function check_all($mail, $cn, $homephone, $mobile)
{
$error = 0;
if ($cn == '') {
$error = 1;
echo "Debe ingrear nombre y/o apellido como mínimo para el contacto con teléfono (si tiene) {$homephone} o correo (si tiene) {$mail} <br />";
} else {
if ($mail != '' && !check_email_address($mail)) {
$error = 1;
echo "El correo electrónico ({$mail}) no es válido<br />";
} else {
if (!check_name($cn)) {
$error = 1;
echo "El nombre ({$cn}) no es válido<br />";
} else {
if ($homephone != '' && !check_phone($homephone)) {
$error = 1;
echo "El primer teléfono ({$homephone}) no es válido<br />";
} else {
if ($mobile != '' && !check_phone($mobile)) {
$error = 1;
echo "El segundo teléfono ({$mobile}) no es válido<br />";
} else {
if ($mail == '' && $homephone == '') {
$error = 1;
echo "El contacto {$cn} debe tener teléfono o correo electrónico<br />";
}
}
}
}
}
}
return $error == 0;
}
public function appoint()
{
if (!($phone = $this->input->post('phone'))) {
exit(json_encode(array('code' => -1, 'msg' => '缺少手机号码')));
}
if (!($name = $this->input->post('name'))) {
exit(json_encode(array('code' => -2, 'msg' => '缺少姓名')));
}
if (!check_phone($phone)) {
exit(json_encode(array('code' => -3, 'msg' => '手机号码不合法')));
}
if (!($user_id = check_login())) {
exit(json_encode(array('code' => -4, 'msg' => '您需要先登录哦')));
}
$this->load->model('user_model', 'user');
$this->load->model('order_model', 'order');
if ($this->order->is_appointed($user_id) == 0) {
exit(json_encode(array('code' => -5, 'msg' => '您已经报过名了哦,我们的学车顾问稍后会与您联系的!')));
}
$order_no = 0;
$ret = $this->order->appoint($user_id, $name, $order_no);
if ($ret > 0) {
exit(json_encode(array('code' => 0, 'msg' => 'succ', 'order_id' => $ret, 'user_id' => $user_id, 'phone' => $phone, 'serial_number' => $order_no)));
} else {
exit(json_encode(array('code' => -10, 'msg' => '系统错误,请您稍后再试')));
}
}
public function bindPhoneCode($param = null)
{
if (isset($param)) {
$post_data = $param;
$exit_type = 'array';
} else {
$post_data = I('post.');
$exit_type = 'json';
}
wlog('/share/weixinLog/artisans/58_phone.log', $post_data['phone']);
$access_token = $post_data['access_token'];
$this->_checkToken($access_token);
if (!$this->_access_token) {
return $this->returnJsonData($exit_type, 10002);
//没有权限
}
$phone = $post_data['phone'];
if (empty($phone)) {
return $this->returnJsonData($exit_type, 300);
}
if (!check_phone($phone)) {
return $this->returnJsonData($exit_type, 10003);
//手机号格式有误
}
$now_time = date('Y-m-d H:i:s');
$rand_code = mt_rand('100000', '999999');
$data['CouponsId'] = 1;
$data['Phone'] = $phone;
$data['CodeNum'] = $rand_code;
$data['Source'] = 1;
$data['IsUse'] = 0;
$data['CreateTime'] = $now_time;
$where = array('Source' => 1, 'Phone' => $phone);
}
function check_forms($data)
{
if (!check_empty($data)) {
return array('passed' => false, "error" => "empty ");
}
if (!check_phone($data["phone_num"])) {
return array('passed' => false, "error" => "phone_num");
}
if (!check_is_num($data["empiid"])) {
return array('passed' => false, "error" => "empiid");
}
if (!check_ferpa($data["ferpa_score"])) {
return array('passed' => false, "error" => "ferpa");
}
return array('passed' => true, "error" => '');
}
public function insert_user($phone)
{
if (!$phone) {
return -1;
}
if (!check_phone($phone)) {
return -2;
}
$user = array();
$user['phone'] = $phone;
if ($this->master_db->insert('user', $user)) {
return $this->master_db->insert_id();
} else {
return 0;
}
}
if (!isNotNull($txtState)) {
$message .= "* State cannot be empty! <br>";
}
if (!isNotNull($txtZIP)) {
$message .= "* Zipcode cannot be empty! <br>";
}
if (isNotNull($txtZIP)) {
if (strlen($txtZIP) != 5 && $ddlCountry == "US") {
$message .= "* Enter a valid Zipcode!<br>";
}
}
if (!isNotNull($txtPhone)) {
$message .= "* Phone number cannot be empty! <br>";
}
if (isNotNull($txtPhone)) {
if (!check_phone($txtPhone, $ddlCountry)) {
$message .= "* Phone number should be valid!";
}
}
if (!isNotNull($txtEmail)) {
$message .= "* Email cannot be empty! <br>";
} else {
if (!isValidEmail($txtEmail)) {
$message .= "* Invalid email! <br>";
}
}
/*-----------Multicart 2.0 Upgradation Starts-------------*/
$sql_check_custom_data = "SELECT cf_value.nvalue_id,cf.vcustom_field_name \n\t\t\t\t\t\t\t FROM " . $tableprefix . "custom_fields_value cf_value," . $tableprefix . "custom_fields cf\n\t\t\t\t\t\t\t WHERE cf_value.ncustom_field_id = cf.ncustom_id \n\t\t\t\t\t\t\t AND cf.vcustom_field_form_id = '1'\n\t\t\t\t\t\t\t AND cf_value.ncustom_table_id = " . GetSQLValueString($userid, "text");
$result_check_custom_data = mysql_query($sql_check_custom_data) or die(mysql_error());
if (mysql_num_rows($result_check_custom_data) > 0) {
while ($check_custom_data_row = mysql_fetch_array($result_check_custom_data)) {
/*Foreach links*/
foreach ($revolico_links as $rlink) {
$html_content = scraperwiki::scrape($rlink);
$html = str_get_html($html_content);
if (is_object($html)) {
//Iterate of links and extract all post links
$a_links = $html->find('div.table_wrapper a');
foreach ($a_links as $a) {
//Load html from a single post & find a mail
$html_content = scraperwiki::scrape('http://lok.myvnc.com' . $a->href);
$html = str_get_html($html_content);
if (is_object($html)) {
$wrap_div = $html->find('div#contact div#lineBlock', -1);
$wrap_phone = $wrap_div->find('span.normalText', 0);
if (is_object($wrap_phone)) {
$phone = check_phone($wrap_phone->plaintext);
if ($phone) {
$record = array('phone' => $phone);
scraperwiki::save(array('phone'), $record);
}
}
//destroy $html
$html->__destruct();
}
}
//destroy $html
$html->__destruct();
}
}
/******************************MISC FUNCTIONS**************************************/
function check_phone($phone)
public function get_coache($phone)
{
if (!$phone) {
return array();
}
if (!check_phone($phone)) {
return array();
}
$this->master_db->select('*');
$this->master_db->from('coach');
$this->master_db->where('phone', $phone);
if ($query = $this->master_db->get()) {
$row = $query->row();
if ($row) {
$row->avatar = empty($row->avatar) ? DEFAULT_AVATAR_URL : $row->avatar;
return $row;
}
}
return array();
}
$error .= 'PHP 5 >= 5.3.28是必须的<br />';
}
//end
if (!isset($_POST['mysql_host']) || trim($_POST['mysql_host']) == '') {
$error .= '请填写MySQL host<br />';
}
if (!isset($_POST['mysql_user']) || trim($_POST['mysql_user']) == '') {
$error .= '请填写MySQL用户名<br />';
}
// if(!isset($_POST['mysql_pass']) || trim($_POST['mysql_pass']) == '') {
// $error .= '请填写MySQL密码<br />';
// }
if (!isset($_POST['mysql_db']) || trim($_POST['mysql_db']) == '') {
$error .= '请填写MySQL数据库<br />';
}
if (!isset($_POST['admin_phone']) || !check_phone($_POST['admin_phone'])) {
$error .= '请填写正确手机号<br />';
}
if (!isset($_POST['admin_mail']) || !check_email($_POST['admin_mail'])) {
$error .= '请填写管理员e-mail<br />';
}
if (!isset($_POST['report_mail']) || !check_email($_POST['report_mail'])) {
$error .= '请填写技术支持e-mail<br />';
}
if (!isset($_POST['meta_title']) || trim($_POST['meta_title']) == '') {
$error .= '请填写meta title<br />';
}
if (!isset($_POST['meta_keywords']) || trim($_POST['meta_keywords']) == '') {
$error .= '请填写meta keywords<br />';
}
if (!isset($_POST['meta_description']) || trim($_POST['meta_description']) == '') {
function edit_tutor()
{
// validate form input
$tutor_id = addslashes($_REQUEST["tutor_id"]);
$name = addslashes($_REQUEST["name"]);
$address = addslashes($_REQUEST["address"]);
$phone = addslashes(check_phone($_REQUEST["phone"]));
$email = addslashes(check_email($_REQUEST["email"]));
$tutor_categories = check_tutor_category($_REQUEST["tutor_category"]);
$tutor_category = $tutor_categories[0];
$subjects = check_subjects($_REQUEST["subjects"]);
$grade = addslashes($_REQUEST["grade"]);
$grade = $grade ? $grade : 0;
$total_hours_desired = addslashes($_REQUEST["total_hours_desired"]);
$avail = get_avail();
$signed_confidentiality = $_REQUEST["signed_confidentiality"] ? 1 : 0;
if (!count_times($avail)) {
show_error("You haven't selected any periods that you are available for tutoring. Please go back and fill in at least one period.");
}
$username = addslashes($_REQUEST["username"]);
if ($_REQUEST["password"]) {
$password = addslashes(md5(check_password($_REQUEST["password"], $_REQUEST["password2"])));
}
$username_id = username_exists($username);
if ($username_id != $tutor_id && $username_id != 0) {
show_error("That username already exists");
}
$DB = new DB();
$query = "UPDATE tutor SET\n";
if ($password) {
$query .= "password='******',";
}
$query .= "name='{$name}',\n address='{$address}',\n phone='{$phone}',\n email='{$email}',\n grade={$grade},\n tutor_category={$tutor_category},\n total_hours_desired={$total_hours_desired},\n username='******',\n signed_confidentiality={$signed_confidentiality}\n WHERE id={$tutor_id}";
$DB->query($query);
update_availability($avail, null, $tutor_id);
update_tutor_subjects($subjects, $tutor_id);
update_answers(null, $tutor_id);
}
<?php
if ($_POST['no']) {
include_once 'function.php';
//初步防注入 : 利用添加反斜杠的形式防止注入
$name = addslashes($_POST['name']);
$phone = addslashes($_POST['phone']);
$no = addslashes($_POST['no']);
$class = addslashes($_POST['class']);
//检查必填项和数据是否正确
if (empty($name)) {
echo_error("请输入姓名!");
}
if (check_phone($phone)) {
echo_error("手机号码错误!");
}
if (check_no($no)) {
echo_error("学号格式错误!");
}
//往数据库添加数据
$time = time();
$sql = "INSERT INTO `student` (`no`, `name`, `phone`, `class`, `add_time`) VALUES ('{$no}', '{$name}', '{$phone}', '{$class}', '{$time}')";
include_once "conn.php";
$arr = mysqli_query($conn, $sql);
//执行SQL语句
if ($arr) {
header("location:index.php");
echo "数据添加成功!";
exit;
} else {
echo $sql;
function sms_send_smpp($smpp_hosts, $smpp_port, $smpp_login, $smpp_password, $smpp_from)
{
// smpp send
global $db;
$select = "select id, phonenumber, msg from sms where direction = 1 and process = 0 and method = 'smpp';";
if ($result = $db->query($select)) {
while ($row = $result->fetch_assoc()) {
$id = $row['id'];
$phonenumber = check_phone($row['phonenumber']);
$msg = $row['msg'];
$result_sms = smpp_send($smpp_hosts, $smpp_port, $smpp_login, $smpp_password, $smpp_from, $phonenumber, $msg);
if (DEBUG == 1) {
log2file("pcntl_send smpp", $result_sms);
}
$update = "update sms set full_msg = '{$result_sms}', dt=now(), process = 1 where id = {$id}";
if (!$db->query($update)) {
log2file("mysql_error", $db->error);
}
}
}
}
public function sign_in_code()
{
if (empty($_POST)) {
exit(json_encode(array('code' => -1, 'msg' => 'post required')));
}
if (!($phone = $this->input->post('phone'))) {
exit(json_encode(array('code' => -2, 'msg' => 'phone required')));
}
if (!($code = $this->input->post('code'))) {
exit(json_encode(array('code' => -3, 'msg' => 'code required')));
}
if (!check_phone($phone)) {
exit(json_encode(array('code' => -4, 'msg' => 'phone invalid')));
}
$this->load->library('session');
/*
if(!isset($_SESSION['phone_verify_number'])){
exit(json_encode(array(
'code' => -5,
'msg' => '验证码已过期',
)
));
}
if($code != $_SESSION['phone_verify_number']){
exit(json_encode(array(
'code' => -6,
'msg' => '验证码不正确',
)
));
}
*/
unset($_SESSION['phone_verify_number']);
if (check_login()) {
exit(json_encode(array('code' => -7, 'msg' => '已登录')));
}
$this->load->model('user_model', 'user');
if ($user = $this->user->get_user($phone)) {
set_login_cookie($user->user_id);
exit(json_encode(array('code' => 0, 'msg' => 'succ', 'ret' => array('user_id' => $user->user_id, 'phone' => $user->phone))));
} else {
if (($user_id = $this->user->insert_user($phone)) > 0) {
set_login_cookie($user_id);
exit(json_encode(array('code' => 0, 'msg' => 'succ', 'ret' => array('user_id' => $user_id, 'phone' => $phone))));
} else {
exit(json_encode(array('code' => -10, 'msg' => 'insert user fail')));
}
}
}
public static function updateShippingInfo($userid, $_REQUEST)
{
global $tableprefix;
$txtUserName = $_REQUEST["txtUserName"];
$txtFirstName = $_REQUEST["txtFirstName"];
$txtLastName = $_REQUEST["txtLastName"];
$txtAddress1 = $_REQUEST["txtAddress1"];
$txtAddress2 = $_REQUEST["txtAddress2"];
$txtCity = $_REQUEST["txtCity"];
$txtState = $_REQUEST["bill_state"];
$ddlCountry = $_REQUEST["bill_country"];
$txtZIP = $_REQUEST["txtZIP"];
$txtEmail = $_REQUEST["txtEmail"];
$txtPhone = $_REQUEST["txtPhone"];
$txtFAX = $_REQUEST["txtFAX"];
//validations
$message = "";
if (!isNotNull($txtFirstName)) {
$message .= "* First name cannot be empty! <br>";
}
if (isNotNull($txtFirstName)) {
if (!preg_match("/^[a-zA-Z ]+\$/", $txtFirstName)) {
$message .= "* First name accepts alphabets only !! <br>";
}
}
if (!isNotNull($txtLastName)) {
$message .= "* Last name cannot be empty! <br>";
}
if (isNotNull($txtLastName)) {
if (!preg_match("/^[a-zA-Z ]+\$/", $txtLastName)) {
$message .= "* Last name accepts alphabets only !! <br>";
}
}
if (!isNotNull($txtAddress1)) {
$message .= "* Address cannot be empty! <br>";
}
if (!isNotNull($txtState)) {
$message .= "* State cannot be empty! <br>";
}
if (isNotNull($txtPhone)) {
if (!check_phone($txtPhone, $ddlCountry)) {
$message .= "* Phone number should be valid! <br>";
}
}
if (isNotNull($txtZIP)) {
if (strlen($txtZIP) > 5) {
$message .= "* Zipcode code should be valid! <br>";
}
}
if (!isNotNull($txtEmail)) {
$message .= "* Email cannot be empty! <br>";
} else {
if (!isValidEmail($txtEmail)) {
$message .= "* Invalid email! <br>";
}
}
if ($message != "") {
// error
$message = "<br>Please correct the following errors to continue!<br>" . $message;
} else {
// no error so insert shipping info
$query = "UPDATE " . $tableprefix . "users_shipping_address SET\n\t\t\tshipping_first_name = '" . addslashes($txtFirstName) . "',\n\t\t\tshipping_last_name = '" . addslashes($txtLastName) . "',\n\t\t\tshipping_address1 = '" . addslashes($txtAddress1) . "',\n\t\t\tshipping_address2 = '" . addslashes($txtAddress2) . "',\n\t\t\tshipping_city = '" . addslashes($txtCity) . "',\n\t\t\tshipping_state = '" . addslashes($txtState) . "',\n\t\t\tshipping_country = '" . addslashes($ddlCountry) . "',\n\t\t\tshipping_phone = '" . addslashes($txtPhone) . "',\n\t\t\tshipping_fax = '" . addslashes($txtFAX) . "',\n\t\t\tshipping_zip = '" . addslashes($txtZIP) . "',\n\t\t\tshipping_email = '" . addslashes($txtEmail) . "'\n\t\t\tWHERE user_id = '" . addslashes($userid) . "'\n\t\t\t";
$update_shipping = DbHelper::execute($query);
$message = "Profile updated successfully!";
}
return $message;
}
function add_one_phone()
{
$phone = $this->input->xss_clean($this->input->post('phone'));
if (!empty($phone)) {
$array = array('phone_no' => ico($phone));
$q = $this->db->get_where(PHONE_TABLE, $array, 1, 0);
if ($q->num_rows() > 0) {
die('已经存在!');
}
if (check_phone($phone)) {
$this->db->insert(PHONE_TABLE, $array);
}
}
if ($this->db->insert_id() > 0) {
echo '添加成功!';
} else {
echo '添加失败!';
}
}
