_type_error = "No valid image was selected. File must be of type gif, jpeg, png or bmp."; $chars_error = "Please do not use symbols or special characters."; $invalid_title_error = "Invalid Title."; $invalid_title_error .= $chars_error; $invalid_description_error = "Invalid description."; $invalid_description_error .= $chars_error; $invalid_date = "Invalid Date."; $impossible_event_date = "The chosen date has already passed."; //verify if input is valid - - - - - - - - - - - - - - - - - - - - - - - - //validate date $event_date = date("Y-m-d", strtotime($_POST['event_date'])); $current_datetime = date("Y-m-d H:i:s"); if (!validate_date($event_date)) { header("Location: create_event.php?errorMsg=" . urlencode($invalid_date)); return ''; } if (strtotime($event_date) - strtotime($current_datetime) < 0) { header("Location: create_event.php?errorMsg=" . urlencode($impossible_event_date)); return ''; } //validate image $image_type = exif_imagetype($_FILES['image']['tmp_name']); if ($image_type == null) { header("Location: create_event.php?errorMsg=" . urlencode($image_type_error)); return ''; } $file_extension; switch ($image_type) {
$active = isset($_POST['active']) && $_POST['active'] == 'on'; // validate input $valid = true; if (empty($title)) { $title_error = 'Please enter Title'; $valid = false; } if (empty($url)) { $url_error = 'Please enter URL'; $valid = false; } if (empty($uploaded_on)) { $uploaded_on_error = 'Please enter Upload Date'; $valid = false; } if (!validate_date($uploaded_on)) { $uploaded_on_error = 'Please enter upload date in format YYYY-MM-dd'; $valid = false; } // insert data if ($valid) { // first check if we already have this url $sql = "SELECT title FROM bayans WHERE url = '{$url}'"; $already_saved = false; foreach ($PDO->query($sql) as $row) { $existing_url_for_title = $row['title']; $already_saved = true; break; } if (!$already_saved) { $PDO->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
require "headers.php"; include "upper.php"; print '<h2>' . $trash_name[$lang] . '</h2>'; print '<small>' . $trash_desc[$lang] . '</small></h2>'; $action = $_GET['a']; // decompose link $variables = decode_url2($action, $token, $url_key); $tslice = $variables[tslice]; $talker = $variables[talker]; $server = $variables[server]; $action = $variables[action]; $lnk = $variables[lnk]; // validation $talker = mysql_escape_string($talker); $server = mysql_escape_string($server); if (validate_date($tslice) == "f") { unset($action); $unset($tslice); } if ($action == "undelete") { if (undo_deleted_chat($talker, $server, $user_id, $tslice, $xmpp_host, $lnk) == "t") { $back_link = "{$tslice}@{$talker}@{$server}@"; $back_link = encode_url($back_link, $token, $url_key); print '<center><div style="background-color: #fad163; text-align: center; font-weight: bold; width: 200pt;">' . $undo_info[$lang] . '<br>'; print '<a href="' . $view_type . '?a=' . $back_link . '" style="color: blue;">' . $trash_vit[$lang] . '</a></div></center><br>'; } else { unset($talker); print '<center><div style="background-color: #fad163; text-align: center; font-weight: bold; width: 200pt;">'; print 'Unusual error accured during processing your request. Please report it (Code:JUF).</div></center>'; } }
} else { $valid_name = 1; } if (!validate_cost($amount)) { error_message("Amount can't be blank!"); $valid_amount = 0; } else { $valid_amount = 1; } if (!validate_date($sdate)) { error_message("Start date can't be blank!"); $valid_sdate = 0; } else { $valid_sdate = 1; } if (!validate_date($edate)) { error_message("End date can't be blank!"); $valid_edate = 0; } else { $valid_edate = 1; } if ($valid_name && $valid_discount && $valid_amount && $valid_sdate && $valid_edate) { //add it! $addcoupon_query = "call couponAdd( '{$name}', '{$amount}', '{$sdate}', '{$edate}' )"; if ($dbconn->query("{$addcoupon_query}")) { //Now, link the coupon the the product in the tbl_ProductCoupon table $addcoupon_id_query = "SELECT LAST_INSERT_ID()"; $addcoupon_id_query_result = $dbconn->query("{$addcoupon_id_query}"); while ($row = mysqli_fetch_array($addcoupon_id_query_result)) { $coupon_id = $row['LAST_INSERT_ID()']; }
} if (isset($_POST['imdb_rating'])) { $imdb_rating = fix_string($_POST['imdb_rating']); } if (isset($_POST['rating'])) { $rating = fix_string($_POST['rating']); } if (isset($_POST['date'])) { $date = fix_string($_POST['date']); } $fail = validate_title($title); $fail .= validate_director($director); $fail .= validate_year($year); $fail .= validate_rating($rating); $fail .= validate_imdb_rating($imdb_rating); $fail .= validate_date($date); if ($fail == '') { $connection = new mysqli($db_hostname, $db_username, $db_password, $db_database); $ti_temp = mysql_entities_fix_string($connection, $title); $di_temp = mysql_entities_fix_string($connection, $director); $ye_temp = mysql_entities_fix_string($connection, $year); $im_temp = mysql_entities_fix_string($connection, $imdb_rating); $ra_temp = mysql_entities_fix_string($connection, $rating); $da_temp = mysql_entities_fix_string($connection, $date); if (isset($_POST['entry_id'])) { $ei_temp = mysql_entities_fix_string($connection, $_POST['entry_id']); $query = "UPDATE movies SET title='{$ti_temp}', director='{$di_temp}', year='{$ye_temp}',\n imdb_rating='{$im_temp}', rating='{$ra_temp}', date='{$da_temp}'\n WHERE user_id='{$user_id}' AND entry_id='{$ei_temp}'"; } else { $query = "INSERT INTO movies(title, director, year, imdb_rating, rating, date, user_id)\n VALUES('{$ti_temp}', '{$di_temp}', '{$ye_temp}', '{$im_temp}', '{$ra_temp}', '{$da_temp}',\n '{$user_id}')"; } $result = $connection->query($query);
<tr><td height="57"><a href="' . $view_type . '"><img src="img/' . $brand_logo . '" alt="logo" border="0"></a></td></tr> <tr><td valign="top" height="35"><form action="search_v2.php" method="post"> <input id="t_search" type="text" name="query" class="cc" value="' . htmlspecialchars(stripslashes($search_phase)) . '"> '); if ($search_loc == 1) { if (isset($_GET[c])) { $enc->decrypt_url($_GET['c']); $time2_start = $enc->time_start; $time2_end = $enc->time_end; } else { $time2_start = $_POST[time2_start]; $time2_end = $_POST[time2_end]; if (validate_date($time2_start) === false) { unset($time2_start); } if (validate_date($time2_start) === false) { unset($time2_end); } } if ($time2_start and $time2_end) { if (strtotime("{$time2_start}") > strtotime("{$time2_end}")) { $alert = $time_range_w[$lang]; unset($search_phase); } } $db->get_uniq_chat_dates(); $result = $db->result; foreach ($result as $row) { $r++; $to_tble[$r] = $row[at]; }
if ($tslice != "") { list($y, $m, $selected) = split("-", $tslice); $mo = "{$y}-{$m}"; } else { if (isset($left)) { $mo = $left; } if (isset($right)) { $mo = $right; } } if (!isset($mo)) { $mo = date("Y-n"); } // validate mo if fail, silently fallback to current date if (validate_date($mo . "-1") === false) { unset($tslice); unset($e_string); unset($talker); $mo = date("Y-m"); } // master div $html->set_body('<div>'); // calendar div if ($talker) { $float = "left;"; } else { $float = "none;"; } // select list $db->get_user_stats_drop_down();
} else { $valid_discount = 1; } if (!validate_cost($amount)) { error_message("Check entry for amount<br/>"); $valid_amount = 0; } else { $valid_amount = 1; } if (!validate_date($startdate)) { error_message("Check entry for start date<br/>"); $valid_startdate = 0; } else { $valid_startdate = 1; } if (!validate_date($enddate)) { error_message("Check entry for end date<br/>"); $valid_enddate = 0; } else { $valid_enddate = 1; } // we should be validated at this point if ($valid_name && $valid_discount && $valid_amount && $valid_startdate && $valid_enddate) { $update_query = "UPDATE tbl_Coupon SET name='{$name}', amount='{$amount}', startDate='{$startdate}',endDate='{$enddate}' WHERE couponId='{$selectcoupon}'"; //run the query and report the result. if ($dbconn->query("{$update_query}")) { ok_message("Coupon updated!"); } else { error_message("Something went wrong"); } } else {
/** * Validation of a date/time which checks if the string passed is a valid date and time. * **Allowed date formats** * * - `d-m-y` 31-12-2014 separators can be a period, dash, forward slash, but not allow space * - `m-d-y` 12-31-2014 separators can be a period, dash, forward slash, but not allow space * - `y-m-d` 2014-12-31 separators can be a period, dash, forward slash, but not allow space * * @param string $value The date/time string being checked * @param string $dateFormat The date format only to be validated against. Default is y-m-d for 2014-12-31. * @param string $timeFormat The time format: 12, 24 or both * * @return bool TRUE on success; FALSE on failure */ function validate_datetime($value, $dateFormat = 'y-m-d', $timeFormat = 'both') { if (empty($value)) { return true; } $value = trim($value); $generalPattern = '/^([\\d]{1,4}[-\\/.][\\d]{1,2}[-\\/.][\\d]{1,4})(\\s+.{4,}\\s*(am|pm)?)$/i'; if (preg_match_all($generalPattern, $value, $matches)) { $date = $matches[1][0]; $time = $matches[2][0]; return validate_date($date, $dateFormat) && validate_time($time, $timeFormat); } else { return false; } }
} if (!validate_text(1, htmlspecialchars($_POST['logonname']))) { error_message("Check entry for logon username"); $valid_logon = 0; } else { $username = htmlspecialchars($_POST['logonname']); $valid_logon = 1; } if (!validate_password(htmlspecialchars($_POST['password']))) { error_message("Check entry for password"); $valid_password = 0; } else { $password = htmlspecialchars($_POST['password']); $valid_password = 1; } if (!validate_date(htmlspecialchars($_POST['hiredate']))) { error_message("Check entry for hire date"); $valid_hiredate = 0; } else { $hiredate = htmlspecialchars($_POST['hiredate']); $valid_hiredate = 1; } // we should be validated at this point if ($valid_fname && $valid_lname && $valid_logon && $valid_password && $valid_hiredate) { //hash the password $password = md5($password); $admin = $_POST['role']; $add_query = "call employeeAdd('{$username}', '{$password}', '{$firstname}', '{$lastname}', '{$admin}', '{$hiredate}')"; //run the query and report the result. if ($dbconn->query("{$add_query}")) { ok_message("User added!");
// Return FALSE if there aren't 3 items: if (count($array) != 3) { return false; } // Return FALSE if it's not a valid date: if (!checkdate($array[0], $array[1], $array[2])) { return false; } // Return the array: return $array; } // End of validate_date() function. // Check for a form submission: if (isset($_POST['start'], $_POST['end'])) { // Call the validation function on both dates: if ((list($sm, $sd, $sy) = validate_date($_POST['start'])) && (list($em, $ed, $ey) = validate_date($_POST['end']))) { // If it's okay, adjust the DateTime objects: $start->setDate($sy, $sm, $sd); $end->setDate($ey, $em, $ed); // The start date must come first: if ($start < $end) { // Determine the interval: $interval = $start->diff($end); // Print the results: echo "<p>The event has been planned starting on {$start->format($format)} and ending on {$end->format($format)}, which is a period of {$interval->days} day(s).</p>"; } else { // End date must be later! echo '<p class="error">The starting date must precede the ending date.</p>'; } } else { // An invalid date!
/** * Change date format * * @param string $date * @param string $formatFrom d-m-Y * @param string $formatTo Y-m-d * @return string */ function change_date_format($date, $formatFrom, $formatTo) { if (!$date || !validate_date($date, $formatFrom)) { return ''; } return \DateTime::createFromFormat($formatFrom, $date)->format($formatTo); }
if ($process_id == "2") { // remove first seq as this is always request_id... array_shift($_POST); // control $num = count($_POST); $i = 0; while (array_keys($_POST)) { $i++; $enc_data = array_shift($_POST); // decompose data $variables = decode_url2($enc_data, $token, $url_key); $tslice = $variables[tslice]; $talker = $variables[talker]; $server = $variables[server]; // validate if (validate_date($tslice) == "f" or !ctype_digit($talker) or !ctype_digit($server)) { print '<div class="message" style="width: 400px;">'; print $ajax_error[$lang] . '<br><a href="#" onClick="$(\'#fav_result\').fadeOut(\'slow\');" ><u>' . $fav_discard[$lang] . '</u></a></div>'; exit; } $query = "delete from jorge_favorites where owner_id='{$user_id}' and peer_name_id='{$talker}' and peer_server_id='{$server}' and tslice='{$tslice}'"; mysql_query($query); // stop on any error if (mysql_errno() > 0) { print '<div class="message" style="width: 400px;">'; print $ajax_error[$lang] . '<br><a style="font-weight: normal;" href="#" onClick="$(\'#fav_result\').fadeOut(\'slow\');" ><u>' . $fav_discard[$lang] . '</u></a>'; print '</div><br>'; exit; } } if ($i == $num and $num != 0) {
function is_time_format($timeFormatString) { return validate_date($timeFormatString, 'H:i:s'); }
print '<input id="t_search" type="text" name="query" class="cc" value="' . $search_phase . '">' . "\n"; if ($search_loc == 1) { if (isset($_GET[c])) { $trange_from_get = $_GET[c]; $time2s = decode_trange($trange_from_get, $token, $url_key); $time2_start = $time2s[0]; $time2_end = $time2s[1]; } else { $time2_start = $_POST[time2_start]; $time2_end = $_POST[time2_end]; } if ($time2_start or $time2_end) { if (validate_date($time2_start == "f")) { unset($time2_start); } if (validate_date($time2_start == "f")) { unset($time2_end); } if ($time2_start and $time2_end) { if (strtotime("{$time2_start}") > strtotime("{$time2_end}")) { $alert = $time_range_w[$lang]; unset($search_phase); } } } $result = db_q($user_id, $server, $tslice_table, $talker, $search_p, 1, $offset_arch, $xmpp_host); while ($results = mysql_fetch_array($result)) { $r++; $to_tble[$r] = $results[at]; } print '<select class="cc" name="time2_start" style="text-align: center;">' . "\n";
function startElement($parser, $name, $attrs) { global $all_data, $CVE, $debug, $output, $insert, $vendor, $vendors, $product, $products, $vers, $count_entries, $desc_type, $html_output, $vendor_array; if ($debug) { echo "processing tag named '{$name}'\n"; } // // the switch statement should enumerate all of the possible name tags. // State is kept using global variables, so that nested tags can // access their context. // switch ($name) { case 'ENTRY': $count_entries++; // get name and publication date $CVE = validate_CVE($attrs['NAME']); $published = validate_date($attrs['PUBLISHED']); $CVSS_score = ''; $severity = ''; $CVSS_base = ''; $custom_severity = ''; if (isset($attrs['CVSS_SCORE'])) { $CVSS_score = $attrs['CVSS_SCORE']; } if (isset($attrs['SEVERITY'])) { $severity = $attrs['SEVERITY']; } if (isset($attrs['CVSS_BASE_SCORE'])) { $CVSS_base = $attrs['CVSS_BASE_SCORE']; } //assign custom severity here //example: if (floatval($CVSS_base) > 4) { $custom_severity = 'HIGH'; } else { if (floatval($CVSS_base) > 3) { $custom_severity = 'MEDIUM'; } else { $custom_severity = 'LOW'; } } $vendors = ''; $products = ''; $versions = ''; // other attributes, such as severity, are available // see http://nvd.nist.gov/download/nvdcve-xmldoc.cfm if ($debug) { echo "found CVE entry {$CVE} with publication date " . $attrs['PUBLISHED'] . "\n"; } if ($output) { if ($html_output) { echo "\"<a href = \"http://web.nvd.nist.gov/view/vuln/detail?vulnId={$CVE}\">{$CVE}</a>\","; } else { echo "\"{$CVE}\","; } echo "\"{$published}\",\"{$CVSS_score}\",\"{$severity}\",\"{$custom_severity}\","; } break; case 'DESCRIPT': // if there ever was more than one type of description // remember which source with a global // NVD or CVE $desc_type = $attrs['SOURCE']; // reset data accumulator $all_data = ''; // need to wait for end tag to get contents //if ($output) { // echo "\"$desc_type\","; //} break; case 'PROD': $vendor = $attrs['VENDOR']; $product = $attrs['NAME']; $vendor_array = ''; $vers = ''; if ($CVE == '') { echo "error, no CVE number"; die; } if ($debug) { echo "found vendor {$vendor}"; echo " found product {$product}\n"; } if ($vendor == "") { // this happens echo "NVD integrity alert: no vendor for product {$product}, CVE is {$CVE}\n"; } if ($product == "") { echo "NVD integrity alert: no product, CVE is {$CVE}\n"; } if ($output) { $vendor_array .= "{$vendor} - {$product};"; //$products .= $product; echo "\"{$vendor}\",\"{$product}\","; } break; case 'LOSS_TYPES': break; case 'VULNS_TYPES': break; case 'REF': // source, url, etc... if ($debug) { echo " reference from " . $attrs['SOURCE']; echo " is available at " . $attrs['URL']; echo "\n"; } $all_data = ''; // need to wait for end tag to get contents #if ($output) { # echo "\"" . $attrs['SOURCE'] . "\",\"" . $attrs['URL'] . "\","; #} break; case 'VERS': if (isset($attrs['NUM'])) { $vers .= $attrs['NUM']; } if (isset($attrs['EDITION'])) { $vers .= ' ' . $attrs['EDITION']; } if ($debug) { echo " version " . $attrs['NUM']; echo " of product {$product} is vulnerable\n"; } if ($output) { echo "\"{$vers}\","; } break; case '': break; } }
function validate_form_data($details, $columns) { # Validate Form Data # check Date fields foreach ($details as $column) { # Get Form Data ${$column} = $columns[$column]; # if a field has been left blank then remove it from the columns list # prevents attempts to add a null value to a not null field type # (eg. integer). Will have to add an extra check for mandatory fields tba. if ("X{${$column}}" == "X") { unset($columns[$column]); # Skip the rest of this foreach loop continue; } $query = "SELECT {$column} from log limit 1"; #$result = pg_query($query) or die('Query failed: ' . pg_last_error()); $result = do_sql($query); $type = pg_field_type($result, 0); // Check some specific columns // Distance: if not set then set to zero switch ($column) { case "distance": if ("X{$columns[$column]}" == "X") { $columns[$column] = 0; } elseif (preg_match("/\\s*(\\d+\\.?\\d*)\\s*(\\w*)\\s*/", $columns[$column], $parts)) { #$parts = $matches[0]; $units = array("km", "m", "miles", "mi"); if (in_array($parts[2], $units)) { $columns[$column] = $parts[1]; $columns["distance_units"] = $parts[2]; } else { $columns[$column] = $parts[1]; } } break; } // Check that all field entries are valid for their data type. switch ($type) { case "date": if ($formatted_date = validate_date(${$column}, "eu", "eu")) { #${$column}=$formatted_date ; $columns[$column] = $formatted_date; } else { bad_data($column, $type, $columns[$column]); } break; case "interval": if ($formatted_interval = validate_interval(${$column})) { #${$column}=$formatted_interval ; $columns[$column] = $formatted_interval; } else { bad_data($column, $type, $columns[$column]); } break; case "bool": if ("X{$columns[$column]}" == "X") { // if blank then assume false. $columns[$column] = "n"; } elseif (!validate_boolean(${$column})) { bad_data($column, $type, $columns[$column]); } break; case "int4": if (is_int(intval($columns[$column])) || $columns[$column] == 0) { $columns[$column] = intval($columns[$column]); } else { bad_data($column, $type, $columns[$column]); } break; case "float4": if (is_numeric($columns[$column])) { break; } else { bad_data($column, $type, $columns[$column]); } break; case "text": # Might want to limit length here break; } } // return the array of corrected columns return $columns; ## END OF FUNCTION }
$sql = "update project p set owner_id={$owner_id} where prj_id={$prj_id}"; $resultSet = $dbConn->Execute($sql); } // update if ($validator_clearance) { if (isset($_POST['bsubmit']) && isset($_POST['prj_id']) && isset($_POST['afko']) && isset($_POST['project_description']) && isset($_POST['year'])) { if (isset($_POST['comment'])) { $comment = pg_escape_string($_POST['comment']); } else { $comment = ''; } $description = $_POST['project_description']; $afko = trim($_POST['afko']); $year = $_POST['year']; $course = $_POST['course']; $valid_until = validate_date($_POST['valid_until']); if ($_POST['bsubmit'] == 'Update' && isset($_POST['prj_id'])) { $sql = "begin work;\n" . "update project set prj_id={$prj_id}, afko='{$afko}', description='{$description}',\n" . "year={$year}, comment='{$comment}', valid_until='{$valid_until}',course={$course}\n" . "where prj_id={$prj_id} and owner_id='{$peer_id}';"; if (isset($_POST['activity_project'])) { $sql .= "insert into activity_project select {$prj_id} where {$prj_id} not in (select prj_id from activity_project);\n"; } else { $sql .= "delete from activity_project where prj_id={$prj_id};\n"; } $sql .= "commit;\n"; $resultSet = $dbConn->Execute($sql); if ($resultSet === false) { die("<br>Cannot update project values with " . $sql . " reason " . $dbConn->ErrorMsg() . "<br>"); } $_SESSION['prj_id'] = $prj_id; } }
function load_the_form() { $html = ''; //check if exitst if (isset($_POST['lessons-id'])) { //validate if (get_posts($_POST['lessons-id'])) { //update or add database if (get_option('namaste_csv_lesson_id')) { update_option('namaste_csv_lesson_id', $_POST['lessons-id']); } else { add_option('namaste_csv_lesson_id', $_POST['lessons-id']); } } else { //error msg $html .= '<p style="color:red;font-weight:bold;">' . __('Either lesson id is not in the data base or it is not a number.', 'namaste-csv') . '</p>'; } } //check if exitst if (isset($_POST['namaste_csv_start_date'])) { //validate if (validate_date($_POST['namaste_csv_start_date'])) { //update database if (get_option('namaste_csv_start_date')) { update_option('namaste_csv_start_date', $_POST['namaste_csv_start_date']); } else { add_option('namaste_csv_start_date', $_POST['namaste_csv_start_date']); } } else { //error msg $html .= '<p style="color:red;font-weight:bold;">' . __('Incorrect date or date format.', 'namaste-csv') . '</p>'; } } if (isset($_POST['namaste_csv_end_date'])) { if (validate_date($_POST['namaste_csv_end_date'])) { //update database if (get_option('namaste_csv_end_date')) { update_option('namaste_csv_end_date', $_POST['namaste_csv_end_date']); } else { add_option('namaste_csv_end_date', $_POST['namaste_csv_end_date']); } } else { //error msg $html .= '<p style="color:red;font-weight:bold;">' . __('Incorrect date or date format.', 'namaste-csv') . '</p>'; } } $html .= "<form method='post'>"; $html .= "<label for='lessons-id'>" . __('Lessons id', 'namaste-csv') . "</br><input type='number' name='lessons-id' id='lessons-id' value='" . get_option('namaste_csv_lesson_id') . "'></label></br>"; $html .= "<label for='namaste_csv_start_date'>" . __('Lessons start date', 'namaste-csv') . "</br><input type='text' name='namaste_csv_start_date' id='namaste_csv_start_date' value='" . get_option('namaste_csv_start_date') . "' placeholder='format: yyyy-mm-dd'></label></br>"; $html .= "<label for='namaste_csv_end_date'>" . __('Lessons end date', 'namaste-csv') . "</br><input type='text' name='namaste_csv_end_date' id='namaste_csv_end_date' value='" . get_option('namaste_csv_end_date') . "' placeholder='format: yyyy-mm-dd'></label></br>"; $html .= "<input type='submit' value='" . __('Submit', 'namaste-csv') . "'>"; $html .= "</form>"; return $html; }
function get_athlete_data($athlete_id, $details_to_view, $split, $startdate, $enddate, $extra) { // Set start and end dates $startdmy = validate_date($startdate, "eu", "eu"); $enddmy = validate_date($enddate, "eu", "eu"); // Get array of dates in this range (range array dates are in Epoch secs) $daterange = generate_date_range($startdmy, $enddmy); $numcols = count($details_to_view); # Get this athlete's data from the db $result = do_sql("SELECT * from log \n WHERE athlete_id = '{$athlete_id}' and parent_session=0 \n and start_date >= '{$startdmy}' and start_date <= '{$enddmy}'\n ORDER BY start_date, start_time, stage "); // get first entry $row = pg_fetch_array($result, null, PGSQL_ASSOC); // Start date loop to print each date foreach ($daterange as $date) { // Check for new week (Monday) if (preg_match("/Mon/i", date("D", $date))) { // if it is Monday then print a weekly totals row show_week_row($athlete_id, $date, $numcols); } // print the day info row print_date_row($date); // Check that main entry has been selected for viewing and print it // need pg style Y-n-j date for comparison $pgdate = date("Y-m-d", $date); // Display the entries for the day if they exist do { // if the row does not match the current date then break // from this while loop into the next date loop iteration $start_date = $row['start_date']; if ("{$pgdate}" == "{$start_date}") { $session_id = $row['session_id']; check_for_subsessions_and_print($athlete_id, $session_id, $details_to_view, $split, $row, $extra); // Get next row data and see if it is for this date while ($row = pg_fetch_array($result, null, PGSQL_ASSOC)) { $start_date = $row['start_date']; if ("{$pgdate}" == "{$start_date}") { echo "<TR><TD class=firstcolumn> </TD>\n"; $session_id = $row['session_id']; check_for_subsessions_and_print($athlete_id, $session_id, $details_to_view, $split, $row, $extra); } else { //if it's not then get the next date (hanging on to this row data) break 2; } // end of while loop } } else { print_blank_row($details_to_view); break; } // end of do/while loop } while ($row = pg_fetch_array($result, null, PGSQL_ASSOC)); //end of foreach date loop } // END OF FUNCTION }
if ($tslice != "") { list($y, $m, $selected) = split("-", $tslice); $mo = "{$y}-{$m}"; } else { if (isset($left)) { $mo = $left; } if (isset($right)) { $mo = $right; } } if (!isset($mo)) { $mo = date("Y-n"); } // validate mo if fail, silently fallback to current date if (validate_date($mo . "-1") == "f") { unset($tslice); unset($e_string); unset($talker); $mo = date("Y-m"); } $get_chats = "select substring(at,1,7) as at_send, at from `logdb_stats_{$xmpp_host}` where owner_id = '{$user_id}' group by substring(at,1,7) order by str_to_date(at,'%Y-%m-%d') desc"; $ch_mo = mysql_query($get_chats); // master div print '<div>' . "\n"; // calendar div if ($talker) { $float = "left;"; } else { $float = "none;"; }
if ($canAdd) { // Check that user can add a contract to this property $errors = array(); // Check if post values are set. If false, user has opened page the first time if (isset($_POST['tenant']) || isset($_POST['tenantCnt']) || isset($_POST['startDate']) || isset($_POST['endDate']) || isset($_POST['dayOfPayment']) || isset($_POST['frequency'])) { require $relative . 'data/php/user/validate.inc'; // Validate POST values if (!isset($_POST['tenant']) || $_POST['tenant'] == '') { $errors['tenant'] = 'Please select a tenant'; } if (!is_numeric($_POST['tenantCnt'])) { $errors['tenantCnt'] = 'Please specify a valid number of tenants'; } validate_date($errors, $_POST['startDate'], 'startDate'); if (isset($_POST['endDate']) && $_POST['endDate'] != '') { validate_date($errors, $_POST['endDate'], 'endDate'); } if (!isset($_POST['dayOfPayment']) || $_POST['dayOfPayment'] == '') { $errors['dayOfPayment'] = 'Please select a day of payment'; } if (!isset($_POST['frequency']) || $_POST['frequency'] == '') { $errors['frequency'] = 'Please select the frequency of rent payment'; } if (!isset($errors['tenant']) && !isset($errors['tenantCnt']) && !isset($errors['startDate']) && !isset($errors['endDate']) && !isset($errors['dayOfPayment']) && !isset($errors['frequency'])) { // form is valid // Check to see if the tenant is in a contract that hasn't ended yet $query = 'SELECT tenant FROM contract WHERE tenant = ? AND ended = 0;'; $result = select($query, array(intval($_POST['tenant'])), false); if ($result == false) { // Tenant can have a new contract $tenant = intval($_POST['tenant']);