Esempio n. 1
0
function RepSpeRssStr($str)
{
    $str = stripSlashes($str);
    $str = ehtmlspecialchars($str, ENT_QUOTES);
    $str = str_replace(array('[!--empirenews.page--]', '[/!--empirenews.page--]', '[', ']'), array('', '', '', ''), $str);
    return $str;
}
Esempio n. 2
0
function RepPostVar($val)
{
    $val = str_replace(" ", "", $val);
    $val = str_replace("'", "", $val);
    $val = str_replace("\"", "", $val);
    $val = addslashes(stripSlashes($val));
    return $val;
}
 protected function unserializeData()
 {
     $data = $this->getData();
     $result = null;
     $dataType = gettype($data);
     switch ($dataType) {
         case 'object':
             $dataType = get_class($data);
         case 'TSimpleHttpResponse':
             $format = $this->getServiceProtocol();
             if ($data->isHeader('X-MCP-API-ResonseServiceProtocol')) {
                 $format = $data->getHeader('X-MCP-API-ResonseServiceProtocol');
             }
             if (!in_array($format, array($this->getServiceProtocol(), TServiceProtocol::NONE, TServiceProtocol::UNKNOWN))) {
                 throw new TDispatchAdapterException('adapter_protocol_not_supported', __CLASS__, $format);
             }
             $result = TNvpSerializer::unserialize($data->getBody());
             break;
         case 'boolean':
         case 'integer':
         case 'boolean':
         case 'array':
         case 'null':
         case 'NULL':
             $result = TNvpSerializer::unserialize(TNvpSerializer::serialize($data));
             break;
         case 'string':
             $result = TNvpSerializer::unserialize($data);
             break;
         case 'resource':
         case 'unknown type':
         default:
             throw new TDispatchAdapterException('adapter_datatype_not_supported', $dataType);
             break;
     }
     do {
         if (!isset($result['error'])) {
             break;
         }
         if ($result['error'] == 0) {
             break;
         }
         $code = $result['error'];
         $msg = isset($result['errorMessage']) ? stripSlashes($result['errorMessage']) : '';
         throw new Exception($msg, $code);
     } while (0);
     do {
         if (!isset($result['result'])) {
             break;
         }
         if (count($result) > 2) {
             break;
         }
         $result = $result['result'];
     } while (0);
     return $result;
 }
Esempio n. 4
0
 /**
  * @ stripslashes()
  * @param data $data
  * @return string $data
  * addSlashes adverse function
  * */
 public static function stripslashes($data)
 {
     if (is_array($data)) {
         foreach ($data as $key => $value) {
             $data[$key] = self::stripSlashes($value);
         }
     } else {
         $data = stripSlashes(trim($data));
     }
     return $data;
 }
Esempio n. 5
0
 public function serialize_array($name, $arr)
 {
     $tmp = json_encode($arr);
     $tmp = str_replace(":{", " => [", $tmp);
     $tmp = str_replace("{", "[", $tmp);
     $tmp = str_replace("},", "],\n\t", $tmp);
     $tmp = str_replace("}", "]", $tmp);
     $tmp = str_replace(":", " => ", $tmp);
     $tmp = str_replace('"', "'", $tmp);
     $tmp = "\$" . $name . " = " . stripSlashes($tmp) . ";";
     return $tmp;
 }
Esempio n. 6
0
function ShowBuyproduct($buycar, $payby)
{
    global $empire, $dbtbpre;
    $record = "!";
    $field = "|";
    $r = explode($record, $buycar);
    $alltotal = 0;
    $alltotalfen = 0;
    echo "<table width='100%' border=0 align=center cellpadding=3 cellspacing=1>\r\n          <tr class='header'> \r\n            <td width='9%' height=23> <div align=center>序号</div></td>\r\n            <td width='43%'> <div align=center>商品名称</div></td>\r\n            <td width='19%'> <div align=center>单价</div></td>\r\n            <td width='10%'> <div align=center>数量</div></td>\r\n            <td width='19%'> <div align=center>小计</div></td>\r\n          </tr>";
    $j = 0;
    for ($i = 0; $i < count($r) - 1; $i++) {
        $j++;
        $pr = explode($field, $r[$i]);
        $productid = $pr[1];
        $fr = explode(",", $pr[1]);
        //ID
        $classid = (int) $fr[0];
        $id = (int) $fr[1];
        //数量
        $num = (int) $pr[2];
        if (empty($num)) {
            $num = 1;
        }
        //单价
        $price = $pr[3];
        $thistotal = $price * $num;
        $buyfen = $pr[4];
        $thistotalfen = $buyfen * $num;
        if ($payby == 1) {
            $showprice = $buyfen . " 点";
            $showthistotal = $thistotalfen . " 点";
        } else {
            $showprice = $price . " 元";
            $showthistotal = $thistotal . " 元";
        }
        //产品名称
        $title = stripSlashes($pr[5]);
        //返回链接
        $titleurl = "../../public/InfoUrl/?classid={$classid}&id={$id}";
        $alltotal += $thistotal;
        $alltotalfen += $thistotalfen;
        echo "<tr>\r\n\t<td align=center>" . $j . "</td>\r\n\t<td align=center><a href='" . $titleurl . "' target=_blank>" . $title . "</a></td>\r\n\t<td align=right><b>¥" . $showprice . "</b></td>\r\n\t<td align=right>" . $num . "</td>\r\n\t<td align=right>" . $showthistotal . "</td>\r\n\t</tr>";
    }
    //支付点数付费
    if ($payby == 1) {
        $a = "<tr> \r\n      <td colspan=5><div align=right>合计点数:<strong>" . $alltotalfen . "</strong></div></td>\r\n      <td>&nbsp;</td>\r\n    </tr>\r\n\t</table>";
    } else {
        echo "<tr> \r\n      <td colspan=5><div align=right>合计:<strong>¥" . $alltotal . "</strong></div></td>\r\n      <td>&nbsp;</td>\r\n    </tr>\r\n  </table>";
    }
}
 /**
  * enleve tout les slashes d'une chaine ou d'un tableau de chaine
  * @param string/array	$string
  * @return string/array	l'objet transformé
  */
 function _stripSlashes($string)
 {
     if ($this->magic_quotes) {
         if (is_array($string)) {
             $toReturn = array();
             // c'est un tableau, on traite un à un tout les elements du tableau
             foreach ($string as $key => $elem) {
                 $toReturn[$key] = $this->_stripSlashes($elem);
             }
             return $toReturn;
         } else {
             return stripSlashes($string);
         }
     } else {
         return $string;
     }
 }
Esempio n. 8
0
function encode($string)
{
    $string = trim($string);
    $string = stripSlashes("{$string}");
    $string = str_replace("&", "&amp;", $string);
    $string = str_replace("'", "&#39;", $string);
    $string = str_replace("&amp;amp;", "&amp;", $string);
    $string = str_replace("&amp;quot;", "&quot;", $string);
    $string = str_replace("\"", "&quot;", $string);
    $string = str_replace("&amp;lt;", "&lt;", $string);
    $string = str_replace("<", "&lt;", $string);
    $string = str_replace("&amp;gt;", "&gt;", $string);
    $string = str_replace(">", "&gt;", $string);
    $string = str_replace("&amp;nbsp;", "&nbsp;", $string);
    $string = nl2br($string);
    return $string;
}
Esempio n. 9
0
 private function normalizeArray(&$arr)
 {
     // The following function strips slashes from
     // an HTTP input. Note: parameter is passed by reference
     // Scan the array
     foreach ($arr as $key => $value) {
         if (!is_array($value)) {
             // Let's go
             $arr[$key] = stripSlashes($value);
         } else {
             // Recursive call.
             $this->normalizeArray($arr[$key]);
         }
     }
     reset($arr);
     return $arr;
 }
Esempio n. 10
0
function API_Login($user, $pass)
{
    global $Block, $setting, $onlineip, $_COOKIE, $_SERVER;
    $pwd = md5($pass);
    $user = Conn()->record("members", "uid,username,password,safecv", "username='******' and password='******'");
    if (!$user) {
        return false;
    }
    $winduid = $user[0]['uid'];
    $windpwd = md5($_SERVER['HTTP_USER_AGENT'] . $pwd . $GLOBALS['db_hash']);
    $safecv = $user[0]['safecv'];
    $username = $user[0]['username'];
    $winduser = StrCode(stripSlashes("{$winduid}\t{$windpwd}\t{$safecv}"), "ENCODE");
    $GLOBALS['cookiepre'] = substr(md5($GLOBALS['db_sitehash']), 0, 5) . '_';
    osetcookie('winduser', $winduser, 31536000);
    osetcookie('ck_info', $GLOBALS['db_ckpath'] . "\t" . $GLOBALS['db_ckdomain'], 31536000);
    osetcookie('lastvisit', '', 0);
    $GLOBALS['cookiepre'] = 'onez_';
    osetcookie('userid', $winduid, 31536000);
    osetcookie('username', $username, 31536000);
    return 'Y';
}
Esempio n. 11
0
 public function parse_template()
 {
     // On passe au tpl de la page les 2 variables nécessaires à son bon fonctionnement
     $args = $this->args;
     $datas = $this->datas;
     // On instancie la table des tags par défaut
     $transformateur = new odTransform();
     // On lit le contenu de module.tpl
     $this->read_module();
     // S'il y a quelque chose dans module.tpl, il ne doit y avoir que des tag omodule
     if (strlen($this->file_content) != 0) {
         // On va chercher le tag omodule
         $module_tag = $transformateur->get_named_tag("omodule");
         // On le transforme par l'instruction d'ajout dans la table des tags de odTransform
         $this->file_content = preg_replace($module_tag[0], html_entity_decode($module_tag[1]), $this->file_content);
         // même chose pour le tag block
         $module_tag = $transformateur->get_named_tag("block");
         $this->file_content = preg_replace($module_tag[0], html_entity_decode($module_tag[1]), $this->file_content);
         // On supprime cette variable pour ne pas la retrouver dans les variables définies
         unset($module_tag);
         // Et on exécute l'instruction d'ajout dans la table des tags
         eval(stripSlashes("?\\>" . utf8_encode($this->file_content)));
     }
     // On lit le template de la page
     $this->read_template();
     // S'il y a quelque chose dans le template
     if (strlen($this->file_content) != 0) {
         // On transforme tous les tags trouvés par leur valeur définie dans la table des tags
         foreach ($transformateur->get_all_tags() as $odtag) {
             $this->file_content = preg_replace($odtag[0], html_entity_decode($odtag[1]), $this->file_content);
         }
         // On supprime les variables que l'on ne doit pas voir
         unset($odtag);
         unset($transformateur);
         file_put_contents("logs/output.php", $this->file_content);
         // On évalue le code obtenu de la page
         eval(stripSlashes("?\\>" . utf8_encode($this->file_content)));
     }
 }
Esempio n. 12
0
function ecmsShowInfoTop($query, $where, $field, $topnum, $day)
{
    global $empire, $dbtbpre, $class_r;
    if ($day) {
        $and = $where ? ' and ' : ' where ';
        $query .= $and . "newstime>=" . time() . "-" . $day * 24 * 3600;
    }
    if ($field == 'plnum') {
        $word = '评论数';
    } elseif ($field == 'totaldown') {
        $word = '下载数';
    } elseif ($field == 'onclick') {
        $word = '点击数';
    }
    $query .= " order by " . $field . " desc limit " . $topnum;
    echo "<table width='100%' border='0' cellpadding='3' cellspacing='1' class='tableborder'><tr><td width='85%'>标题</td><td width='15%'>{$word}</td></tr>";
    $sql = $empire->query($query);
    while ($r = $empire->fetch($sql)) {
        $classurl = sys_ReturnBqClassname($r, 9);
        $titleurl = sys_ReturnBqTitleLink($r);
        echo "<tr bgcolor='#ffffff' height='23'><td>[<a href='" . $classurl . "' target='_blank'>" . $class_r[$r[classid]][classname] . "</a>] <a href='{$titleurl}' target='_blank' title='发布时间:" . date("Y-m-d H:i:s", $r[newstime]) . "'>" . stripSlashes($r[title]) . "</a></td><td>" . $r[$field] . "</td></tr>";
    }
    echo "</table>";
}
Esempio n. 13
0
$modid = intval(empty($_GET["modid"]) ? @$args["modid"] : $_GET["modid"]);
$catid = intval(empty($_GET["catid"]) ? @$args["catid"] : $_GET["catid"]);
$start = intval(empty($_GET["start"]) ? @$args["start"] : $_GET["start"]);
if (empty($modid) && is_object($GLOBALS["xoopsModule"]) && "tag" != $GLOBALS["xoopsModule"]->getVar("dirname")) {
    $modid = $GLOBALS["xoopsModule"]->getVar("mid");
}
if (empty($tag_id) && empty($tag_term)) {
    redirect_header(XOOPS_URL . "/modules/" . $GLOBALS["xoopsModule"]->getVar("dirname") . "/index.php", 2, TAG_MD_INVALID);
    exit;
}
$tag_handler =& xoops_getmodulehandler("tag", "tag");
if (!empty($tag_id)) {
    $tag_obj =& $tag_handler->get($tag_id);
    $tag_term = $tag_obj->getVar("tag_term", "n");
} else {
    if (!($tags_obj = $tag_handler->getObjects(new Criteria("tag_term", addSlashes(stripSlashes($tag_term)))))) {
        redirect_header(XOOPS_URL . "/modules/" . $GLOBALS["xoopsModule"]->getVar("dirname") . "/index.php", 2, TAG_MD_INVALID);
        exit;
    }
    $tag_obj =& $tags_obj[0];
    $tag_id = $tag_obj->getVar("tag_id");
}
if (!empty($tag_desc)) {
    $page_title = $tag_desc;
} else {
    $module_name = "tag" == $xoopsModule->getVar("dirname") ? $xoopsConfig["sitename"] : $xoopsModule->getVar("name");
    $page_title = sprintf(TAG_MD_TAGVIEW, htmlspecialchars($tag_term), $module_name);
}
$xoopsOption["template_main"] = "tag_view.html";
$xoopsOption["xoops_pagetitle"] = strip_tags($page_title);
include XOOPS_ROOT_PATH . "/header.php";
Esempio n. 14
0
     $panels[$i - 1]->pict = isset($_GET['panel' . $i . 'pict']) ? stripSlashes($_GET['panel' . $i . 'pict']) : "cfco2014.jpg";
     $panels[$i - 1]->slides = isset($_GET['panel' . $i . 'slides']) ? stripSlashes($_GET['panel' . $i . 'slides']) : "";
     $panels[$i - 1]->txt = isset($_GET['panel' . $i . 'txt']) ? stripSlashes($_GET['panel' . $i . 'txt']) : "Welcome";
     $panels[$i - 1]->txtsize = isset($_GET['panel' . $i . 'txtsize']) ? intval($_GET['panel' . $i . 'txtsize']) : 16;
     $panels[$i - 1]->txtcolor = isset($_GET['panel' . $i . 'txtcolor']) ? stripSlashes($_GET['panel' . $i . 'txtcolor']) : "000000";
     $panels[$i - 1]->html = isset($_GET['panel' . $i . 'html']) ? stripSlashes($_GET['panel' . $i . 'html']) : "exemple.html";
     $panels[$i - 1]->firstline = isset($_GET['panel' . $i . 'firstline']) ? intval($_GET['panel' . $i . 'firstline']) : 1;
     $panels[$i - 1]->fixedlines = isset($_GET['panel' . $i . 'fixedlines']) ? intval($_GET['panel' . $i . 'fixedlines']) : 10;
     $panels[$i - 1]->scrolledlines = isset($_GET['panel' . $i . 'scrolledlines']) ? intval($_GET['panel' . $i . 'scrolledlines']) : 17;
     $panels[$i - 1]->scrolltime = isset($_GET['panel' . $i . 'scrolltime']) ? intval($_GET['panel' . $i . 'scrolltime']) : 10;
     $panels[$i - 1]->scrollbeforetime = isset($_GET['panel' . $i . 'scrollbeforetime']) ? intval($_GET['panel' . $i . 'scrollbeforetime']) : 50;
     $panels[$i - 1]->scrollaftertime = isset($_GET['panel' . $i . 'scrollaftertime']) ? intval($_GET['panel' . $i . 'scrollaftertime']) : 80;
     $panels[$i - 1]->updateduration = isset($_GET['panel' . $i . 'updateduration']) ? intval($_GET['panel' . $i . 'updateduration']) : 3;
     $panels[$i - 1]->radioctrl = isset($_GET['panel' . $i . 'radioctrl']) ? intval($_GET['panel' . $i . 'radioctrl']) : 31;
 }
 $title = isset($_GET['title']) ? stripSlashes($_GET['title']) : "no title";
 $chkall = isset($_GET['chkall']) ? $_GET['chkall'] : null;
 $res = mysql_query("SELECT rcid FROM resultscreen WHERE rcid={$rcid} AND sid={$sid}");
 if (mysql_num_rows($res) > 0) {
     $now = time();
     $str = "cid='" . $cid . "', ";
     $str = $str . "panelscount='" . $panelscount . "', ";
     $str = $str . "style='" . addSlashes($style) . "', ";
     $str = $str . "title='" . addSlashes($title) . "', ";
     $str = $str . "titlesize='" . $titlesize . "', ";
     $str = $str . "titlecolor='" . addSlashes($titlecolor) . "', ";
     $str = $str . "subtitle='" . addSlashes($subtitle) . "', ";
     $str = $str . "subtitlesize='" . $subtitlesize . "', ";
     $str = $str . "subtitlecolor='" . addSlashes($subtitlecolor) . "', ";
     $str = $str . "titleleftpict='" . addSlashes($titleleftpict) . "', ";
     $str = $str . "titlerightpict='" . addSlashes($titlerightpict) . "', ";
Esempio n. 15
0
 /**
  * Get the hierarchy in list form
  * 
  * @param int $pn_id 
  * @param array $pa_options
  *
  *		additionalTableToJoin: name of table to join to hierarchical table (and return fields from); only fields related many-to-one are currently supported
  *		idsOnly = return simple array of primary key values for child records rather than full data array
  *		returnDeleted = return deleted records in list (def. false)
  *		maxLevels = 
  *		dontIncludeRoot = 
  *		includeSelf = 
  * 
  * @return array
  */
 public function &getHierarchyAsList($pn_id = null, $pa_options = null)
 {
     if (!$this->isHierarchical()) {
         return null;
     }
     $pb_ids_only = caGetOption('idsOnly', $pa_options, false);
     $pn_max_levels = caGetOption('maxLevels', $pa_options, null, array('cast' => 'int'));
     $ps_additional_table_to_join = caGetOption('additionalTableToJoin', $pa_options, null);
     $pb_dont_include_root = caGetOption('dontIncludeRoot', $pa_options, false);
     $pb_include_self = caGetOption('includeSelf', $pa_options, false);
     if ($pn_id && $pb_include_self) {
         $pb_dont_include_root = false;
     }
     if ($qr_hier = $this->getHierarchy($pn_id, $pa_options)) {
         if ($pb_ids_only) {
             if (!$pb_include_self || $pb_dont_include_root) {
                 if (($vn_i = array_search($pn_id, $qr_hier)) !== false) {
                     unset($qr_hier[$vn_i]);
                 }
             }
             return $qr_hier;
         }
         $vs_hier_right_fld = $this->getProperty("HIERARCHY_RIGHT_INDEX_FLD");
         $va_indent_stack = array();
         $va_hier = array();
         $vn_cur_level = -1;
         $va_omit_stack = array();
         $vn_root_id = $pn_id;
         while ($qr_hier->nextRow()) {
             $vn_row_id = $qr_hier->get($this->primaryKey());
             if (is_null($vn_root_id)) {
                 $vn_root_id = $vn_row_id;
             }
             if ($pb_dont_include_root && $vn_row_id == $vn_root_id) {
                 continue;
             }
             // skip root if desired
             $vn_r = $qr_hier->get($vs_hier_right_fld);
             $vn_c = sizeof($va_indent_stack);
             if ($vn_c > 0) {
                 while ($vn_c && $va_indent_stack[$vn_c - 1] <= $vn_r) {
                     array_pop($va_indent_stack);
                     $vn_c = sizeof($va_indent_stack);
                 }
             }
             if ($vn_cur_level != sizeof($va_indent_stack)) {
                 if ($vn_cur_level > sizeof($va_indent_stack)) {
                     $va_omit_stack = array();
                 }
                 $vn_cur_level = intval(sizeof($va_indent_stack));
             }
             if (is_null($pn_max_levels) || $vn_cur_level < $pn_max_levels) {
                 $va_field_values = $qr_hier->getRow();
                 foreach ($va_field_values as $vs_key => $vs_val) {
                     $va_field_values[$vs_key] = stripSlashes($vs_val);
                 }
                 if ($pb_ids_only) {
                     $va_hier[] = $vn_row_id;
                 } else {
                     $va_node = array("NODE" => $va_field_values, "LEVEL" => $vn_cur_level);
                     $va_hier[] = $va_node;
                 }
             }
             $va_indent_stack[] = $vn_r;
         }
         return $va_hier;
     } else {
         return null;
     }
 }
 function _filter_gpc($value)
 {
     return get_magic_quotes_gpc() ? stripSlashes($value) : $value;
 }
Esempio n. 17
0
     $jzUSER->storePlaylist($pl);
     if (!defined('NO_AJAX_JUKEBOX')) {
         $blocks = new jzBlocks();
         $blocks->playlistDisplay();
         exit;
     }
 } else {
     if (isset($_POST['jz_path']) && isset($_POST['addPath']) || isset($_POST['addList']) && sizeof($_POST['jz_list']) == 0) {
         $exit = false;
         $guy =& new jzMediaNode($_POST['jz_path']);
         if (isset($_POST['doquery']) && $_POST['query'] != "") {
             if ($_POST['how'] == "search") {
                 $root =& new jzMediaNode();
                 $list = $root->search(stripSlashes($_POST['query']), "tracks", -1);
             } else {
                 $list = $guy->search(stripSlashes($_POST['query']), "tracks", -1);
             }
             $pl = $jzUSER->loadPlaylist();
             $pl->add($list);
             $jzUSER->storePlaylist($pl);
             if (!defined('NO_AJAX_JUKEBOX')) {
                 $blocks = new jzBlocks();
                 $blocks->playlistDisplay();
                 exit;
             }
         } else {
             $pl = $jzUSER->loadPlaylist();
             $pl->add($guy);
             $jzUSER->storePlaylist($pl);
             if (!defined('NO_AJAX_JUKEBOX')) {
                 $blocks = new jzBlocks();
Esempio n. 18
0
 /**
  * Get the value of a field in the current row.
  * Possible keys in the options array:
  * binary, unserialize, convertHTMLBreaks, urlEncode, filterHTMLSpecialCharacters, escapeForXML, stripSlashes
  *
  * @param string $ps_field field name
  * @param array $pa_options associative array of options, keys are names of the options, values are boolean.
  * @return mixed
  */
 function get($ps_field, $pa_options = null)
 {
     $va_field = isset(DbResult::$s_field_info_cache[$ps_field]) ? DbResult::$s_field_info_cache[$ps_field] : $this->getFieldInfo($ps_field);
     if (!isset($this->opa_current_row[$va_field["field"]])) {
         return null;
     }
     $vs_val = isset($this->opa_current_row[$va_field["field"]]) ? $this->opa_current_row[$va_field["field"]] : null;
     if (isset($pa_options["binary"]) && $pa_options["binary"]) {
         return $vs_val;
     }
     if (isset($pa_options["unserialize"]) && $pa_options["unserialize"]) {
         if (!isset($this->opa_unserialized_cache[$va_field["field"]]) || !($vm_data = $this->opa_unserialized_cache[$va_field["field"]])) {
             $vm_data = caUnserializeForDatabase($vs_val);
             $this->opa_unserialized_cache[$va_field["field"]] =& $vm_data;
         }
         return $vm_data;
     }
     if (isset($pa_options["convertHTMLBreaks"]) && $pa_options["convertHTMLBreaks"]) {
         # check for tags before converting breaks
         preg_match_all("/<[A-Za-z0-9]+/", $vs_val, $va_tags);
         $va_ok_tags = array("<b", "<i", "<u", "<strong", "<em", "<strike", "<sub", "<sup", "<a", "<img", "<span");
         $vb_convert_breaks = true;
         foreach ($va_tags[0] as $vs_tag) {
             if (!in_array($vs_tag, $va_ok_tags)) {
                 $vb_convert_breaks = false;
                 break;
             }
         }
         if ($vb_convert_breaks) {
             $vs_val = preg_replace("/(\n|\r\n){2}/", "<p/>", $vs_val);
             $vs_val = ereg_replace("\n", "<br/>", $vs_val);
         }
     }
     if (isset($pa_options["urlEncode"]) && $pa_options["urlEncode"]) {
         $vs_val = urlEncode($vs_val);
     }
     if (isset($pa_options["filterHTMLSpecialCharacters"]) && $pa_options["filterHTMLSpecialCharacters"]) {
         $vs_val = htmlentities(html_entity_decode($vs_val));
     }
     if (isset($pa_options["escapeForXML"]) && $pa_options["escapeForXML"]) {
         $vs_val = caEscapeForXML($vs_val);
     }
     if (get_magic_quotes_gpc() || $pa_options["stripSlashes"]) {
         $vs_val = stripSlashes($vs_val);
     }
     return $vs_val;
 }
Esempio n. 19
0
function Ebak_SaveSeting($add)
{
    $savename = $add['savename'];
    if (strstr($savename, '.') || strstr($savename, '/') || strstr($savename, "\\")) {
        printerror("FailSetSavename", "history.go(-1)");
    }
    $baktype = (int) $add['baktype'];
    $filesize = (int) $add['filesize'];
    $bakline = (int) $add['bakline'];
    $autoauf = (int) $add['autoauf'];
    $bakstru = (int) $add['bakstru'];
    $bakstrufour = (int) $add['bakstrufour'];
    $beover = (int) $add['beover'];
    $add['waitbaktime'] = (int) $add['waitbaktime'];
    $bakdatatype = (int) $add['bakdatatype'];
    //表列表
    $tblist = "";
    $tablename = $add['tablename'];
    $count = count($tablename);
    if ($count) {
        for ($i = 0; $i < $count; $i++) {
            $tblist .= $tablename[$i] . ",";
        }
        $tblist = "," . $tblist;
    }
    $str = "<?php\n\$dbaktype=" . $baktype . ";\n\$dfilesize=" . $filesize . ";\n\$dbakline=" . $bakline . ";\n\$dautoauf=" . $autoauf . ";\n\$dbakstru=" . $bakstru . ";\n\$dbakstrufour=" . $bakstrufour . ";\n\$ddbchar='" . addslashes($add['dbchar']) . "';\n\$dmypath='" . addslashes($add['mypath']) . "';\n\$dreadme=\"" . addslashes(stripSlashes($add['readme'])) . "\";\n\$dautofield='" . addslashes($add['autofield']) . "';\n\$dtblist='" . addslashes($tblist) . "';\n\$dbeover=" . $beover . ";\n\$dinsertf='" . addslashes($add['insertf']) . "';\n\$dmydbname='" . addslashes($add['mydbname']) . "';\n\$dkeyboard='" . addslashes($add['keyboard']) . "';\n\$dwaitbaktime='" . $add['waitbaktime'] . "';\n\$dbakdatatype=" . $bakdatatype . ";\n?>";
    $file = "setsave/" . $savename;
    WriteFiletext_n($file, $str);
    printerror("SetSaveSuccess", "history.go(-1)");
}
Esempio n. 20
0
        </table></td>
    </tr>
	<tr> 
      <td valign="top" bgcolor="#FFFFFF">&quot;上下页导航&quot;式正则设置:</td>
      <td bgcolor="#FFFFFF"> <table width="100%%" border="0" cellspacing="1" cellpadding="2">
          <tr> 
            <td width="50%" height="23"><strong>分页区域正则(<font color="#FF0000">[!--smallpagezz--]</font>)</strong></td>
            <td><strong>分页链接正则(<font color="#FF0000">[!--pagezz--]</font>)</strong></td>
          </tr>
          <tr> 
            <td><textarea name="add[smallpagezz]" cols="42" rows="12" id="add[smallpagezz]"><?php 
echo ehtmlspecialchars(stripSlashes($r[smallpagezz]));
?>
</textarea></td>
            <td><textarea name="add[pagezz]" cols="42" rows="12" id="add[pagezz]"><?php 
echo ehtmlspecialchars(stripSlashes($r[pagezz]));
?>
</textarea></td>
          </tr>
        </table></td>
    </tr>
    <tr> 
      <td bgcolor="#FFFFFF">&nbsp;</td>
      <td bgcolor="#FFFFFF"> <input type="submit" name="Submit" value="提交"> <input type="reset" name="Submit2" value="重置">      </td>
    </tr>
  </table>
  <br>
  <table width="100%" border="0" cellspacing="0" cellpadding="3">
    <tr>
      <td><strong>注意事项:<font color="#FF0000"><br>
        </font></strong>1.*:表示不限制内容。行与行之间的间隔最好用*格开<br>
Esempio n. 21
0
} else {
    if (empty($id) || empty($classid)) {
        printerror("ErrorUrl", "history.go(-1)", 1);
    }
    if (empty($class_r[$classid][tbname]) || InfoIsInTable($class_r[$classid][tbname])) {
        printerror("ErrorUrl", "history.go(-1)", 1);
    }
    $n_r = $empire->fetch1("select * from {$dbtbpre}ecms_" . $class_r[$classid][tbname] . " where id='{$id}' limit 1");
    if (!$n_r['id'] || $n_r['classid'] != $classid) {
        printerror("ErrorUrl", "history.go(-1)", 1);
    }
    $pubid = ReturnInfoPubid($classid, $id);
    $search = "&classid={$classid}&id=" . $id;
    //标题链接
    $titleurl = sys_ReturnBqTitleLink($n_r);
    $title = stripSlashes($n_r[title]);
    $pagetitle = ehtmlspecialchars($title);
    //评分
    $infopfennum = $n_r['infopfennum'];
    $pinfopfen = $infopfennum ? round($n_r['infopfen'] / $infopfennum) : 0;
    $url = ReturnClassLink($n_r[classid]) . "&nbsp;>&nbsp;<a href=" . $titleurl . ">" . $title . "</a>&nbsp;>&nbsp;" . $fun_r[pl];
}
//使用模板
$rewritetempid = 0;
if ($_GET['tempid']) {
    $tempid = (int) $_GET['tempid'];
    $tempnum = $empire->gettotal("select count(*) as total from " . GetTemptb("enewspltemp") . " where tempid='{$tempid}'");
    $tempid = $tempnum ? $tempid : $public_r['defpltempid'];
    $search .= '&tempid=' . $tempid;
    $rewritetempid = $tempid;
} else {
Esempio n. 22
0
" size="20"> 
        <select name="select4" onchange="document.form1.showdate.value=this.value">
          <option value="Y-m-d H:i:s">选择</option>
          <option value="Y-m-d H:i:s">2005-01-27 11:04:27</option>
          <option value="Y-m-d">2005-01-27</option>
          <option value="m-d">01-27</option>
        </select></td>
    </tr>
    <tr bgcolor="#FFFFFF"> 
      <td height="25"><strong>模板内容</strong>(*)</td>
      <td height="25">请将模板内容<a href="#ecms" onclick="window.clipboardData.setData('Text',document.form1.temptext.value);document.form1.temptext.select()" title="点击复制模板内容"><strong>复制到Dreamweaver(推荐)</strong></a>或者使用<a href="#ecms" onclick="window.open('editor.php?getvar=opener.document.form1.temptext.value&returnvar=opener.document.form1.temptext.value&fun=ReturnHtml&notfullpage=1','edittemp','width=880,height=600,scrollbars=auto,resizable=yes');"><strong>模板在线编辑</strong></a>进行可视化编辑</td>
    </tr>
    <tr bgcolor="#FFFFFF"> 
      <td height="25" colspan="2"><div align="center"> 
          <textarea name="temptext" cols="90" rows="18" id="temptext" wrap="OFF" style="WIDTH: 100%"><?php 
echo htmlspecialchars(stripSlashes($r[temptext]));
?>
</textarea>
        </div></td>
    </tr>
    <tr bgcolor="#FFFFFF"> 
      <td height="25" colspan="2">&nbsp;&nbsp;[<a href="#ecms" onclick="tempturnit(showtempvar);">显示模板变量说明</a>]</td>
    </tr>
    <tr bgcolor="#FFFFFF" id="showtempvar" style="display:none"> 
      <td height="25" colspan="2"> 
        <table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#DBEAF5">
          <tr bgcolor="#FFFFFF"> 
            <td width="33%" height="25"> <input name="textfield42" type="text" value="[!--id--]">
              :信息ID</td>
            <td width="34%"> <input name="textfield52" type="text" value="[!--titleurl--]">
              :标题链接</td>
Esempio n. 23
0
function LoadSearchAll($lid, $start, $userid, $username)
{
    global $empire, $dbtbpre, $class_r, $fun_r, $public_r, $emod_r;
    $lid = (int) $lid;
    if (empty($lid)) {
        printerror('ErrorUrl', '');
    }
    $lr = $empire->fetch1("select tbname,titlefield,infotextfield,loadnum,lastid from {$dbtbpre}enewssearchall_load where lid='{$lid}'");
    if (empty($lr['tbname'])) {
        printerror('ErrorUrl', '');
    }
    //不导入栏目
    $pr = $empire->fetch1("select schallnotcid from {$dbtbpre}enewspublic limit 1");
    $line = $lr['loadnum'];
    if (empty($line)) {
        $line = 300;
    }
    $start = (int) $start;
    if ($start < $lr['lastid']) {
        $start = $lr['lastid'];
    }
    //字段
    $selectdtf = '';
    $selectf = '';
    $savetxtf = '';
    $fsql = $empire->query("select tid,f,savetxt,tbdataf from {$dbtbpre}enewsf where (f='{$lr['titlefield']}' or f='{$lr['infotextfield']}') and tbname='{$lr['tbname']}' limit 2");
    while ($fr = $empire->fetch($fsql)) {
        if ($fr['tbdataf']) {
            $selectdtf .= ',' . $fr[f];
        } else {
            $selectf .= ',' . $fr[f];
        }
        if ($fr['savetxt']) {
            $savetxtf = $fr[f];
        }
    }
    $b = 0;
    $sql = $empire->query("select id,stb,classid,isurl,newstime" . $selectf . " from {$dbtbpre}ecms_" . $lr['tbname'] . " where id>{$start} order by id limit " . $line);
    while ($r = $empire->fetch($sql)) {
        $b = 1;
        $newstart = $r['id'];
        if ($r['isurl']) {
            continue;
        }
        if (empty($class_r[$r[classid]]['tbname'])) {
            continue;
        }
        if (strstr($pr['schallnotcid'], ',' . $r[classid] . ',')) {
            continue;
        }
        //重复
        $havenum = $empire->gettotal("select count(*) as total from {$dbtbpre}enewssearchall where id='{$r['id']}' and classid='{$r['classid']}' limit 1");
        if ($havenum) {
            continue;
        }
        //副表
        if ($selectdtf) {
            $finfor = $empire->fetch1("select id" . $selectdtf . " from {$dbtbpre}ecms_" . $lr['tbname'] . "_data_" . $r[stb] . " where id='{$r['id']}'");
            $r = array_merge($r, $finfor);
        }
        //存文本
        if ($savetxtf) {
            $r[$savetxtf] = GetTxtFieldText($r[$savetxtf]);
        }
        $infotext = $r[$lr[infotextfield]];
        $title = $r[$lr[titlefield]];
        $infotime = $r[newstime];
        $title = SearchReturnSaveStr(ClearSearchAllHtml(stripSlashes($title)));
        $infotext = SearchReturnSaveStr(ClearSearchAllHtml(stripSlashes($infotext)));
        $empire->query("insert into {$dbtbpre}enewssearchall(sid,id,classid,title,infotime,infotext) values(NULL,'{$r['id']}','{$r['classid']}','" . addslashes($title) . "','{$infotime}','" . addslashes($infotext) . "');");
    }
    if (empty($b)) {
        $lasttime = time();
        if (empty($newstart)) {
            $newstart = $start;
        }
        $empire->query("update {$dbtbpre}enewssearchall_load set lasttime='{$lasttime}',lastid='{$newstart}' where lid='{$lid}'");
        echo "<link rel=\"stylesheet\" href=\"../../data/images/css.css\" type=\"text/css\"><center><b>" . $lr['tbname'] . $fun_r[LoadSearchAllIsOK] . "</b></center>";
        db_close();
        $empire = null;
        exit;
    }
    echo "<link rel=\"stylesheet\" href=\"../../data/images/css.css\" type=\"text/css\"><meta http-equiv=\"refresh\" content=\"0;url=LoadSearchAll.php?enews=LoadSearchAll&lid={$lid}&start={$newstart}" . hReturnEcmsHashStrHref(0) . "\">" . $fun_r[OneLoadSearchAllSuccess] . "(ID:<font color=red><b>" . $newstart . "</b></font>)";
    exit;
}
Esempio n. 24
0
 /**
  * Creates current HttpRequest object.
  * @return Request
  */
 public function createHttpRequest()
 {
     // DETECTS URI, base path and script path of the request.
     $url = new UrlScript();
     $url->setScheme(!empty($_SERVER['HTTPS']) && strcasecmp($_SERVER['HTTPS'], 'off') ? 'https' : 'http');
     $url->setUser(isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : '');
     $url->setPassword(isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : '');
     // host & port
     if ((isset($_SERVER[$tmp = 'HTTP_HOST']) || isset($_SERVER[$tmp = 'SERVER_NAME'])) && preg_match('#^([a-z0-9_.-]+|\\[[a-f0-9:]+\\])(:\\d+)?\\z#i', $_SERVER[$tmp], $pair)) {
         $url->setHost(strtolower($pair[1]));
         if (isset($pair[2])) {
             $url->setPort(substr($pair[2], 1));
         } elseif (isset($_SERVER['SERVER_PORT'])) {
             $url->setPort($_SERVER['SERVER_PORT']);
         }
     }
     // path & query
     if (isset($_SERVER['REQUEST_URI'])) {
         // Apache, IIS 6.0
         $requestUrl = $_SERVER['REQUEST_URI'];
     } elseif (isset($_SERVER['ORIG_PATH_INFO'])) {
         // IIS 5.0 (PHP as CGI ?)
         $requestUrl = $_SERVER['ORIG_PATH_INFO'];
         if (isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING'] != '') {
             $requestUrl .= '?' . $_SERVER['QUERY_STRING'];
         }
     } else {
         $requestUrl = '';
     }
     $requestUrl = Strings::replace($requestUrl, $this->urlFilters['url']);
     $tmp = explode('?', $requestUrl, 2);
     $url->setPath(Strings::replace($tmp[0], $this->urlFilters['path']));
     $url->setQuery(isset($tmp[1]) ? $tmp[1] : '');
     // normalized url
     $url->canonicalize();
     $url->setPath(Strings::fixEncoding($url->getPath()));
     // detect script path
     if (isset($_SERVER['SCRIPT_NAME'])) {
         $script = $_SERVER['SCRIPT_NAME'];
     } elseif (isset($_SERVER['DOCUMENT_ROOT'], $_SERVER['SCRIPT_FILENAME']) && strncmp($_SERVER['DOCUMENT_ROOT'], $_SERVER['SCRIPT_FILENAME'], strlen($_SERVER['DOCUMENT_ROOT'])) === 0) {
         $script = '/' . ltrim(strtr(substr($_SERVER['SCRIPT_FILENAME'], strlen($_SERVER['DOCUMENT_ROOT'])), '\\', '/'), '/');
     } else {
         $script = '/';
     }
     $path = strtolower($url->getPath()) . '/';
     $script = strtolower($script) . '/';
     $max = min(strlen($path), strlen($script));
     for ($i = 0; $i < $max; $i++) {
         if ($path[$i] !== $script[$i]) {
             break;
         } elseif ($path[$i] === '/') {
             $url->setScriptPath(substr($url->getPath(), 0, $i + 1));
         }
     }
     // GET, POST, COOKIE
     $useFilter = !in_array(ini_get('filter.default'), array('', 'unsafe_raw')) || ini_get('filter.default_flags');
     parse_str($url->getQuery(), $query);
     if (!$query) {
         $query = $useFilter ? filter_input_array(INPUT_GET, FILTER_UNSAFE_RAW) : (empty($_GET) ? array() : $_GET);
     }
     $post = $useFilter ? filter_input_array(INPUT_POST, FILTER_UNSAFE_RAW) : (empty($_POST) ? array() : $_POST);
     $cookies = $useFilter ? filter_input_array(INPUT_COOKIE, FILTER_UNSAFE_RAW) : (empty($_COOKIE) ? array() : $_COOKIE);
     $gpc = (bool) get_magic_quotes_gpc();
     // remove f*****g quotes, control characters and check encoding
     if ($gpc || !$this->binary) {
         $list = array(&$query, &$post, &$cookies);
         while (list($key, $val) = each($list)) {
             foreach ($val as $k => $v) {
                 unset($list[$key][$k]);
                 if ($gpc) {
                     $k = stripslashes($k);
                 }
                 if (!$this->binary && is_string($k) && (!preg_match(self::CHARS, $k) || preg_last_error())) {
                     // invalid key -> ignore
                 } elseif (is_array($v)) {
                     $list[$key][$k] = $v;
                     $list[] =& $list[$key][$k];
                 } else {
                     if ($gpc && !$useFilter) {
                         $v = stripSlashes($v);
                     }
                     if (!$this->binary && (!preg_match(self::CHARS, $v) || preg_last_error())) {
                         $v = '';
                     }
                     $list[$key][$k] = $v;
                 }
             }
         }
         unset($list, $key, $val, $k, $v);
     }
     // FILES and create FileUpload objects
     $files = array();
     $list = array();
     if (!empty($_FILES)) {
         foreach ($_FILES as $k => $v) {
             if (!$this->binary && is_string($k) && (!preg_match(self::CHARS, $k) || preg_last_error())) {
                 continue;
             }
             $v['@'] =& $files[$k];
             $list[] = $v;
         }
     }
     while (list(, $v) = each($list)) {
         if (!isset($v['name'])) {
             continue;
         } elseif (!is_array($v['name'])) {
             if ($gpc) {
                 $v['name'] = stripSlashes($v['name']);
             }
             if (!$this->binary && (!preg_match(self::CHARS, $v['name']) || preg_last_error())) {
                 $v['name'] = '';
             }
             if ($v['error'] !== UPLOAD_ERR_NO_FILE) {
                 $v['@'] = new FileUpload($v);
             }
             continue;
         }
         foreach ($v['name'] as $k => $foo) {
             if (!$this->binary && is_string($k) && (!preg_match(self::CHARS, $k) || preg_last_error())) {
                 continue;
             }
             $list[] = array('name' => $v['name'][$k], 'type' => $v['type'][$k], 'size' => $v['size'][$k], 'tmp_name' => $v['tmp_name'][$k], 'error' => $v['error'][$k], '@' => &$v['@'][$k]);
         }
     }
     // HEADERS
     if (function_exists('apache_request_headers')) {
         $headers = apache_request_headers();
     } else {
         $headers = array();
         foreach ($_SERVER as $k => $v) {
             if (strncmp($k, 'HTTP_', 5) == 0) {
                 $k = substr($k, 5);
             } elseif (strncmp($k, 'CONTENT_', 8)) {
                 continue;
             }
             $headers[strtr($k, '_', '-')] = $v;
         }
     }
     $remoteAddr = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : NULL;
     $remoteHost = isset($_SERVER['REMOTE_HOST']) ? $_SERVER['REMOTE_HOST'] : NULL;
     // proxy
     foreach ($this->proxies as $proxy) {
         if (Helpers::ipMatch($remoteAddr, $proxy)) {
             if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
                 $remoteAddr = trim(current(explode(',', $_SERVER['HTTP_X_FORWARDED_FOR'])));
             }
             if (isset($_SERVER['HTTP_X_FORWARDED_HOST'])) {
                 $remoteHost = trim(current(explode(',', $_SERVER['HTTP_X_FORWARDED_HOST'])));
             }
             break;
         }
     }
     $method = isset($_SERVER['REQUEST_METHOD']) ? $_SERVER['REQUEST_METHOD'] : NULL;
     if ($method === 'POST' && isset($_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE']) && preg_match('#^[A-Z]+\\z#', $_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE'])) {
         $method = $_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE'];
     }
     return new Request($url, $query, $post, $files, $cookies, $headers, $method, $remoteAddr, $remoteHost);
 }
Esempio n. 25
0
 /**
  * Creates current HttpRequest object.
  * @return Request
  */
 public function createHttpRequest()
 {
     // DETECTS URI, base path and script path of the request.
     $url = new UrlScript();
     $url->scheme = !empty($_SERVER['HTTPS']) && strcasecmp($_SERVER['HTTPS'], 'off') ? 'https' : 'http';
     $url->user = isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : '';
     $url->password = isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : '';
     // host & port
     if ((isset($_SERVER[$tmp = 'HTTP_HOST']) || isset($_SERVER[$tmp = 'SERVER_NAME'])) && preg_match('#^([a-z0-9_.-]+|\\[[a-fA-F0-9:]+\\])(:\\d+)?\\z#', $_SERVER[$tmp], $pair)) {
         $url->host = strtolower($pair[1]);
         if (isset($pair[2])) {
             $url->port = (int) substr($pair[2], 1);
         } elseif (isset($_SERVER['SERVER_PORT'])) {
             $url->port = (int) $_SERVER['SERVER_PORT'];
         }
     }
     // path & query
     if (isset($_SERVER['REQUEST_URI'])) {
         // Apache, IIS 6.0
         $requestUrl = $_SERVER['REQUEST_URI'];
     } elseif (isset($_SERVER['ORIG_PATH_INFO'])) {
         // IIS 5.0 (PHP as CGI ?)
         $requestUrl = $_SERVER['ORIG_PATH_INFO'];
         if (isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING'] != '') {
             $requestUrl .= '?' . $_SERVER['QUERY_STRING'];
         }
     } else {
         $requestUrl = '';
     }
     $requestUrl = Strings::replace($requestUrl, $this->urlFilters['url']);
     $tmp = explode('?', $requestUrl, 2);
     $url->path = Strings::replace($tmp[0], $this->urlFilters['path']);
     $url->query = isset($tmp[1]) ? $tmp[1] : '';
     // normalized url
     $url->canonicalize();
     $url->path = Strings::fixEncoding($url->path);
     // detect script path
     if (isset($_SERVER['SCRIPT_NAME'])) {
         $script = $_SERVER['SCRIPT_NAME'];
     } elseif (isset($_SERVER['DOCUMENT_ROOT'], $_SERVER['SCRIPT_FILENAME']) && strncmp($_SERVER['DOCUMENT_ROOT'], $_SERVER['SCRIPT_FILENAME'], strlen($_SERVER['DOCUMENT_ROOT'])) === 0) {
         $script = '/' . ltrim(strtr(substr($_SERVER['SCRIPT_FILENAME'], strlen($_SERVER['DOCUMENT_ROOT'])), '\\', '/'), '/');
     } else {
         $script = '/';
     }
     $path = strtolower($url->path) . '/';
     $script = strtolower($script) . '/';
     $max = min(strlen($path), strlen($script));
     for ($i = 0; $i < $max; $i++) {
         if ($path[$i] !== $script[$i]) {
             break;
         } elseif ($path[$i] === '/') {
             $url->scriptPath = substr($url->path, 0, $i + 1);
         }
     }
     // GET, POST, COOKIE
     $useFilter = !in_array(ini_get('filter.default'), array('', 'unsafe_raw')) || ini_get('filter.default_flags');
     parse_str($url->query, $query);
     if (!$query) {
         $query = $useFilter ? filter_input_array(INPUT_GET, FILTER_UNSAFE_RAW) : (empty($_GET) ? array() : $_GET);
     }
     $post = $useFilter ? filter_input_array(INPUT_POST, FILTER_UNSAFE_RAW) : (empty($_POST) ? array() : $_POST);
     $cookies = $useFilter ? filter_input_array(INPUT_COOKIE, FILTER_UNSAFE_RAW) : (empty($_COOKIE) ? array() : $_COOKIE);
     $gpc = (bool) get_magic_quotes_gpc();
     $old = error_reporting(error_reporting() ^ E_NOTICE);
     // remove f*****g quotes and check (and optionally convert) encoding
     if ($gpc || $this->encoding) {
         $utf = strcasecmp($this->encoding, 'UTF-8') === 0;
         $list = array(&$query, &$post, &$cookies);
         while (list($key, $val) = each($list)) {
             foreach ($val as $k => $v) {
                 unset($list[$key][$k]);
                 if ($gpc) {
                     $k = stripslashes($k);
                 }
                 if ($this->encoding && is_string($k) && (preg_match(self::NONCHARS, $k) || preg_last_error())) {
                     // invalid key -> ignore
                 } elseif (is_array($v)) {
                     $list[$key][$k] = $v;
                     $list[] =& $list[$key][$k];
                 } else {
                     if ($gpc && !$useFilter) {
                         $v = stripSlashes($v);
                     }
                     if ($this->encoding) {
                         if ($utf) {
                             $v = Strings::fixEncoding($v);
                         } else {
                             if (!Strings::checkEncoding($v)) {
                                 $v = iconv($this->encoding, 'UTF-8//IGNORE', $v);
                             }
                             $v = html_entity_decode($v, ENT_QUOTES, 'UTF-8');
                         }
                         $v = preg_replace(self::NONCHARS, '', $v);
                     }
                     $list[$key][$k] = $v;
                 }
             }
         }
         unset($list, $key, $val, $k, $v);
     }
     // FILES and create FileUpload objects
     $files = array();
     $list = array();
     if (!empty($_FILES)) {
         foreach ($_FILES as $k => $v) {
             if ($this->encoding && is_string($k) && (preg_match(self::NONCHARS, $k) || preg_last_error())) {
                 continue;
             }
             $v['@'] =& $files[$k];
             $list[] = $v;
         }
     }
     while (list(, $v) = each($list)) {
         if (!isset($v['name'])) {
             continue;
         } elseif (!is_array($v['name'])) {
             if ($gpc) {
                 $v['name'] = stripSlashes($v['name']);
             }
             if ($this->encoding) {
                 $v['name'] = preg_replace(self::NONCHARS, '', Strings::fixEncoding($v['name']));
             }
             $v['@'] = new FileUpload($v);
             continue;
         }
         foreach ($v['name'] as $k => $foo) {
             if ($this->encoding && is_string($k) && (preg_match(self::NONCHARS, $k) || preg_last_error())) {
                 continue;
             }
             $list[] = array('name' => $v['name'][$k], 'type' => $v['type'][$k], 'size' => $v['size'][$k], 'tmp_name' => $v['tmp_name'][$k], 'error' => $v['error'][$k], '@' => &$v['@'][$k]);
         }
     }
     error_reporting($old);
     // HEADERS
     if (function_exists('apache_request_headers')) {
         $headers = array_change_key_case(apache_request_headers(), CASE_LOWER);
     } else {
         $headers = array();
         foreach ($_SERVER as $k => $v) {
             if (strncmp($k, 'HTTP_', 5) == 0) {
                 $k = substr($k, 5);
             } elseif (strncmp($k, 'CONTENT_', 8)) {
                 continue;
             }
             $headers[strtr(strtolower($k), '_', '-')] = $v;
         }
     }
     return new Request($url, $query, $post, $files, $cookies, $headers, isset($_SERVER['REQUEST_METHOD']) ? $_SERVER['REQUEST_METHOD'] : NULL, isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : NULL, isset($_SERVER['REMOTE_HOST']) ? $_SERVER['REMOTE_HOST'] : NULL);
 }
Esempio n. 26
0
 public function _save($properties = "", $vtype = "")
 {
     if (isset($properties) && is_array($properties)) {
         // isn't this double work, the save function doesn this again
         foreach ($properties as $prop_name => $prop) {
             foreach ($prop as $prop_index => $prop_record) {
                 $record = array();
                 foreach ($prop_record as $prop_field => $prop_value) {
                     switch (gettype($prop_value)) {
                         case "integer":
                         case "boolean":
                         case "double":
                             $value = $prop_value;
                             break;
                         default:
                             $value = $prop_value;
                             if (substr($prop_value, 0, 1) === "'" && substr($prop_value, -1) === "'" && "'" . AddSlashes(StripSlashes(substr($prop_value, 1, -1))) . "'" == $prop_value) {
                                 $value = stripSlashes(substr($prop_value, 1, -1));
                                 // todo add deprecated warning
                             }
                     }
                     $record[$prop_field] = $value;
                 }
                 $properties[$prop_name][$prop_index] = $record;
             }
         }
     }
     if ($this->arIsNewObject && $this->CheckSilent('add', $this->type)) {
         unset($this->data->config);
         $result = $this->save($properties, $vtype);
     } else {
         if (!$this->arIsNewObject && $this->CheckSilent('edit', $this->type)) {
             $this->data->config = current($this->get('.', 'system.get.data.config.phtml'));
             $result = $this->save($properties, $vtype);
         }
     }
     return $result;
 }
Esempio n. 27
0
/**
 * Creates an array out of the given settings file.
 *
 * @author Ben Dodson
 * @since 2/2/05
 * @version 2/2/05
 *
 **/
function settingsToArray($filename)
{
    $lines = file($filename);
    // each new line is an entry in the array.
    $arr = array();
    foreach ($lines as $line) {
        if (stristr($line, "=") === false) {
            continue;
        }
        $line = stripSlashes($line);
        $key = "";
        $val = "";
        $i = 0;
        while ($line[$i] != "=" && $i < strlen($line)) {
            if (!isBlankChar($line[$i]) && $line[$i] != "\$") {
                $key .= $line[$i];
            }
            $i++;
        }
        if ($line[$i] == "=") {
            $i++;
            while (isBlankChar($line[$i])) {
                $i++;
            }
            if ($line[$i] == "\"") {
                $i++;
            }
            while ($i < strlen($line) && $line[$i] != ";") {
                $val .= $line[$i];
                $i++;
            }
            if ($val[strlen($val) - 1] == "\"") {
                $val = substr($val, 0, -1);
            }
            $arr[$key] = $val;
        }
    }
    return $arr;
}
Esempio n. 28
0
 /**
  * Returns value of user variable. Returns null if variable does not exist.
  *
  * @access public
  * @param string $ps_key Name of user variable
  * @return mixed Value of variable (string, number or array); null is variable is not defined.
  */
 public function getVar($ps_key)
 {
     $this->clearErrors();
     if (isset($this->opa_user_vars[$ps_key])) {
         return is_array($this->opa_user_vars[$ps_key]) ? $this->opa_user_vars[$ps_key] : stripSlashes($this->opa_user_vars[$ps_key]);
     } else {
         if (isset($this->opa_volatile_user_vars[$ps_key])) {
             return is_array($this->opa_volatile_user_vars[$ps_key]) ? $this->opa_volatile_user_vars[$ps_key] : stripSlashes($this->opa_volatile_user_vars[$ps_key]);
         }
     }
     return null;
 }
 /**
  * Initializes $this->query, $this->files, $this->cookies and $this->files arrays
  * @return void
  */
 public function initialize()
 {
     $filter = !in_array(ini_get("filter.default"), array("", "unsafe_raw")) || ini_get("filter.default_flags");
     parse_str($this->getUri()->query, $this->query);
     if (!$this->query) {
         $this->query = $filter ? filter_input_array(INPUT_GET, FILTER_UNSAFE_RAW) : (empty($_GET) ? array() : $_GET);
     }
     $this->post = $filter ? filter_input_array(INPUT_POST, FILTER_UNSAFE_RAW) : (empty($_POST) ? array() : $_POST);
     $this->cookies = $filter ? filter_input_array(INPUT_COOKIE, FILTER_UNSAFE_RAW) : (empty($_COOKIE) ? array() : $_COOKIE);
     $gpc = (bool) get_magic_quotes_gpc();
     $enc = (bool) $this->encoding;
     $old = error_reporting(error_reporting() ^ E_NOTICE);
     $nonChars = '#[^\\x09\\x0A\\x0D\\x20-\\x7E\\xA0-\\x{10FFFF}]#u';
     // remove f*****g quotes and check (and optionally convert) encoding
     if ($gpc || $enc) {
         $utf = strcasecmp($this->encoding, 'UTF-8') === 0;
         $list = array(&$this->query, &$this->post, &$this->cookies);
         while (list($key, $val) = each($list)) {
             foreach ($val as $k => $v) {
                 unset($list[$key][$k]);
                 if ($gpc) {
                     $k = stripslashes($k);
                 }
                 if ($enc && is_string($k) && (preg_match($nonChars, $k) || preg_last_error())) {
                     // invalid key -> ignore
                 } elseif (is_array($v)) {
                     $list[$key][$k] = $v;
                     $list[] =& $list[$key][$k];
                 } else {
                     if ($gpc && !$filter) {
                         $v = stripSlashes($v);
                     }
                     if ($enc) {
                         if ($utf) {
                             $v = String::fixEncoding($v);
                         } else {
                             if (!String::checkEncoding($v)) {
                                 $v = iconv($this->encoding, 'UTF-8//IGNORE', $v);
                             }
                             $v = html_entity_decode($v, ENT_QUOTES, 'UTF-8');
                         }
                         $v = preg_replace($nonChars, '', $v);
                     }
                     $list[$key][$k] = $v;
                 }
             }
         }
         unset($list, $key, $val, $k, $v);
     }
     // structure $files and create HttpUploadedFile objects
     $this->files = array();
     $list = array();
     if (!empty($_FILES)) {
         foreach ($_FILES as $k => $v) {
             if ($enc && is_string($k) && (preg_match($nonChars, $k) || preg_last_error())) {
                 continue;
             }
             $v['@'] =& $this->files[$k];
             $list[] = $v;
         }
     }
     while (list(, $v) = each($list)) {
         if (!isset($v['name'])) {
             continue;
         } elseif (!is_array($v['name'])) {
             if ($gpc) {
                 $v['name'] = stripSlashes($v['name']);
             }
             if ($enc) {
                 $v['name'] = preg_replace($nonChars, '', String::fixEncoding($v['name']));
             }
             $v['@'] = new HttpUploadedFile($v);
             continue;
         }
         foreach ($v['name'] as $k => $foo) {
             if ($enc && is_string($k) && (preg_match($nonChars, $k) || preg_last_error())) {
                 continue;
             }
             $list[] = array('name' => $v['name'][$k], 'type' => $v['type'][$k], 'size' => $v['size'][$k], 'tmp_name' => $v['tmp_name'][$k], 'error' => $v['error'][$k], '@' => &$v['@'][$k]);
         }
     }
     error_reporting($old);
 }
Esempio n. 30
0
<select name="select2" onchange="document.add.filetype.value=this.value">
        <option value="">类型</option>
        <option value=".zip">.zip</option>
        <option value=".rar">.rar</option>
        <option value=".exe">.exe</option>
      </select>,文件大小:<input name="filesize" type="text" size=10 id="filesize" value="<?php 
echo $ecmsfirstpost == 1 ? "" : DoReqValue($mid, 'filesize', stripSlashes($r[filesize]));
?>
">
<select name="select" onchange="document.add.filesize.value+=this.value">
        <option value="">单位</option>
        <option value=" MB">MB</option>
        <option value=" KB">KB</option>
        <option value=" GB">GB</option>
        <option value=" BYTES">BYTES</option>
      </select></td>
  </tr>
  <tr> 
    <td width=16% height=25 bgcolor=ffffff>上传软件(*)</td>
    <td bgcolor=ffffff><input type="file" name="downpathfile" size="45">
</td>
  </tr>
  <tr> 
    <td width=16% height=25 bgcolor=ffffff>软件简介(*)</td>
    <td bgcolor=ffffff><textarea name="softsay" cols="60" rows="10" id="softsay"><?php 
echo $ecmsfirstpost == 1 ? "" : DoReqValue($mid, 'softsay', stripSlashes($r[softsay]));
?>
</textarea>
</td>
  </tr>
</table>