function setUserData($userID, $dataArray)
{
$dataArray = secureArray($dataArray);
$query = 'UPDATE ' . DB_PREFIX . DB_USERS . ' SET ';
$count = count($dataArray);
$i = 0;
foreach ($dataArray as $col => $var) {
$col = secureString($col);
$var = secureString($var);
if ($i >= $count - 1) {
$query = $query . $col . '=\'' . $var . '\' WHERE id=\'' . $userID . '\';';
} else {
$query = $query . $col . '=\'' . $var . '\', ';
}
$i++;
}
$success = queryMySQLData($query);
return $success;
}
{
if (!is_array($arr)) {
return;
}
foreach ($arr as $key => $val) {
is_array($arr[$key]) ? traverse($arr[$key]) : ($arr[$key] = stripslashes($arr[$key]));
}
}
$gpc = array(&$_REQUEST);
traverse($gpc);
}
if (!isset($_SERVER['SCRIPT_NAME'])) {
$_REQUEST = get_defined_vars();
$_SERVER = $HTTP_SERVER_VARS;
}
$_REQUEST = secureArray($_REQUEST);
function serveMe($theString, $theFilename)
{
$myFileSize = strlen($theString);
if (!$theFilename) {
$theFilename = "Undefined.txt";
}
$parts = pathinfo($theFilename);
$mime = "text/" . $parts['extension'];
header("Pragma: public");
header("Expires: Thu,19 Nov 1981 08:52:00 GMT");
header("Cache-Control: must-revalidate,post-check=0,pre-check=0");
header("Cache-Control: no-store,no-cache,must-revalidate");
header("Cache-Control: private");
header("Content-Type: " . $mime);
header("Content-Disposition: attachment; filename=" . $theFilename . ";");
<?php
/*
* @Copyright 2007 By psykocrash from PHPCS.COM for SecureArray()
*/
function secureArray(&$item)
{
if (is_array($item)) {
array_walk($item, 'secureArray');
} else {
$item = htmlspecialchars($item);
$item = mysql_real_escape_string($item);
}
}
//if (filesize('../config.php') == 0) {
secureArray($_POST);
secureArray($_GET);
//}
function getPost($postKey = '', $type = 'any', $ignoreStripTags = false) {
if(!isset($_POST[$postKey])) {
return NULL;
}
if ($type == 'any') {
return secureString($_POST[$postKey], $ignoreStripTags);
} else if ($type == 'int' || $type == 'integer') {
return (int)$_POST[$postKey];
} else if ($type == 'float') {
return (float)$_POST[$postKey];
} else if ($type == 'str' || $type == 'string') {
return secureString($_POST[$postKey], $ignoreStripTags);
} else if ($type == 'array') {
if (!is_array($_POST[$postKey])) {
return (array)secureString($_POST[$postKey], $ignoreStripTags);
} else {
return secureArray($_POST[$postKey], $ignoreStripTags);
}
} else if ($type == 'bool' || $type == 'boolean') {
return (bool)$_POST[$postKey];
} else {
return secureString($_POST[$postKey], $ignoreStripTags);
}
}
function traverse(&$arr)
{
if (!is_array($arr)) {
return;
}
foreach ($arr as $key => $val) {
is_array($arr[$key]) ? traverse($arr[$key]) : ($arr[$key] = stripslashes($arr[$key]));
}
}
$gpc = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);
traverse($gpc);
}
$_REQUEST = secureArray($_REQUEST);
$_GET = secureArray($_GET);
$_POST = secureArray($_POST);
$_COOKIE = secureArray($_COOKIE);
// these get set after default settings below because getid3 and coverartbasename should be over-written by request
//
// see: (below)
/*
foreach($_REQUEST as $key => $value){
if(in_array($key, $AcheckRequests)){
$$key = $value;
} else {
unset($$_REQUEST[$key]);
}
}
*/
$AcheckRequests = array();
$AcheckRequests[] = "action";
$AcheckRequests[] = "theFile";
