/** * Validate and add a topic. * * @access public * @param array $data * @return boolean|int */ public function add($data) { $this->set($data); if ($this->validates()) { $isAdmin = $this->Session->read('Forum.isAdmin'); if (($secondsLeft = $this->checkFlooding($this->settings['topic_flood_interval'])) > 0 && !$isAdmin) { return $this->invalidate('title', 'You must wait %s more second(s) till you can post a topic', $secondsLeft); } else { if ($this->checkHourly($this->settings['topics_per_hour']) && !$isAdmin) { return $this->invalidate('title', 'You are only allowed to post %s topic(s) per hour', $this->settings['topics_per_hour']); } else { $data['title'] = Sanitize::clean($data['title']); $this->create(); $this->save($data, false, array('forum_id', 'user_id', 'title', 'slug', 'status', 'type')); $data['topic_id'] = $this->id; $data['post_id'] = $this->Post->addFirstPost($data); $this->update($data['topic_id'], array('firstPost_id' => $data['post_id'], 'lastPost_id' => $data['post_id'], 'lastUser_id' => $data['user_id'])); $this->Forum->chainUpdate($data['forum_id'], array('lastTopic_id' => $data['topic_id'], 'lastPost_id' => $data['post_id'], 'lastUser_id' => $data['user_id'])); if (isset($data['options'])) { $this->Poll->addPoll($data); } // Subscribe if ($this->settings['auto_subscribe_self']) { $this->Subscription->subscribeToTopic($data['user_id'], $data['topic_id']); } return $data['topic_id']; } } } return false; }
public function register() { $this->data = Sanitize::clean($this->data, array('encode' => false)); $email = $this->data['Users']['email']; $this->data = array(); $this->User->create(); $this->data['User']['email'] = (string) $email; //$password = $this->data['User']['password']= $this->__randomString(); $username = $this->data['User']['username'] = (string) $email; $this->User->set($this->data); if ($this->User->validates()) { $this->User->save(); //$user_record_1=array(); //$user_record_1['Auth']['username']=$username; //$user_record_1['Auth']['password']=$password; //$joe = $username; // $this->Auth->authenticate_from_oauth($user_record_1['Auth']); $this->redirect(array('controller' => 'mail', 'action' => 'send_welcome_message', $email, $username)); //$this->data['User']['name'])); } else { $errors = $this->User->invalidFields(); // contains validationErrors array $this->Session->setFlash($errors['email'], 'default'); $this->redirect('/'); } }
function admin_addedit($id = null) { $this->set('id', $id); if (empty($this->request->data)) { $this->request->data = $this->Site->read(null, base64_decode($id)); $this->set('preSelectedPatients', $this->request->data); } elseif (!empty($this->request->data)) { //pr($this->request->data);exit; $this->request->data = Sanitize::clean($this->request->data, array('encode' => false)); $id = base64_decode($id); $this->request->data['Site']['id'] = $id; $this->Site->set($this->request->data); if ($this->Site->validates()) { if ($this->Site->saveAll($this->request->data['Site'], array('false'))) { $this->Session->setFlash("The Site Type Name has been saved successfully.", 'default', array('class' => 'alert alert-success')); $this->redirect(array('action' => 'admin_index')); } } } $this->loadModel('SiteType'); $siteTypes = $this->SiteType->find('list', array('SiteType.status' => 1)); $textAction = $id == null ? 'Add' : 'Edit'; $buttonText = $id == null ? 'Submit' : 'Update'; $this->set('navadmins', 'class = "active"'); $this->set('action', $textAction); $this->set('breadcrumb', 'Sites/' . $textAction); $this->set('buttonText', $buttonText); $this->set('siteTypes', $siteTypes); }
public function useBetaKey($email) { $key = $this->find('first', array('conditions' => array('email' => null))); $this->id = $key['BetaKey']['id']; $this->saveField('email', Sanitize::clean($email)); return $key; }
/** * This callback method extract exif data from image and sets fields as customized in settings. * * @param Model $model Object of model * * @return boolean Return method's status */ function beforeValidate(&$model) { // If photo is uploaded if (isset($model->data[$model->name][$this->settings[$model->name]['filename']]) && 0 == $model->data[$model->name][$this->settings[$model->name]['filename']]['error']) { // Name of image file //$filename = $model->data[$model->name][$this->settings[$model->name]['filename']]['tmp_name']; $filename = WWW_ROOT . 'files' . DS . 'pictures' . DS . $model->data[$model->name][$this->settings[$model->name]['filename']]; // Read exif data from file $exif = read_exif_data_raw($filename, 0); // If exif data contains maker note then set it empty if (isset($exif['SubIFD']['MakerNote'])) { $exif['SubIFD']['MakerNote'] = ''; } // Create new sanitize object and clean exif data Sanitize::clean($exif); if (isset($exif['SubIFD']['DateTimeOriginal']) && isset($this->settings[$model->name]['exifDateField'])) { $model->data[$model->name][$this->settings[$model->name]['exifDateField']] = date($this->settings[$model->name]['exifDateFormat'], strtotime($exif['SubIFD']['DateTimeOriginal'])); } // If the GPS Latitude and Longitude is set then add to proper fields if (isset($exif['GPS'])) { if (isset($this->settings[$model->name]['gpsLattitudeField'])) { $model->data[$model->name][$this->settings[$model->name]['gpsLattitudeField']] = $exif['GPS']['Latitude']; } if (isset($this->settings[$model->name]['gpsLattitudeField'])) { $model->data[$model->name][$this->settings[$model->name]['gpsLongitudeField']] = $exif['GPS']['Longitude']; } } // Store serialized exif data in model's data if (isset($this->settings[$model->name]['exifField'])) { $model->data[$model->name][$this->settings[$model->name]['exifField']] = serialize($exif); } } return true; }
/** * get_slides * */ public function get_slides() { $this->Prg->commonProcess(); $add_query = array('Slide.convert_status = ' . SUCCESS_CONVERT_COMPLETED); $val = isset($this->passedArgs['created_f']) ? $this->passedArgs['created_f'] : null; if (!empty($val)) { $add_query[] = "Slide.created >= '" . Sanitize::clean($val) . "'"; } $val = isset($this->passedArgs['created_t']) ? $this->passedArgs['created_t'] : null; if (!empty($val)) { $add_query[] = "Slide.created <= '" . Sanitize::clean($val) . "'"; } $this->Paginator->settings = array('conditions' => array($this->Slide->parseCriteria($this->passedArgs), $add_query), 'limit' => 200, 'recursive' => 1, 'order' => array('created' => 'desc')); try { $records = $this->Paginator->paginate('Slide'); } catch (Exception $e) { $this->response->statusCode(400); $result['error']['message'] = __('Failed to retrieve results'); $this->set('error', $result['error']); return $this->render('slides'); } $this->response->statusCode(200); $this->set('slides', $records); return $this->render('slides'); }
public function __construct($method, $messages) { App::import('Core', 'Sanitize'); static $__previousError = null; if ($__previousError != array($method, $messages)) { $__previousError = array($method, $messages); $this->controller =& new CakeErrorController(); } else { $this->controller =& new Controller(); $this->controller->viewPath = 'errors'; } $options = array('escape' => false); $messages = Sanitize::clean($messages, $options); if (!isset($messages[0])) { $messages = array($messages); } if (method_exists($this->controller, 'apperror')) { return $this->controller->appError($method, $messages); } if (!in_array(strtolower($method), array_map('strtolower', get_class_methods($this)))) { $method = 'error'; } $this->dispatchMethod($method, $messages); $this->_stop(); }
function index() { $this->layout = ''; $login = true; // Verifica se há dados em POST if ($this->data) { // Disponibiliza os dados postados para a model $this->Funcionario->set($this->data); // Verifica as regras de validação //if($this->Funcionario->validates()){ // Consulta a função criada na model para validar o login, o método Sanitize::clean torna a string livre de sql hacks $result = $this->Funcionario->checkUsuario(Sanitize::clean($this->data)); if ($result) { $this->Session->start(); $_SESSION['funcionario'] = array('id' => $result['Funcionario']['id'], 'data' => date('d-m-Y'), 'hora' => date('h:m:i'), 'perfil_id' => $result['Funcionario']['perfil_id']); if ($result['Funcionario']['perfil_id'] == 1) { $this->redirect('/dashboard'); } else { // $this->redirect('/dashboard/index') ; } } else { $this->set('error', true); } //} } }
public function s() { $result = array(); if (isset($this->request->query['term'])) { $keyword = Sanitize::clean($this->request->query['term']); } if (!empty($keyword)) { $cacheKey = "ElectionsS{$keyword}"; $result = Cache::read($cacheKey, 'long'); if (!$result) { $keywords = explode(' ', $keyword); $countKeywords = 0; $conditions = array('Election.parent_id IS NOT NULL'); foreach ($keywords as $k => $keyword) { $keyword = trim($keyword); if (!empty($keyword) && ++$countKeywords < 4) { $conditions[] = "Election.keywords LIKE '%{$keyword}%'"; } } $result = $this->Election->find('all', array('fields' => array('Election.id', 'Election.name', 'Election.lft', 'Election.rght'), 'conditions' => $conditions, 'limit' => 50)); foreach ($result as $k => $v) { $parents = $this->Election->getPath($v['Election']['id'], array('name')); $result[$k]['Election']['name'] = implode(' > ', Set::extract($parents, '{n}.Election.name')); } Cache::write($cacheKey, $result, 'long'); } } $this->set('result', $result); }
public function admin_add() { $customerdata = $this->User->find("all"); $this->set('customer_data', $customerdata); //pr($customerdata); exit; if ($this->request->is('post')) { //pr($this->request->data['Fcode']); $unique = time(); $this->request->data['Fcode'] = Sanitize::clean($this->request->data['Fcode'], array("remove_html" => TRUE)); $productIds = $this->request->data['Fcode']['fcode_product']; $productnames = $this->request->data['Fcode']['fcode_product_names']; if ($this->Fcode->save($this->request->data['Fcode'])) { $arr['FcodeProduct']['fcode_id'] = $fcode_id = $this->Fcode->id; $arr['FcodeProduct']['quantity'] = 1; for ($i = 0; $i < count($productIds); $i++) { //$this->Product->id = $productIds[$i]; $product_q = $this->Product->findById($productIds[$i]); //pr($product_q);exit; $this->Product->id = $productIds[$i]; $this->Product->saveField('quantity', $product_q['Product']['quantity'] - 1); $arr['FcodeProduct']['product_id'] = $productIds[$i]; $arr['FcodeProduct']['product_name'] = $productnames[$i]; $this->FcodeProduct->create(); $this->FcodeProduct->save($arr); } $this->Session->setFlash('<div class="alert alert-success"><i class="fa fa-check-circle"></i> Fcode Details Added Successfully...<button data-dismiss="alert" class="close" type="button">×</button> </div>'); } else { $this->Session->setFlash('<div class="alert alert-fail"><i class="fa fa-check-circle"></i> Fcode Details Not Added Successfully...<button data-dismiss="alert" class="close" type="button">×</button> </div>'); } return $this->redirect(array('action' => 'index')); } }
public function add() { if ($this->request->is('post')) { /* * sanitize data */ $this->request->data = Sanitize::clean($this->request->data, array('encode' => true, 'remove_html' => true)); $checkRoleExists = $this->CloggyUserRole->isRoleExists($this->request->data['CloggyUserRole']['role_name']); /* * validation rules */ $dataValidate = $this->request->data['CloggyUserRole']; $this->CloggyValidation->set($dataValidate); $this->CloggyValidation->validate = array('role_name' => array('empty' => array('rule' => 'notEmpty', 'required' => true, 'allowEmpty' => false, 'message' => __d('cloggy', 'Role name field required')), 'exists' => array('rule' => array('isValueEqual', $checkRoleExists, false), 'message' => __d('cloggy', 'This role name has exists.')))); /* * validate data */ if ($this->CloggyValidation->validates()) { /* * save and create new user role */ $this->CloggyUserRole->createRole($this->request->data['CloggyUserRole']['role_name']); //set notification $this->set('success', '<strong>' . $this->request->data['CloggyUserRole']['role_name'] . '</strong> ' . __d('cloggy', 'has been created.')); } else { $this->set('errors', $this->CloggyValidation->validationErrors); } } $this->set('title_for_layout', __d('cloggy', 'Cloggy - Role Management - Create New Role')); }
public function contactus() { if ($this->request->data) { $this->request->data['Contact'] = Sanitize::clean($this->request->data, array("remove_html" => TRUE)); $cakeEmail = new CakeEmail('default'); if ($this->request->data['Contact']['emailbool'] == "2") { $email_to = Configure::read('Config.general'); $cakeEmail->template('enquiry', 'default')->emailFormat('html')->to($email_to)->subject('HaRiMau - General Enquiry'); } else { $email_to = Configure::read('Config.business'); $cakeEmail->template('enquiry', 'default')->emailFormat('html')->to($email_to)->subject('HaRiMau - Business Enquiry'); } $cakeEmail->viewVars(array('user' => $this->request->data)); if ($cakeEmail->send()) { $cnt_data = $this->Notification->find('count', array('conditions' => array('markas' => 'Unread', 'type' => 'Contact'))); $arr['Notification']['type'] = 'Contact'; $arr['Notification']['status'] = 'Approve'; $arr['Notification']['count'] = $cnt_data + 1; $arr['Notification']['markas'] = 'Unread'; $arr['Notification']['bell'] = 'On'; $noti = $this->Notification->save($arr); $noti_data = $this->Notification->find('all', array('conditions' => array('markas' => 'Unread'))); $numNoti = count($noti_data); $this->set('count', $numNoti); $this->Session->setFlash('<div class="alert alert-success"><i class="fa fa-check-circle"></i> An email with details is sent to system admin as earliest as will replied you. <button data-dismiss="alert" class="close" type="button">×</button> </div>'); //$this->Session->setFlash(__('An email with details is sent to system admin as earliest as will replied you. ')); } else { $this->Session->setFlash('<div class="alert alert-danger"><i class="fa fa-exclamation-circle"></i> Problem on sending email to enquiry department. Please contact to administrator.<button data-dismiss="alert" class="close" type="button">×</button> </div>'); //$this->Session->setFlash(__('Problem on sending email to enquiry department. Please contact to administrator')); } } else { $this->set('count', 0); } }
function createComment(&$model, $id, $data = array()) { if (!empty($data[$this->__settings[$model->alias]['class']])) { unset($data[$model->alias]); $model->Comment->validate = array($this->__settings[$model->alias]['column_author'] => array('notempty' => array('rule' => array('notempty'))), $this->__settings[$model->alias]['column_content'] => array('notempty' => array('rule' => array('notempty'))), $this->__settings[$model->alias]['column_email'] => array('notempty' => array('rule' => array('notempty')), 'email' => array('rule' => array('email'), 'message' => 'Please enter a valid email address')), $this->__settings[$model->alias]['column_class'] => array('notempty' => array('rule' => array('notempty'))), $this->__settings[$model->alias]['column_foreign_id'] => array('notempty' => array('rule' => array('notempty'))), $this->__settings[$model->alias]['column_status'] => array('notempty' => array('rule' => array('notempty'))), $this->__settings[$model->alias]['column_points'] => array('notempty' => array('rule' => array('notempty')), 'numeric' => array('rule' => array('numeric')))); $data[$this->__settings[$model->alias]['class']][$this->__settings[$model->alias]['column_class']] = $model->alias; $data[$this->__settings[$model->alias]['class']][$this->__settings[$model->alias]['column_foreign_id']] = $id; $data[$this->__settings[$model->alias]['class']] = $this->_rateComment($model, $data['Comment']); if ($data[$this->__settings[$model->alias]['class']]['status'] == 'spam') { $data[$this->__settings[$model->alias]['class']]['active'] == 0; } else { if (Configure::read('Comments.auto_moderate') === true && $data[$this->__settings[$model->alias]['class']]['status'] != 'spam') { $data[$this->__settings[$model->alias]['class']]['active'] == 1; } } if ($this->__settings[$model->alias]['sanitize']) { App::import('Sanitize'); $data[$this->__settings[$model->alias]['class']][$this->__settings[$model->alias]['column_author']] = Sanitize::clean($data[$this->__settings[$model->alias]['class']][$this->__settings[$model->alias]['column_author']]); $data[$this->__settings[$model->alias]['class']][$this->__settings[$model->alias]['column_email']] = Sanitize::clean($data[$this->__settings[$model->alias]['class']][$this->__settings[$model->alias]['column_email']]); $data[$this->__settings[$model->alias]['class']][$this->__settings[$model->alias]['column_content']] = Sanitize::clean($data[$this->__settings[$model->alias]['class']][$this->__settings[$model->alias]['column_content']]); } else { $data[$this->__settings[$model->alias]['class']][$this->__settings[$model->alias]['column_author']] = $data[$this->__settings[$model->alias]['class']][$this->__settings[$model->alias]['column_author']]; $data[$this->__settings[$model->alias]['class']][$this->__settings[$model->alias]['column_email']] = $data[$this->__settings[$model->alias]['class']][$this->__settings[$model->alias]['column_email']]; $data[$this->__settings[$model->alias]['class']][$this->__settings[$model->alias]['column_content']] = $data[$this->__settings[$model->alias]['class']][$this->__settings[$model->alias]['column_content']]; } if ($this->_checkForEmptyVal($data[$this->__settings[$model->alias]['class']]) == false) { $model->Comment->create(); if ($model->Comment->save($data)) { return true; } } } return false; }
function testClean() { $string = 'test & "quote" \'other\' ;.$ symbol.' . "\r" . 'another line'; $expected = 'test & "quote" 'other' ;.$ symbol.another line'; $result = Sanitize::clean($string); $this->assertEqual($result, $expected); $string = 'test & "quote" \'other\' ;.$ symbol.' . "\r" . 'another line'; $expected = 'test & ' . Sanitize::escape('"quote"') . ' ' . Sanitize::escape('\'other\'') . ' ;.$ symbol.another line'; $result = Sanitize::clean($string, array('encode' => false)); $this->assertEqual($result, $expected); $string = 'test & "quote" \'other\' ;.$ \\$ symbol.' . "\r" . 'another line'; $expected = 'test & "quote" \'other\' ;.$ $ symbol.another line'; $result = Sanitize::clean($string, array('encode' => false, 'escape' => false)); $this->assertEqual($result, $expected); $string = 'test & "quote" \'other\' ;.$ \\$ symbol.' . "\r" . 'another line'; $expected = 'test & "quote" \'other\' ;.$ \\$ symbol.another line'; $result = Sanitize::clean($string, array('encode' => false, 'escape' => false, 'dollar' => false)); $this->assertEqual($result, $expected); $string = 'test & "quote" \'other\' ;.$ symbol.' . "\r" . 'another line'; $expected = 'test & "quote" \'other\' ;.$ symbol.' . "\r" . 'another line'; $result = Sanitize::clean($string, array('encode' => false, 'escape' => false, 'carriage' => false)); $this->assertEqual($result, $expected); $array = array(array('test & "quote" \'other\' ;.$ symbol.' . "\r" . 'another line')); $expected = array(array('test & "quote" 'other' ;.$ symbol.another line')); $result = Sanitize::clean($array); $this->assertEqual($result, $expected); $array = array(array('test & "quote" \'other\' ;.$ \\$ symbol.' . "\r" . 'another line')); $expected = array(array('test & "quote" \'other\' ;.$ $ symbol.another line')); $result = Sanitize::clean($array, array('encode' => false, 'escape' => false)); $this->assertEqual($result, $expected); }
/** *This function use for product category edit in admin panel * @param string $category_id */ function shophead_edit($category_id = "") { $this->layout = 'admin_layout'; App::import('Model', 'ProductCategory'); $this->ProductCategory = new ProductCategory(); $id = base64_decode($category_id); // pr($id); $this->loadModel('ProductSubCategory'); $this->set('categories', $this->ProductCategory->find('list', array('fields' => array('ProductCategory.id', 'ProductCategory.name'), 'conditions' => array('ProductCategory.status' => 1)))); $data = $this->ProductSubCategory->find('first', array('conditions' => array('ProductSubCategory.id' => $id))); if (!empty($data)) { if (!empty($this->request->data)) { $this->request->data = Sanitize::clean($this->request->data, array('encode' => false)); $this->ProductSubCategory->set($this->request->data); if ($this->request->data['ProductSubCategory']['name'] == $data['ProductSubCategory']['name']) { unset($this->request->data['ProductSubCategory']['name']); } if ($this->ProductSubCategory->validates()) { if ($this->ProductSubCategory->save($this->request->data)) { $this->Session->write('flash', array(EDIT_RECORD, 'success')); $this->redirect(array('controller' => 'ProductSubCategories', 'action' => 'index')); } else { $this->Session->write('flash', array(FAILURE_MSG, 'failure')); $this->redirect(array('controller' => 'ProductSubCategories', 'action' => 'index')); } } } $this->request->data = $data; } else { $this->redirect(array('controller' => 'ProductSubCategories', 'action' => 'index')); } }
public function create() { /* * form submitted */ if ($this->request->is('post')) { $dataToSave = array(); /* * sanitize data */ $this->request->data = Sanitize::clean($this->request->data, array('encode' => true, 'remove_html' => true)); /* * permission data */ $dataToSave['CloggyUserPerm']['aro_object_id'] = $this->request->data['CloggyUserPerm']['role_id']; $dataToSave['CloggyUserPerm']['aro_object'] = $this->request->data['CloggyUserPerm']['role_id'] == 0 ? '*' : 'roles'; $dataToSave['CloggyUserPerm']['aco_object'] = $this->request->data['CloggyUserPerm']['aco_object']; $dataToSave['CloggyUserPerm']['aco_adapter'] = $this->request->data['CloggyUserPerm']['aco_adapter']; /* * permission value type(allow/deny) */ $perm = $this->request->data['CloggyUserPerm']['perm']; switch ($perm) { case 0: $dataToSave['CloggyUserPerm']['allow'] = 0; $dataToSave['CloggyUserPerm']['deny'] = 1; break; default: $dataToSave['CloggyUserPerm']['allow'] = 1; $dataToSave['CloggyUserPerm']['deny'] = 0; break; } /* * check if aro has permission to aco */ $checkPermExists = $this->CloggyUserPerm->isAroConnectedWithAco($dataToSave['CloggyUserPerm']['aro_object_id'], $dataToSave['CloggyUserPerm']['aro_object'], $dataToSave['CloggyUserPerm']['aco_object']); /* * prepare validation */ $this->CloggyValidation->set($this->request->data['CloggyUserPerm']); $this->CloggyValidation->validate = array('aco_adapter' => array('empty' => array('rule' => 'notEmpty', 'required' => true, 'allowEmpty' => false, 'message' => __d('cloggy', 'Adapter name field required')), 'comparison' => array('rule' => array('inList', array('module', 'model', 'url')), 'required' => true, 'allowEmpty' => false, 'message' => __d('cloggy', 'You must choose adapter.'))), 'role_id' => array('rule' => array('isValueEqual', $checkPermExists, false), 'required' => true, 'allowEmpty' => false, 'message' => __d('cloggy', 'This role and permission has been exists.')), 'aco_object' => array('rule' => 'notEmpty', 'required' => true, 'allowEmpty' => false, 'message' => __d('cloggy', 'Object field required'))); /* * validate data */ if ($this->CloggyValidation->validates()) { $this->CloggyUserPerm->create(); $this->CloggyUserPerm->save($dataToSave); $this->set('success', __d('cloggy', 'Permission has been setup')); } else { $this->set('errors', $this->CloggyValidation->validationErrors); } } /* * get roles */ $roles = $this->CloggyUserRole->find('list', array('contain' => false, 'fields' => array('CloggyUserRole.id', 'CloggyUserRole.role_name'), 'order' => array('CloggyUserRole.role_name' => 'asc'))); $this->set('title_for_layout', __d('cloggy', 'Cloggy - Users Permission Management - Setup Permission')); $this->set(compact('roles')); }
public function insert($ip, $username) { $expire = Configure::read('SecureAuth.expire'); // sanitize fields $ip = Sanitize::clean($ip); $username = Sanitize::clean($username); $this->query("INSERT INTO `bruteforces` (`ip` , `username` , `expire` ) VALUES ('{$ip}', '{$username}', TIMESTAMPADD(SECOND,{$expire}, NOW()));"); }
function post() { App::import('Sanitize'); $this->data = Sanitize::clean($this->data); $this->data['Chat']['ip_address'] = $_SERVER['REMOTE_ADDR']; $this->Chat->save($this->data); die; }
/** * JSON format tag suggestions based on first letters of tag name */ function suggest() { if ($this->RequestHandler->isAjax() && $this->RequestHandler->isPost()) { App::import('Core', 'Sanitize'); $first_letters = Sanitize::clean($this->params['form']['tag']); $limit = Sanitize::clean($this->params['form']['limit']); $this->set('matches', $this->Tag->suggest($first_letters, $limit)); } }
function shout() { $this->data['UserThread']['user_id'] = $this->Session->read('Auth.User.id'); $this->data['UserThread']['target_id'] = $this->data['UserThread']['target_id']; $this->data['UserThread']['content'] = Sanitize::clean($this->data['UserThread']['content']); $this->data['UserThread']['private'] = $this->data['UserThread']['private']; $this->UserThread->save($this->data); $this->redirect($this->referer()); }
function view($mixed) { $mixed = Sanitize::clean($mixed); $project = $this->Project->findMixed($mixed); if (!$project) { $this->cakeError("error404"); } $this->set('project', $project); }
public function beforeSave($options = array()) { parent::beforeSave($options); $formatted = $this->formatDateFields($this->data, $this->datesToSave, "%Y-%m-%d"); if (isset($formatted[0])) { $this->data[$this->alias] = array_replace($this->data[$this->alias], $formatted[0][$this->alias]); } $this->data = Sanitize::clean($this->data); return true; }
/** * Cette fonction permet la gestion de l'inscription à la lettre d'informations * * @access public * @author koéZionCMS * @version 0.1 - 10/02/2012 by FI * @version 0.2 - 27/06/2013 by FI - Correction sur la gestion de l'élément suite au changement dans la gestion des templates plus nettoyage des données */ function newsletter() { if ($this->request->data) { //Si des données sont postées if ($this->Contact->validates($this->request->data)) { //Si elles sont valides //Récupération du contenu à envoyer dans le mail $vars = $this->get('vars'); $messageContent = $vars['websiteParams']['txt_mail_newsletter']; if (defined('LAYOUT_VIEWS')) { $emailElement = LAYOUT_VIEWS . DS . 'elements' . DS . 'email' . DS . 'newsletter'; } else { $emailElement = ELEMENTS . DS . 'email' . DS . 'default'; } $this->request->data = Sanitize::clean($this->request->data, array('remove_html' => true)); //Petit nettoyage des données avant envoi et insertion /////////////////////// // ENVOI DE MAIL // $mailDatas = array('subject' => '::Newsletter::', 'to' => $this->request->data['email'], 'element' => $emailElement, 'vars' => array('messageContent' => $messageContent)); $this->components['Email']->send($mailDatas, $this); //On fait appel au composant email /////////////////////// $this->Contact->save($this->request->data); //On procède à la sauvegarde des données if (isset($this->request->data['id']) && isset($this->request->data['name'])) { $message = '<p class="confirmation">Votre demande a bien été prise en compte.</p>'; $messageOk = '<p>Votre demande a bien été prise en compte.</p>'; $this->request->data = false; } else { $message = '<p class="confirmation">Votre demande a bien été prise en compte. <br /> Vous pouvez compléter vos informations si vous le souhaitez.</p>'; $messageOk = '<p>Votre demande a bien été prise en compte. <br /> Vous pouvez compléter vos informations si vous le souhaitez.</p>'; $this->set('newsletter_id', $this->Contact->id); } $this->set('message', $message); $this->set('messageOk', $messageOk); } else { //Gestion des erreurs $message = '<p class="error"><strong>Merci de corriger vos informations</strong>'; foreach ($this->Contact->errors as $k => $v) { $message .= '<br />' . $v; } $message .= '</p>'; $messageKo = '<p><strong>Merci de corriger vos informations</strong>'; foreach ($this->Contact->errors as $k => $v) { $messageKo .= '<br />' . $v; } $messageKo .= '</p>'; $this->set('message', $message); $this->set('messageKo', $messageKo); if (isset($this->request->data['id'])) { $this->set('newsletter_id', $this->request->data['id']); } } } }
public function update_puchaseid() { $this->autoRender = false; if ($this->data) { App::uses('Sanitize', 'Utility'); $purchase_id = Sanitize::clean($this->data['Invoice']['purchaseorder_id']); $this->Invoice->id = $this->data['Invoice']['id']; $this->Invoice->saveField('customer_puchaseorder_no', $purchase_id); echo $purchase_id; } }
/** * List of link categories */ public function admin_index() { $this->set('title_for_layout', __d('hurad', 'Link Categories')); $this->Linkcat->recursive = 0; if (isset($this->request->params['named']['q'])) { App::uses('Sanitize', 'Utility'); $q = Sanitize::clean($this->request->params['named']['q']); $this->Paginator->settings = Hash::merge($this->paginate, array('Linkcat' => array('conditions' => array('Linkcat.name LIKE' => '%' . $q . '%')))); } $this->set('linkcats', $this->Paginator->paginate('Linkcat')); }
public function auto() { $this->jsonData = array(); if (!empty($_GET['term'])) { $keyword = trim(Sanitize::clean($_GET['term'])); $items = $this->Drug->find('all', array('contain' => array('License'), 'fields' => array('Drug.id', 'Drug.license_id', 'License.license_id', 'License.name', 'License.name_english'), 'conditions' => array('OR' => array('License.name LIKE' => "%{$keyword}%", 'License.name_english LIKE' => "%{$keyword}%", 'License.license_id LIKE' => "%{$keyword}%")), 'limit' => 20)); foreach ($items as $item) { $this->jsonData[] = array('label' => "[{$item['License']['license_id']}]{$item['License']['name']}({$item['License']['name_english']})", 'value' => $item['Drug']['id'], 'license_id' => $item['Drug']['license_id'], 'name' => $item['License']['name'], 'name_english' => $item['License']['name_english']); } } }
public function auto() { $this->jsonData = array(); if (!empty($_GET['term'])) { $keyword = trim(Sanitize::clean($_GET['term'])); $items = $this->Point->find('all', array('fields' => array('id', 'nhi_id', 'name', 'city', 'town', 'address', 'phone'), 'conditions' => array('OR' => array('name LIKE' => "%{$keyword}%", 'nhi_id LIKE' => "%{$keyword}%")), 'limit' => 20)); foreach ($items as $item) { $this->jsonData[] = array('label' => "[{$item['Point']['nhi_id']}]{$item['Point']['name']} @ {$item['Point']['city']}{$item['Point']['town']}", 'value' => $item['Point']['id'], 'name' => $item['Point']['name'], 'nhi_id' => $item['Point']['nhi_id'], 'city' => $item['Point']['city'], 'town' => $item['Point']['town'], 'address' => $item['Point']['address'], 'phone' => $item['Point']['phone']); } } }
function remove($id) { $this->layout = ''; if ($this->Banco->deleteBanco(Sanitize::clean($id))) { $this->Session->setFlash('Banco excluído com sucesso!', 'flash_confirm'); $this->redirect(array('action' => 'index')); } else { $this->Session->setFlash('Erro ao excluir Banco!', 'flash_error'); $this->redirect(array('action' => 'index')); } }
public function auto() { $this->jsonData = array(); if (!empty($_GET['term'])) { $keyword = trim(Sanitize::clean($_GET['term'])); $items = $this->Vendor->find('all', array('fields' => array('id', 'name'), 'conditions' => array('name LIKE' => "%{$keyword}%"), 'limit' => 20)); foreach ($items as $item) { $this->jsonData[] = array('label' => "{$item['Vendor']['name']}", 'value' => $item['Vendor']['id']); } } }
/** * Returns a list of episodes for the show and season numbers * * @param show_id the id of the show * @param season the season to return, 0 for all seasons */ function get_episodes($show_id, $season) { // Sanitize the arguments $show_id = Sanitize::clean($show_id); $season = Sanitize::clean($season); // Retrieve the raw data $episodes = $this->get_raw_episodes($show_id, $season); // Filter air dates $episodes = $this->filter_episodes($episodes); return $episodes; }