public function renderFormElement() { $sValue = safeText($this->value); $fillPixel = new \ImagickPixel($this->value); $fillColor = $fillPixel->getcolor(); $fillString = sprintf("rgb(%d, %d, %d)", $fillColor['r'], $fillColor['g'], $fillColor['b']); $fillStringHex = sprintf("%02x%02x%02x", $fillColor['r'], $fillColor['g'], $fillColor['b']); $input = "<input type='text' class='inputValue' id='" . $this->getVariableName() . "' name='" . $this->getVariableName() . "' value='{$sValue}' />"; $color = "<span id='" . $this->getVariableName() . "Selector' data-color='0x{$fillStringHex}' style='display: inline-block; border: 1px solid #000; padding: 0px;'>\n <span style='background-color: {$fillString}; margin: 2px; width: 20px; display: inline-block;'>\n \n </span>\n </span>"; $text = "<div class='row controlRow'>\n <div class='col-sm-" . (self::FIRST_ELEMENT_SIZE - 1) . " " . self::FIRST_ELEMENT_CLASS . " controlCell'>\n %s\n </div>\n <div class='col-sm-1 controlCell'>\n %s\n </div>\n <div class='col-sm-" . self::MIDDLE_ELEMENT_SIZE . " " . self::MIDDLE_ELEMENT_CLASS . " controlCell'>\n %s\n </div>\n \n</div>"; return sprintf($text, $this->getDisplayName(), $color, $input); }
function makeParam($param, $ispost = false) { $ispost && ($this->requestParam = "_seckey=" . $this->requestSecKey); //初始化请求参数,post必须有一个_seckey,否则可能会失败 if (!$param) { return; } if (is_string($param)) { trim($this->requestParam) != "" && ($this->requestParam .= '&'); $this->requestParam .= $param; } if (is_array($param) && count($param) > 0) { foreach ($param as $k => $v) { trim($this->requestParam) != "" && ($this->requestParam .= '&'); $this->requestParam .= $k . '=' . urlencode(safeText($v)); } } }
<?php include '../models/config.php'; include '../models/helpers.php'; function __autoload($name) { include_once "../models/classes/{$name}.class.php"; } $err = array(); $login = safeText($_POST['login']); $password = safeText($_POST['password']); $loginCLASS = new Login(); if ($loginCLASS->validateLogin($login, $password) != true) { $err[] = "Špatné jméno nebo heslo!"; foreach ($err as $err) { echo "<div>{$err}</div>"; return; } } else { echo 1; return; }
<?php include 'header.php'; ?> <h1><?php safeText($page['name']); ?> </h1> <h3><?php safeText($page['description']); ?> </h3> <div id="content"> <?php safeText($page['content']); ?> </div> <?php include 'footer.php';
function uploadFile() { define("MAX_SIZE", "300"); $errors = 0; $newname = ''; if (isset($_POST['submit_file'])) { $import = $_FILES['import_file']['name']; if ($import) { $file_name = stripslashes($_FILES['import_file']['name']); $file_name = safeText($file_name); $extension = getExtension($file_name); $extension = strtolower($extension); if ($extension != "txt" && $extension != "pde" && $extension != "c") { echo "<h1>Unknown Import file Extension: {$extension}</h1>"; $errors = 1; } else { $size = filesize($_FILES['import_file']['tmp_name']); if ($size > MAX_SIZE * 1024) { echo "<h1>You have exceeded the size limit! {$size}</h1>"; $errors = 1; } //$image_name=time().'.'.$extension; //$file_name = $db.'-'.$id.'.'.$extension; $newname = "php-viking/import/" . $file_name; $copied = move_uploaded_file($_FILES['import_file']['tmp_name'], $newname); if (!$copied) { echo "<h1>Import Copy unsuccessfull! {$size}</h1>"; $errors = 1; } } } } if (isset($_POST['submit_file']) && !$errors) { chmod($newname, 0666); return $newname; // echo "<h1>File Uploaded Successfully! $size</h1>"; } return $newname; }
<?php include '../../../models/config.php'; include '../../../models/helpers.php'; function __autoload($name) { include_once "../../../models/classes/{$name}.class.php"; } session_start(); $err = array(); $profil = new Profil($_SESSION['profil_id']); $job = new Job(); $activeJob = $job->getJobById(safeText($_POST['id']), $profil->getLevel(), $profil->getJobExpierence()); if ($profil->getActulaEnergy() < $activeJob['energy']) { $err[] = 'Nedostatek energie!'; } if (count($err) < 1) { $energy = $profil->getActulaEnergy() - $activeJob['energy']; $money = $profil->getMoney() + $activeJob['money']; $newJobExperience = $profil->getJobExpierence() + $activeJob['addExpierence']; $job->doJob($energy, $activeJob['energy'], $activeJob['id'], $profil->getId(), $money, $newJobExperience); echo 1; return; } foreach ($err as $err) { echo "<div>{$err}</div>"; }
<?php include '../models/config.php'; include '../models/helpers.php'; function __autoload($name) { include_once "../models/classes/{$name}.class.php"; } $err = array(); $mail = safeText($_POST['mail']); $login = safeText($_POST['login']); $password = safeText($_POST['password']); $passwordAgain = safeText($_POST['passwordAgain']); $rules = safeText($_POST['rules']); $registration = new Registration(); //EMAIL if (strlen($mail) < 1) { $err[] = 'Není vyplněný mail!'; } else { if (strlen($mail) > 255) { $err[] = 'Příliš dlouhý mail!'; } else { if ($registration->checkEmptyMail($mail) != true) { $err[] = 'Tento email už někdo používá!'; } } } //LOGIN if (strlen($login) < 1) { $err[] = 'Není vyplněný login!'; } else {
} else { $otherSport = trim(strtolower($otherSport)); $newSport = new Sport(); if ($newSport->checkSport($otherSport) == 0) { $sportID = $newSport->setNewSport($otherSport); } else { $sportID = $newSport->checkSport($otherSport); } } } if ($_POST['num_entry'] != 0) { $num_entry = safeText($_POST['num_entry']); } $entry = $_POST['entry']; if ($_POST['shared'] == 0) { $shared = safeText($_POST['submit']); } else { $shared = 1; } if (empty($err)) { $database = new Entry(); if ($num_entry == 0) { $database->newEntry($profil->getId(), $title, $sportID, $entry, $shared); $num_entry = $database->lastId(); } else { $database->updateEntry($num_entry, $profil->getId(), $title, $sportID, $entry, $shared); } if ($shared == 1) { $link = "<a href='index.php?page=entry&id={$num_entry}'>Odkaz na článek</a>"; $err[] = "Úspěšně uloženo a sdíleno!"; } else {
*/ if ($_POST['login'] == "") { $err[] = "Není vyplněné přihlašovací jméno!"; } elseif (strlen($_POST['login']) > 255) { $err[] = "Přihlašovací jméno je příliš dlouhé!"; $login = safeText($_POST['login']); } else { $login = str_replace(' ', '', $_POST['login']); if ($login != $_POST['login']) { $err[] = "Přihlašovací jméno nesmí obsahvat mezery!"; } $checkLogin = new Registration(); if (!$checkLogin->checkLogin($_POST['login'])) { $err[] = "Toto přihlašovací jméno již používá jiný uživatel!"; } $login = safeText($_POST['login']); } /** * PASSWORD checkout */ if ($_POST['password'] != "") { if ($_POST['password'] !== $_POST['password2']) { $err[] = "Heslo se neshoduje s ověřením hesla!"; } if (strlen($_POST['password']) < 4) { $err[] = "Příliš krátké heslo!"; } elseif (strlen($_POST['password']) > 40) { $err[] = "Příliš dlouhé heslo!"; } } else { $err[] = "Není vyplněné heslo!";
$cookies = explode("-*-", $_COOKIE["BIAGAME"]); $profil = new Profil(0, $cookies[0], $cookies[1]); } else { $profil = new Profil(); } } else { $profil = new Profil($_SESSION['profil_id']); } $html = new HTML(); $html->addCss("<link href='https://fonts.googleapis.com/css?family=Patrick+Hand&subset=latin,latin-ext' rel='stylesheet' type='text/css'>"); $html->addCss('<link rel="stylesheet" href="css/basicPage.css" type="text/css">'); if ($profil->log == false || $profil->getId() == 0) { include 'controllers/home.php'; } else { if (isset($_GET['page']) && $_GET['page'] != "") { $html->setGetPage(safeText($_GET['page'])); } //ADVICES AND OTHER if ($profil->introduction() == true) { include "controllers/log/advices/introduction.php"; } else { if (file_exists("controllers/log/{$html->getGetPage()}.php")) { include "controllers/log/{$html->getGetPage()}.php"; } else { include "controllers/noPageFound.php"; } include "controllers/log/navigation/navigation.php"; include "controllers/log/panel/panel.php"; } } print (include 'views/page.php');
<?php /** * Created by PhpStorm. * User: ununik * Date: 25.08.2015 * Time: 16:18 */ $saved = ""; $newComment = new CommentsEntry(); $notice = "<a href='index.php?page=entry&id={$entry['id']}' class='notice'>{$profil->getName()} právě okomentoval článek {$entry['title']}</a>"; if (isset($_POST['comment']) && $_POST['comment'] != "") { $commentSafe = safeText($_POST['comment']); $newComment->newComment($_GET['id'], $profil->getId(), $commentSafe, $author->getId(), $notice); $saved = "Váš komentář byl přidán."; } $allComments = $newComment->allComments($_GET['id']); $commentsInBox = (include "views/entry/comment-html.php"); return include_once "views/entry/commentsBox.php";
$err[] = "Není vyplněné příjmení!"; } elseif (strlen($lastname) > 255) { $err[] = "Vyplněné příjmení je příliš dlouhé!"; } //GENDER $gender = safeText($_POST['gender']); if ($gender != "m" && $gender != "f") { $err[] = "Není vyplněné pohlaví!"; } //NATIONALITY $nationality = safeText($_POST['nationality']); if (!is_numeric($nationality)) { $err[] = "Není vyplněný stát!"; } //AGE $age = safeText($_POST['age']); if (!is_numeric($age)) { $err[] = "Věk musí být číselný údaj!"; } if ($age > 150 || $age < 1) { $err[] = "Divný věk {$age}!"; } if (count($err) < 1) { $profil->introductionUpdate($firstname, $lastname, $gender, $age, $nationality); echo 1; return; } foreach ($err as $err) { echo "<div>{$err}</div>"; } return;
<?php /** * Created by PhpStorm. * User: ununik * Date: 17.08.2015 * Time: 15:50 */ $login = ""; $err = array(); if (isset($_POST['login'])) { $checkLogin = new Login(); if (!$checkLogin->checkLogin(safeText($_POST['login']), safeText($_POST['password']))) { $err[] = "Špatné jméno nebo heslo!"; } elseif (!$checkLogin->getValidate()) { $err[] = "Účet stále nebyl validován pomocí kódu, který Vám přišel emailu!"; } if (empty($err)) { header("Location: index.php?page=home"); } } return include_once "views/login/login-html.php";
} //show mail if (isset($_POST['showTel']) && $_POST['showTel'] == 1) { $showTel = 1; } else { $showTel = 0; } $club = safeText($_POST['club']); $clubUpdate = ""; if ($_POST['club'] != "") { $clubUpdate = nl2br(safeText($_POST['club'])); $clubUpdate = str_replace(",", "_;_", $clubUpdate); $clubUpdate = str_replace("<br>", "_;_", $clubUpdate); $clubUpdate = str_replace("<br />", "_;_", $clubUpdate); } $about_me = safeText($_POST['about_me']); if ($_FILES['profile_image']['name'] != "") { if ($_FILES['profile_image']['error'] == "") { $profile_image = $_FILES['profile_image']; switch ($profile_image['type']) { case "image/png": $sufix = ".png"; break; case "image/gif": $sufix = ".gif"; break; case "image/jpeg": $sufix = ".jpg"; break; case "image/jpg": $sufix = ".jpg";
<?php /** * Created by PhpStorm. * User: ununik * Date: 26.08.2015 * Time: 13:46 */ $search = ""; $contact = new Contact(); if (isset($_GET['search'])) { $search = safeText($_GET['search']); $users = $contact->getAllWithoutMeSearch($search, $profil->getId()); } else { $users = $contact->getAllfriends($profil->getId()); } return include_once "views/contacts/contact-home.php";
public function renderFormElement() { $sValue = safeText($this->value); $text = "<div class='row controlRow'>\n <div class='col-sm-" . self::FIRST_ELEMENT_SIZE . " controlCell'>\n %s\n </div> \n <div class='col-sm-" . self::MIDDLE_ELEMENT_SIZE . " controlCell'>\n <input type='text' class='inputValue' name='%s' value='%s'/>\n </div>\n</div>"; return sprintf($text, $this->getDisplayName(), $this->getVariableName(), $sValue); }
$time = str_replace(",", ".", $time); $time = str_replace("-", ".", $time); $time = explode(".", $time); if (!isset($time[0]) || !isset($time[1]) || !isset($time[2])) { $err[] = "Špatný formát datumu (DD. MM. RRRR)!"; } else { $time[0] = trim($time[0]); $time[1] = trim($time[1]); $time[2] = trim($time[2]); $date = $time[0] . ". " . $time[1] . ". " . $time[2]; $timestampEntry = mktime(0, 0, 0, $time[1], $time[0], $time[2]); } $subsciption = safeText($_POST['subsciption']); $place = safeText($_POST['place']); $accessPost = safeText($_POST['access']); $typePost = safeText($_POST['eventType']); if (empty($err)) { $database = new Event(); if ($isSaved == 0) { $isSaved = $database->setEvent($timestampEntry, 0, $profil->getId(), $profil->getId(), $organisator, $enrollSystem, $mainTitle, $subsciption, $place, $accessPost, $typePost); $database->setEnroll($profil->getId(), $isSaved, $profil->getEmailAdmin()); $err[] = "Úspěšně vytvořená událost!"; } else { $database->updateEvent($timestampEntry, 0, $meOrganisator, $organisator, $enrollSystem, $mainTitle, $subsciption, $place, $accessPost, $typePost, $isSaved); $err[] = "Změny uloženy!"; } if ($enrollSystem == 1) { header("location: index.php?page=calendar_new_event_enrollSystemSetting&id={$isSaved}"); } } }
/** * @return string */ public function renderFormElement() { $sWidth = safeText($this->h20); $text = "<div class='row controlRow'>\n <div class='col-sm-" . self::FIRST_ELEMENT_SIZE . " controlCell'>\n %s\n </div> \n <div class='col-sm-" . self::MIDDLE_ELEMENT_SIZE . " inputValue controlCell'>\n <input type='text' name='%s' value='%s'/>\n </div>\n</div>"; return sprintf($text, "Height", self::H20_NAME, $sWidth); }
} } if (isset($_POST['club'])) { $club = safeText($_POST['club']); if (strlen($club) > 255) { $err[] = "Příliš dlouhý název klubu!"; } } if (isset($_POST['adress'])) { $adress = safeText($_POST['adress']); if (strlen($adress) > 255) { $err[] = "Příliš dlouhá adresa!"; } } if (isset($_POST['message'])) { $message = safeText($_POST['message']); } } $gender = "<option value='m'"; if (isset($_POST['gender']) && $_POST['gender'] == "m") { $genderValue = $_POST['gender']; $gender .= " selected "; } $gender .= ">Muž</option><option value='f'"; if (isset($_POST['gender']) && $_POST['gender'] == "f") { $genderValue = $_POST['gender']; $gender .= " selected "; } $gender .= ">Žena</option>"; if (isset($_POST['enroll'])) { if (empty($err)) {