/** * mysqli version of formReq() * * Requires data submitted as isset() and passes data to * idbIn() which processes per MySQL standards, adding slashes and * attempting to prevent SQL injection. * * Upon failure, user is forcibly redirected to global variable, * $redirect, which is applied just before checking a series of form values. * * mysqli version requires explicit connection, $myConn * *<code> * $iConn = conn("admin",TRUE); //mysqli connection * $myVar = iformReq($_POST['myVar'],$iConn); * $otherVar = iformReq($_POST['otherVar'],$iConn); *</code> * * @uses idbIn() * @see formReq() * @param string $var data as entered by user * @param object $myConn active mysqli DB connection, passed by reference. * @return string returns data filtered by MySQL, adding slashes, etc. * @todo none */ function iformReq($var, &$iConn) { /** * $redirect stores page to redirect user to upon failure * These variables are declared in the page, just before the form fields are tested. * * @global string $redirect */ global $redirect; if (!isset($_POST[$var])) { feedback("Required Form Data Not Passed", "error"); if (!isset($redirect) || $redirect == "") { //if no redirect indicated, use the current page! myRedirect(THIS_PAGE); } else { myRedirect($redirect); } } else { return idbIn($_POST[$var], $iConn); } }
/** * session_eliminate() overrides default session_destroy() function, deletes session DB data * * @global object database connection open to delete session data * @param string $sid ID string to identify current session * @return integer Number of rows deleted - should be one * @todo none */ function session_eliminate($sid) { global $iConn; # Global connection to DB if (!is_resource($iConn)) { $iConn = IDB::conn(); } # Delete SQL $sql = sprintf('DELETE FROM ' . PREFIX . 'sessions WHERE PHPSessID="%s"', idbIn($sid, $iConn)); mysqli_query($iConn, $sql) or die(trigger_error(mysqli_error($iConn) . " sql: " . $sql, E_USER_ERROR)); # Setting a session to an empty array safely clears all data $_SESSION = array(); return mysqli_affected_rows($iConn); }