function createQuery() { // initializes an array with the empty String and false $conditions = array('SELECT * FROM wp_meetings WHERE ', false); // checks url query string and updates conditions array with helper functions $conditions = checkName($conditions); $conditions = checkCity($conditions); $conditions = checkZipcode($conditions); $conditions = checkBooleans($conditions); // if any of the conditions were met, adds AND to String so that in cmafunction the day can be added if ($conditions[1]) { $conditions[0] = $conditions[0] . " AND "; } // uncomment next line see String that's being returned at top of page //echo "<p>$conditions[0]</p>"; return $conditions[0]; }
function _moduleContent(&$smarty, $module_name) { global $arrConf; //folder path for custom templates $local_templates_dir = getWebDirModule($module_name); //conexion resource $pDB = new paloDB($arrConf['elastix_dsn']["elastix"]); //user credentials global $arrCredentials; $action = getAction(); $content = ""; switch ($action) { case "new_outbound": $content = viewFormOutbound($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $arrCredentials); break; case "view": $content = viewFormOutbound($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $arrCredentials); break; case "view_edit": $content = viewFormOutbound($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $arrCredentials); break; case "save_new": $content = saveNewOutbound($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $arrCredentials); break; case "save_edit": $content = saveEditOutbound($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $arrCredentials); break; case "delete": $content = deleteOutbound($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $arrCredentials); break; case "checkName": $content = checkName($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $arrCredentials); break; case "reloadAasterisk": $content = reloadAasterisk($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $arrCredentials); break; case "ordenRoute": $content = ordenRoute($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $arrCredentials); break; default: // report $content = reportOutbound($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $arrCredentials); break; } return $content; }
<?php class MyDB extends SQLite3 { function __construct($stringDB) { //Funktion som öppnar önskad databas. $this->open($stringDB); } } $type = $_REQUEST["type"]; //Läser in variablen type från GET-meddelandet. if ($type == "checkName") { //kylschema.php?type=checkName&name="namnet" checkName(); } else { if ($type == "saveSchedule") { //kylschema.php?type=saveSchedule&name="namnet"&temp="temperaturen" saveSchedule(); } else { if ($type == "getSchedule") { //kylschema.php?type=getSchedule&name="namnet" getSchedule(); } else { if ($type == "getList") { //kylschema.php?type=getList getList(); } else { if ($type == "upLoad") { //kylschema.php?type=upLoad&name="namnet"&temp="temperaturen" upLoad();
$document->loadXML($data); $countries = $document->getElementsByTagName('CcyNtry'); $result = []; foreach ($countries as $country) { /** @var DOMElement $country */ $name = getDomElementString($country, 'CcyNm'); $currencyCode = getDomElementString($country, 'Ccy'); $numericCode = getDomElementString($country, 'CcyNbr'); $minorUnits = getDomElementString($country, 'CcyMnrUnts'); if ($name === null || $currencyCode === null && $numericCode === null && $minorUnits == null) { continue; } if ($minorUnits == 'N.A.') { continue; } $name = checkName($name); $currencyCode = checkCurrencyCode($currencyCode); $numericCode = checkNumericCode($numericCode); $minorUnits = checkMinorUnits($minorUnits); $value = [$currencyCode, $numericCode, $name, $minorUnits]; if (isset($result[$currencyCode])) { if ($result[$currencyCode] !== $value) { throw new \RuntimeException('Inconsistent values found for currency code ' . $currencyCode); } } else { $result[$currencyCode] = $value; } } exportToFile('data/iso-currencies.php', $result); printf('Exported %d currencies.' . PHP_EOL, count($result)); /**
function uploadFile() { global $MY_ALLOW_UPLOAD, $MY_MESSAGES, $MY_DOCUMENT_ROOT, $MY_PATH, $clear_upload; global $MY_ALLOW_EXTENSIONS, $MY_DENY_EXTENSIONS, $MY_MAX_FILE_SIZE; if (!$MY_ALLOW_UPLOAD) { return _filemanager_nopermtoupload; } if (!is_dir($MY_DOCUMENT_ROOT . $MY_PATH)) { return _filemanager_pathnotfound; } $filename = checkName($_FILES['uploadFile']['name']); $newFile = $MY_DOCUMENT_ROOT . $MY_PATH . $filename; $parts = explode('.', $filename); $ext = strtolower($parts[count($parts) - 1]); if (is_file($newFile)) { return _filemanager_uploadfilealreadyexists; } if (is_array($MY_DENY_EXTENSIONS)) { if (in_array($ext, $MY_DENY_EXTENSIONS)) { return _filemanager_extnotallowed; } } if (is_array($MY_ALLOW_EXTENSIONS)) { if (!in_array($ext, $MY_ALLOW_EXTENSIONS)) { return _filemanager_extnotallowed; } } if ($MY_MAX_FILE_SIZE) { if ($_FILES['uploadFile']['size'] > $MY_MAX_FILE_SIZE) { return _filemanager_filesizeexceedlimit . ' of ' . $MY_MAX_FILE_SIZE / 1024 . 'kB.'; } } if (!is_file($_FILES['uploadFile']['tmp_name'])) { return _filemanager_filenotuploaded; } move_uploaded_file($_FILES['uploadFile']['tmp_name'], $newFile); chmod($newFile, 0666); $clear_upload = true; return false; }
} $content .= '</select></td></tr> <tr><td colspan="2" align="center"> <input type="submit" class="submit" value="' . $l['str_modify_button'] . '"></td></tr> </table> </form>'; } else { $content = ""; // check if newlogin already exists or not if (isset($_REQUEST) && !empty($_REQUEST['newlogin']) || !isset($_REQUEST) && !empty($newlogin)) { if (isset($_REQUEST)) { $newlogin = $_REQUEST['newlogin']; } $newlogin = addslashes($newlogin); $content .= $l['str_changing_login_name'] . '... '; if (!checkName($newlogin)) { $localerror = 1; $content .= sprintf($html->string_error, $l['str_bad_login_name']) . '<br>'; } else { if ($user->Exists($newlogin)) { $content .= sprintf($html->string_error, $l['str_login_already_exists']) . '<br>'; $localerror = 1; } else { if ($user->changeLogin($newlogin)) { $content .= $l['str_ok'] . '<br>'; } else { $localerror = 1; $content .= sprintf($html->string_error, $user->error) . '<br>'; } } }
$full_size = $full_size ? $full_size : $_FILES['ax_file_input']['size']; //This checks are just one time if ($currByte == 0) { /* * If files size is greater than allowed then stop upload and return error * $max_file_size format: 12K, 13M, 6G ... */ if (!checkSize($full_size, $max_file_size)) { echo json_encode(array('name' => $file_name, 'size' => $full_size, 'status' => -1, 'info' => 'File size exceeded maximum allowed: ' . $max_file_size)); return false; } /* * Check if the file name has not allowed characters, removes them, and check if it is windows reserved */ $tmp_fn = $file_name; $file_name = checkName($file_name); if (!$file_name) { echo json_encode(array('name' => $tmp_fn, 'size' => $full_size, 'status' => -1, 'info' => 'File name is not allowed. Windows reserved.')); return false; } /* * Check if file extension is in the allowed extensions * By defaul php, exe, html, js... are deny */ if (!checkExt($file_name, $allow_ext)) { echo json_encode(array('name' => $file_name, 'size' => $full_size, 'status' => -1, 'info' => 'File extension is not allowed')); return false; } } /* * Calculate full upload path and check if file already exists.
/** * Iterates the given DOM element * @param DOMNode $domNode */ function iterateDOM(DOMNode $domNode) { global $currentLevel, $js, $parentNames, $doNotWant, $lastNodeName, $toEcho; foreach ($domNode->childNodes as $node) { if ($node->nodeType === XML_ELEMENT_NODE) { if (in_array($node->nodeName, $doNotWant)) { if ($node->hasChildNodes()) { iterateDOM($node); } break; } $toEcho .= COLOR_CYAN . str_repeat(" ", $currentLevel) . $node->nodeName; if ($node->hasAttribute("data-jsid")) { $toEcho .= COLOR_GREEN . " | " . COLOR_PURPLE . "JSID: " . $node->getAttribute("data-jsid"); } if ($node->hasAttribute("style")) { $toEcho .= COLOR_GREEN . " | Style: " . $node->getAttribute("style"); } if ($node->hasAttribute("class")) { $toEcho .= COLOR_GREEN . " | Class: " . $node->getAttribute("class"); } if ($node->hasAttribute("src")) { $toEcho .= COLOR_GREEN . " | Src: " . $node->getAttribute("src"); } $toEcho .= "\n"; if ($node->hasAttribute("data-jsid")) { $name = trim($node->getAttribute("data-jsid")); } else { if ($node->hasAttribute("class")) { $nameArr = explode(" ", $node->getAttribute("class")); $name = trim(array_shift($nameArr)); } else { $name = $node->nodeName; } } $name = checkName($name, 0); $parentNames[$currentLevel] = $name; $lastNodeName = $name; $js .= "var {$name} = document.createElement('{$node->nodeName}');\n"; if ($node->hasAttributes()) { foreach ($node->attributes as $attr) { $attrName = $attr->nodeName; $attrValue = $attr->nodeValue; if ($attrName != "data-jsid") { $js .= "{$name}.setAttribute('{$attrName}','{$attrValue}');\n"; } } } if ($currentLevel > 0) { $pName = $parentNames[$currentLevel - 1]; $js .= "{$pName}.appendChild({$lastNodeName});\n"; } $js .= "\n"; } if ($node->nodeType === XML_TEXT_NODE && $node->textContent && strlen($node->textContent)) { $toEcho = trim($toEcho); $toEcho .= COLOR_YELLOW . " | Content: " . $node->textContent . "\n"; $js = trim($js); $js .= "\n{$lastNodeName}.innerHTML = \"" . $node->textContent . "\";\n"; $js .= "\n"; } $currentLevel++; if ($node->hasChildNodes()) { iterateDOM($node); } $currentLevel--; } }
//echo $rs[0]['uanme']; } else { array_push($suggest, $name1); } $name2 = $day . $name; $rs2 = checkName($name2); if (empty($rs2)) { array_push($suggest, $name2); } $name3 = $name . $mon; $rs3 = checkName($name3); if (empty($rs3)) { array_push($suggest, $name3); } $name4 = $mon . $name; $rs4 = checkName($name4); if (empty($rs4)) { array_push($suggest, $name3); } echo json_encode($suggest); //print_r($suggest); } function checkName($str) { global $db; try { $sql = "select uname from register where uname = :name "; $stmt = $db->prepare($sql); $stmt->bindParam(":name", $str, PDO::PARAM_STR); $stmt->execute(); $result = $stmt->fetchAll();
$error++; //echo 'Incorrect: ' . $input; } } function checkName($value, $input) { global $error; if (!preg_match("/^[a-zA-Z ]*\$/", $value)) { $error++; //echo 'Incorrect: ' . $input; } } emptyCheck($fname, 'first name'); checkName($fname, 'first name'); emptyCheck($sname, 'surname'); checkName($sname, 'surname'); emptyCheck($email, 'email'); checkEmail($email, 'email'); emptyCheck($subject, 'subject'); emptyCheck($message, 'message'); //echo 'Errors: ' . $error . '<br />'; $name = $fname . ' ' . $sname; $numbers = 0; if ($error == 0) { global $numbers; $query = "\n \t\t\t\t\tSELECT COUNT(*)\n\t\t\t\t\t\t\t\tFROM `tbl_queries`\n\t\t\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t\t\temail = '" . $email . "'\n\t\t\t\t\t\t\t\tAND\n\t\t\t\t\t\t\t\t\treplied = 0\n \t\t\t\t\t\t"; try { // Execute the query against the database $stmt = $db->prepare($query); $result = $stmt->execute(); } catch (PDOException $ex) {
if (isset($_POST['ajout_epreuve'])) { // Tableau des variables a verifier $checkList = array($_POST["ville_d"], $_POST["ville_a"], $_POST["distance"], $_POST["code_tdf_d"], $_POST["code_tdf_a"], $_POST["jour"], $_POST["cat_code"]); // Vérification vide if (checkEmpty($checkList)) { $_SESSION['flash'] = 'Tout les champs doivent etre remplis !'; header('location: ajout_epreuve.php'); } $ville_d = $_POST["ville_d"]; $ville_a = $_POST["ville_a"]; // Mise en forme des noms $ville_d = traitement_nom($ville_d); $ville_a = traitement_nom($ville_a); // Tableau verif des noms $checkList = array($ville_d, $ville_a); if (checkName($checkList)) { $_SESSION['flash'] = 'Les villes de départ et d\'arrivée sont mal écrites'; header('location: ajout_epreuve.php'); } $annee = $_POST["annee"]; $n_epreuve = $_POST["n_epreuve"]; $ville_a = $_POST["ville_a"]; $ville_d = $_POST["ville_d"]; $distance = $_POST["distance"]; $code_tdf_a = $_POST["code_tdf_a"]; $code_tdf_d = $_POST["code_tdf_d"]; $jour = $_POST["jour"]; $cat_code = $_POST["cat_code"]; $anneeCheck = date_parse($jour); if ($anneeCheck['year'] != $annee) { $_SESSION['flash'] = 'L\' epreuve doit se dérouler la même année que le tour de france choisi';
function checkName($t, $b, $e, $index) { if (file_exists($t . $b . '_' . $index . '.' . $e)) { $index++; return checkName($t, $b, $e, $index); } else { return $index; } }
function uploadFile() { global $MY_ALLOW_UPLOAD, $MY_MESSAGES, $MY_DOCUMENT_ROOT, $MY_PATH, $clear_upload; global $MY_ALLOW_EXTENSIONS, $MY_DENY_EXTENSIONS, $MY_MAX_FILE_SIZE; global $sess_page_controler_domain_id, $domain_dir_prefix; if (!$MY_ALLOW_UPLOAD) { return $MY_MESSAGES['nopermtoupload']; } if (!is_dir($MY_DOCUMENT_ROOT . $MY_PATH)) { return $MY_MESSAGES['pathnotfound']; } $filename = checkName($_FILES['uploadFile']['name']); $newFile = $MY_DOCUMENT_ROOT . $MY_PATH . $filename; $parts = explode('.', $filename); $ext = strtolower($parts[count($parts) - 1]); if (is_file($newFile)) { return $MY_MESSAGES['uploadfilealreadyexists']; } if (is_array($MY_DENY_EXTENSIONS)) { if (in_array($ext, $MY_DENY_EXTENSIONS)) { return $MY_MESSAGES['extnotallowed']; } } if (is_array($MY_ALLOW_EXTENSIONS)) { if (!in_array($ext, $MY_ALLOW_EXTENSIONS)) { return $MY_MESSAGES['extnotallowed']; } } if ($MY_MAX_FILE_SIZE) { if ($_FILES['uploadFile']['size'] > $MY_MAX_FILE_SIZE) { return $MY_MESSAGES['filesizeexceedlimit'] . ' of ' . $MY_MAX_FILE_SIZE / 1024 . 'kB.'; } } if (!is_file($_FILES['uploadFile']['tmp_name'])) { return $MY_MESSAGES['filenotuploaded']; } /*--- modified in order to store files in DB ---*/ if (!is_uploaded_file($_FILES['uploadFile']['tmp_name'])) { return $MY_MESSAGES['filenotuploaded']; } $my_file = $domain_dir_prefix . $MY_PATH . $filename; if ($my_file[0] == '/') { $my_file = substr($my_file, 1); } $ds =& Domain_settings::singleton($sess_page_controler_domain_id, $my_file, 1); if (false === $ds->save_file($_FILES['uploadFile']['tmp_name'])) { return "Unknown error"; } // move_uploaded_file($_FILES['uploadFile']['tmp_name'], $newFile); // chmod($newFile, 0666); /*--- end of modified code ---*/ $clear_upload = true; return false; }
$filename = sanitize_file_name($_FILES['Filedata']['name']); $arr = getExtension('.', $filename, -2); $extension = $arr[1]; $base = $arr[0]; move_uploaded_file($_FILES['Filedata']['tmp_name'], $tempDir . $filename); if (file_exists($path . $filename)) { $counter = checkName($path, $base, $extension, 1); $base .= '_' . $counter; } rename($tempDir . $filename, $path . $base . '.' . $extension); $thumbase = $base; $thumbextension = $extension; $thumbCreated = false; $videoProxy = false; if (file_exists($thumbpath . $thumbase . '.' . $thumbextension)) { $counter = checkName($thumbpath, $thumbase, $thumbextension, 1); $thumbase .= '_' . $counter; } $width = 0; $height = 0; if ($fileType == "images") { $thumbCreated = true; //createThumbFromCenter($path.$base.'.'.$extension,$thumbpath,$thumbase,$thumbextension,250,250); //createsquarethumb($path.$base.'.'.$extension,$thumbpath,$thumbase,$thumbextension,300); $temp = getimagesize($path . $base . '.' . $extension); $width = $temp[0]; $height = $temp[1]; } $playtime = 0; //try xmp $tmp = array();
if ($passLen < 3 or $passLen > 16) { echo $lang['reg_err_pass_size']; } else { if (!preg_match("/^\\w*\$/", "{$username}{$password}")) { echo $lang['reg_err_charset']; } else { if (preg_match("/[(а-я)|(А-Я)]/", "{$username}{$password}")) { echo $lang['reg_err_charset']; } else { if ($username == $password) { echo $lang['reg_err_name_is_pass']; } else { if (!eregi("^[a-z0-9\\._-]+@[a-z0-9\\._-]+\\.[a-z]{2,4}\$", $email)) { echo $lang['reg_err_mail']; } else { if (checkName($username)) { echo $lang['reg_err_name_in_use']; } else { $res = $rDB->query("INSERT INTO `account` (`username`, `sha_pass_hash`, `email`, `last_ip`, `expansion`) VALUES (?, SHA1(?), ?, ?, '2')", $username, $username . ":" . $password, $email, $ip); if ($res) { echo $lang['reg_success']; $show = false; } else { echo $lang['reg_err_query']; } } } } } } }
if (empty($loginnew)) { $missing .= ' ' . $l['str_login'] . ','; } if (empty($passwordnew)) { $missing .= ' ' . $l['str_password'] . ','; } if (empty($confirmpasswordnew)) { $missing .= ' ' . $l['str_confirm_password'] . ','; } if (!empty($missing)) { $localerror = 1; $missing = substr($missing, 0, -1); $content .= sprintf($html->fontred, sprintf($l['str_error_missing_fields'], $missing)) . '<br>'; } if (!$localerror) { if (!checkName($loginnew)) { $localerror = 1; $content .= sprintf($html->string_error, $l['str_bad_login_name']) . '<br>'; } if ($passwordnew != $confirmpasswordnew) { $localerror = 1; $content .= sprintf($html->string_error, $l['str_passwords_dont_match']) . '<br>'; } } // end no error after empty checks if (!$localerror) { // **************************************** // * Create new user * // **************************************** $newuser = new User('', '', ''); if ($newuser->Exists($loginnew)) {
goBack('Shipping Address: First Name'); return false; } if (!(isset($_POST['last_name']) && checkName($_POST['last_name'], 20))) { goBack('Shipping Address: Last Name'); return false; } if (!(isset($_POST['address1']) && checkStreetAddress($_POST['address1'], 20))) { goBack('Shipping Address: Address 1'); return false; } if (isset($_POST['address2']) && strlen($_POST['address2']) && !checkStreetAddress($_POST['address2'], 20)) { goBack('Shipping Address: Address 2'); return false; } if (!(isset($_POST['city']) && checkName($_POST['city'], 20))) { goBack('Shipping Address: City'); return false; } if (!(isset($_POST['state']) && checkState($_POST['state']))) { goBack('Shipping Address: State'); return false; } if (!(isset($_POST['zip']) && checkZip($_POST['zip']))) { goBack('Shipping Address: Zip'); return false; } if (isset($_POST['favorite_cheese']) && strlen($_POST['favorite_cheese']) && !checkString($_POST['favorite_cheese'], 20)) { goBack('Favorite Cheese'); return false; }
/** * Add an MX record to the current zone * *@access private *@param string $mx name of MX *@param int $pref preference value for this MX *@param int $ttl ttl value for this record *@return string text of result (Adding MX Record... Ok) */ function addMXRecord($mxsrc, $mx, $pref, $ttl) { global $db, $html, $l; $result = ''; // for each MX, add MX entry $i = 0; while (list($key, $value) = each($mx)) { // value = name if ($value != "") { if (!$this->checkMXName($value) || !$this->checkAName($mxsrc[$i])) { // check if matching A record exists ? NOT OUR JOB $this->error = sprintf($l['str_primary_bad_mx_name_x'], xssafe($value)); } else { // if checkName, add zone. if (checkName($value)) { $value .= "." . $this->zonename; } // if no trailing ".", add one. if (strrpos($value, ".") != strlen($value) - 1) { $value .= "."; } // pref[$i] has to be an integer if (!$this->checkMXPref($pref[$i])) { $this->error = sprintf($l['str_primary_preference_for_mx_x_has_to_be_int'], xssafe($value)); } else { if ($pref[$i] == "") { $pref[$i] = 0; } // Check if record already exists $query = "SELECT count(*) FROM dns_record WHERE\n zoneid='" . $this->zoneid . "' AND type='MX'\n AND val1='" . $mxsrc[$i] . "' AND val3='" . $value . "'"; $res = $db->query($query); $line = $db->fetch_row($res); if ($line[0] == 0) { $result .= sprintf($l['str_primary_adding_mx_x'], xssafe($value)) . "... "; $ttlval = $this->fixDNSTTL($ttl[$i]); $query = "INSERT INTO dns_record (zoneid, type, val1, val2, val3, ttl)\n VALUES ('" . $this->zoneid . "', 'MX', '" . $mxsrc[$i] . "', '" . $pref[$i] . "','" . $value . "','" . $ttlval . "')"; $db->query($query); if ($db->error()) { $this->error = $l['str_trouble_with_db']; } else { $result .= $l['str_primary_ok'] . "<br>\n"; } } else { // record already exists $result .= sprintf($l['str_primary_warning_mx_x_exists_not_overwritten'], xssafe($value)) . "<br>\n"; } } } } $i++; } return $result; }
<?php require_once "query/message.php"; $DOJSS = $_COOKIE['DOJSS']; $name = safe($_POST['name']); $pwd = safe($_POST['password']); $user = checkDOJSS($DOJSS); if (!checkName($name)) { send(1, $err['invalidName']); } if ($user) { if ($user->name == $name) { send(2, $warning['sameMsg']); } if ($u = getUserByName($name)) { if ($u->id != $user->id) { send(1, $err['sameName']); } } if (dc_decrypt($user->password, $key_pwd) != $pwd) { send(1, $err['wrongPwd']); } $uid = $user->id; mysql_query("UPDATE `users` SET \n\t\t\t`name` = '{$name}'\n\t\tWHERE `id` = {$uid} "); if (mysql_affected_rows()) { send(0, $tip['changedName'], "\$('#myName').html('{$name}');"); } else { send(1, $err['notSaved']); } } else { send(1, $err['wrongDOJSS']);
function display() { echo "\n"; $class = captureClass(); echo color("class 命名不规范\n", 'green'); echo color("-----------------------------\n", 'red'); foreach ($class as $k => $v) { if (!checkName($v, 2)) { echo color($v, 'red'); echo "\n"; } } echo "\n"; echo color("function 命名不规范\n", 'green'); echo color("-----------------------------\n", 'red'); $function = captureFunction(); foreach ($function as $k => $v) { if (!checkName($v, 1)) { echo color($v, 'red'); echo "\n"; } } echo "\n"; }