escape_for_fields PHP Exemples de code

Exemple #1

0

Afficher le fichier

Fichier : new_topic.php Projet : rjdesign/Ilch-1.2

if (isset($_POST['Gname'])) {
    $xnn = trim(escape_nickname($_POST['Gname']));
}
if ($_SESSION['klicktime'] + 15 > $dppk_time or empty($topic) or empty($txt) or !empty($_POST['priview']) or empty($_POST['Gname']) and !loggedin() or !chk_antispam('newtopic')) {
    $design = new design($title, $hmenu, 1);
    $design->header($load);
    $tpl = new tpl('forum/newtopic');
    $name = '';
    if (!loggedin()) {
        $name = '<tr><td class="Cmite"0><b>' . $lang['name'] . '</b></td>';
        $name .= '<td class="Cnorm"><input type="text" value="' . unescape($xnn) . '" maxlength="15" name="Gname"></td></tr>';
    }
    if (isset($_POST['priview'])) {
        $tpl->set_out('txt', bbcode(unescape($txt)), 0);
    }
    $ar = array('name' => $name, 'txt' => escape_for_fields(unescape($txt)), 'topic' => escape_for_fields(unescape($topic)), 'fid' => $fid, 'SMILIES' => getsmilies(), 'antispam' => get_antispam('newtopic', 1));
    $tpl->set_ar_out($ar, 1);
} else {
    // save toipc
    $_SESSION['klicktime'] = $dppk_time;
    $design = new design($title, $hmenu, 0);
    $design->header($load);
    if (loggedin()) {
        $uid = $_SESSION['authid'];
        $erst = escape($_SESSION['authname'], 'string');
        db_query("UPDATE `prefix_user` SET `posts` = `posts`+1 WHERE `id` = " . $uid);
    } else {
        $erst = $xnn;
        $uid = 0;
    }
    db_query("INSERT INTO `prefix_topics` (`fid`, `name`, `erst`, `stat`) VALUES ( " . $fid . ", '" . $topic . "', '" . $erst . "', 1 )");

Exemple #2

0

Afficher le fichier

Fichier : new_post.php Projet : kveldscholten/Ilch-1.1

    if ($menu->getA(3) == 'z') {
        $row = db_fetch_object(db_query("SELECT txt,erst FROM prefix_posts WHERE id = " . $menu->getE(3)));
        $xtext = '[quote=' . escape_nickname($row->erst) . ']' . "\n" . $row->txt . "\n[/quote]";
    }
    if ($menu->getA(3) == 'f') {
        $r = db_fetch_assoc(db_query("SELECT id,text,title FROM prefix_faqs WHERE id = " . $menu->getE(3)));
        $xtext = 'FAQ Artikel: [url=index.php?faqs-s' . $r['id'] . '#FAQ' . $r['id'] . ']' . $r['title'] . '[/url]' . "\n" . unescape($r['text']);
    }
    if (isset($_POST['priview'])) {
        $tpl->set_out('txt', bbcode(unescape($txt)), 0);
    }
    if (empty($txt)) {
        $txt = $xtext;
    }
    $tpl = new tpl('forum/newpost');
    $ar = array('txt' => escape_for_fields(unescape($txt)), 'tid' => $tid, 'name' => $name, 'SMILIES' => getsmilies(), 'antispam' => get_antispam('newpost', 1));
    $tpl->set_ar_out($ar, 1);
    $erg = db_query('SELECT erst, txt FROM `prefix_posts` WHERE tid = "' . $tid . '" ORDER BY time DESC LIMIT 0,5');
    while ($row = db_fetch_assoc($erg)) {
        $row['txt'] = bbcode($row['txt']);
        $tpl->set_ar_out($row, 2);
    }
    $tpl->out(3);
} else {
    # save post
    $_SESSION['klicktime'] = $dppk_time;
    $design = new design($title, $hmenu, 1);
    $design->header();
    if (loggedin()) {
        $uid = $_SESSION['authid'];
        $erst = escape($_SESSION['authname'], 'string');

Exemple #3

0

Afficher le fichier

Fichier : search.php Projet : rjdesign/Ilch-1.2

$autor = '';
if (isset($_GET['autor'])) {
    $autor = escape($_GET['autor'], 'string');
}
$tpl->set('autor', $autor);
if (isset($_GET['in'])) {
    for ($i = 1; $i <= 3; $i++) {
        if ($_GET['in'] == $i) {
            $tpl->set('checked' . $i, 'checked="checked"');
        }
    }
} else {
    $tpl->set('checked1', 'checked="checked"');
}
if ($such != 'augt' and $such != 'aeit' and $such != 'aubt') {
    $tpl->set('search', escape_for_fields($such), 0);
}
if (isset($_GET['days'])) {
    $days = $_GET['days'] == 0 ? 360 : intval($_GET['days']);
} else {
    $days = 360;
}
$days_ar = array(360 => 'alle Beitr&auml;ge (1 Jahr)', 1 => '1 Tag', 7 => '7 Tage', 14 => '2 Wochen', 30 => '1 Monat', 90 => '3 Monate', 180 => '6 Monate');
$tpl->set('days', arlistee($days, $days_ar));
$tpl->out(0);
if (!empty($such) or !empty($autor)) {
    $page = 1;
    if (isset($_GET['page'])) {
        $page = str_replace('-p', '', $_GET['page']);
    }
    $limit = 25;

Exemple #4

0

Afficher le fichier

Fichier : edit_post.php Projet : rjdesign/Ilch-1.2

if (!isset($_SESSION['klicktime'])) {
    $_SESSION['klicktime'] = 0;
}
$txt = '';
if (isset($_POST['txt'])) {
    $txt = trim(escape($_POST['txt'], 'textarea'));
}
if ($_SESSION['klicktime'] > $dppk_time - 15 or empty($txt) or !empty($_POST['priview'])) {
    $tpl = new tpl('forum/postedit');
    if (isset($_POST['priview'])) {
        $tpl->set_out('txt', bbcode(unescape($txt)), 0);
    }
    if (empty($txt)) {
        $txt = $row->txt;
    }
    $ar = array('tid' => $tid, 'oid' => $oid, 'txt' => isset($_POST['priview']) ? escape_for_fields(unescape($txt)) : escape_for_fields($txt), 'SMILIES' => getsmilies());
    $tpl->set_ar_out($ar, 1);
    $erg = db_query('SELECT `erst`, `txt` FROM `prefix_posts` WHERE `tid` = "' . $tid . '" ORDER BY `time` DESC LIMIT 0,5');
    while ($row = db_fetch_assoc($erg)) {
        $row['txt'] = bbcode($row['txt']);
        $tpl->set_ar_out($row, 2);
    }
    $tpl->out(3);
} else {
    $s = preg_quote($lang['postlastchangedby']);
    if (preg_match("/.*" . $s . " ([^\\ ])* am \\d\\d\\.\\d\\d\\.\\d\\d\\d\\d - \\d\\d:\\d\\d:\\d\\d\$/", $txt)) {
        $txt = preg_replace("/" . $s . " ([^\\ ])* am \\d\\d\\.\\d\\d\\.\\d\\d\\d\\d - \\d\\d:\\d\\d:\\d\\d\$/", $lang['postlastchangedby'] . ' ' . $_SESSION['authname'] . ' am ' . date("d.m.Y - H:i:s"), $txt);
    } else {
        $txt .= "\n\n\n" . $lang['postlastchangedby'] . ' ' . $_SESSION['authname'] . ' am ' . date("d.m.Y - H:i:s");
    }
    db_query("UPDATE `prefix_posts` SET `txt` = '" . $txt . "' WHERE `id` = " . $oid);

PHP escape_for_fields Exemples