PHP f_belongs_to Exemples

Exemple #1

Fichier : deletefolder.php Projet : noikiy/owaspbwa

function delete($folderID)
{
    $result = false;
    if ($folderID != "") {
        include '../access.php';
        $access = checkAccess('n', 't');
        if ($access) {
            $user = new User();
            $username = $user->getUsername();
            include "../includes/bookmarks.php";
            if (f_belongs_to($folderID, $username, "../")) {
                $resultArr = delete_folder($folderID, $username, "../");
                $result = $resultArr['success'];
            }
        }
    }
    return $result;
}

Exemple #2

Fichier : modifyfolder.php Projet : noikiy/owaspbwa

 include 'conn.php';
 include 'includes/bookmarks.php';
 if (isset($_POST["id"])) {
     $id = $_POST["id"];
 } else {
     if (isset($_GET["id"])) {
         $id = $_GET["id"];
     }
 }
 $pid = $_POST["pid"];
 $title = $_POST["title"];
 $description = $_POST["description"];
 $user = new User();
 $username = $user->getUsername();
 $success = false;
 if ($id != null && f_belongs_to($id, $username)) {
     if ($_POST['submitted']) {
         if ($title != null) {
             include 'includes/protection.php';
             $title = filter($title);
             if ($description != null) {
                 $description = filter($description);
             }
             $Query = sprintf("update " . TABLE_PREFIX . "folders set title=%s, description=%s where id='" . $id . "'", quote_smart($title), quote_smart($description));
             //echo($Query . "<br>\n");
             $AffectedRows = $dblink->exec($Query);
             if ($AffectedRows >= 0) {
                 if (!$pid) {
                     header("Location: books.php");
                 } else {
                     echo "<p class=\"success\">" . T_("The folder has been updated") . "</p>";