function outputToScreen($postCount, $postId, $message, $createdTime) { //echo $post_number . '.'; //echo '<br>'; //echo 'ID: ' . $post_id; //echo '<br>'; $message = strip_tags($message); //echo 'Original text: ' . $message; //echo '<br>'; $message = cleanPost($message); //echo 'Cleaned text: ' . $message; echo $message; // echo '<br>'; // echo "Posted at: " . $created_time; // echo '<br>'; echo '<br>'; /*echo '<br>'; echo "Link: ".$link; echo '<br>'; echo "Posted at: " . $created_time; echo '<br>'; echo "Updated at: " . $updated_time; */ /*$hasComments = true; if($dTime != $dTime1) { $hasComments = true; //handleComments($id) } else { $hasComments = false; }*/ echo '<br>'; }
function insertPostIntoCleanTable($mysqli, $debugFlag, $selectTable, $insertTable) { // Get 'dirty' posts $query_string = "SELECT id,message FROM " . $selectTable; $i = 0; // Attempt select query execution if ($result = mysqli_query($mysqli, $query_string)) { if (mysqli_num_rows($result) > 0) { while ($row = mysqli_fetch_array($result)) { if (!helpInsertPostIntoClean($mysqli, $row["id"], cleanPost($row["message"]), $insertTable, $debugFlag)) { echo "<p>Error: with " . $i . " record.</p>"; break; } $i++; } // Close result set mysqli_free_result($result); } else { echo "<p>Error: No records matching your query were found.</p>"; return false; } } else { echo "<p>Error: Not able to execute " . $query_string . mysqli_error($mysqli) . "</p>"; return false; } echo "<p>Successfully inserted " . $i . " posts into " . $insertTable . " </p>"; // Close connection //mysqli_close($mysqli); return true; }
function filter_to_db($s, $iAllowHTML = 0) { if ($iAllowHTML) { cleanPost($s); // if html is allowed than we will not run it through process_db_input // cuz are using PDO bindings and don't want to run escape on it return $s; } else { return process_db_input($s, BX_TAGS_STRIP); } }
} elseif (isset($_GET['down'])) { $mitemid = cleanGet($_GET['down']); editWebsiteMenuOrder($siteid, $mitemid, 'down'); } elseif (isset($_GET['addpage']) && isset($_POST['page_title']) && strlen($_POST['page_title']) > 1) { $page_title = cleanGet($_POST['page_title']); if (isActive($userid)) { if (maxSitePages($siteid) == false) { addPage($siteid, $page_title); } else { sysMsg(MSG00119); } } else { demoMsg(); } } elseif (isset($_GET['changetitle']) && isset($_POST['old_page_id'])) { $pageid = cleanPost($_POST['old_page_id']); $title = cleanPost($_POST['new_page_title']); if (isActive($userid)) { changePageTitle($pageid, $title); } else { demoMsg(); } } if ($siteid != 0 && $showmenu == true) { editWebsiteMenu($siteid); } } else { giveWarning(); } //END MENU include_once 'admin_template/footer.php';
function filter_to_db($s, $iAllowHTML = 0) { if ($iAllowHTML) { cleanPost($s); return process_db_input($s, BX_TAGS_NO_ACTION); } else { return process_db_input($s, BX_TAGS_STRIP); } }
function prepare_to_db(&$s, $iAllowHTML = 1) { if ($iAllowHTML) { cleanPost($s); } }
show_page('terms'); break; case 'user': if ($index_page[1] == 'register') { if (isset($_POST['account_active'])) { if (!$_POST['account_active'] != 0) { //0 = Demo account $newuser = array(); $newuser['id'] = NULL; $newuser['username'] = cleanPost($_POST['username']); $newuser['fullnames'] = cleanPost($_POST['fullnames']); $newuser['group'] = cleanPost($_POST['group']); $newuser['phone'] = cleanPost($_POST['phone']); $newuser['user_website'] = cleanPost($_POST['user_website']); $newuser['email'] = cleanPost($_POST['email']); $newuser['referred_by'] = cleanPost($_POST['referred_by']); $regmsg = ''; if (strlen($_POST['username']) < 3) { $regmsg = translate('The username that you have entered is too short.', sz_config('language')); } elseif (isValidUsername($_POST['username']) == false) { $regmsg = translate('The username that you have entered is invalid or already exists.', sz_config('language')); } elseif (isValid($_POST['fullnames'], 'names') == false) { $regmsg = translate('Your full names should only contain alphabetic characters.', sz_config('language')); } elseif ($_POST['account_active'] != 0) { $regmsg = translate('Hack attempt detected. Data logged and submitted to administrators.', sz_config('language')); } elseif (isValid($_POST['group'], 'number') == false) { $regmsg = translate('Hack attempt detected. Data logged and submitted to administrators.', sz_config('language')); } elseif (isValid($_POST['phone'], 'phone') == false) { $regmsg = translate('The phone number that you\'ve entered is invalid.', sz_config('translate')); } elseif (strlen($_POST['user_website']) > 0 && isValid($_POST['user_website'], 'website') == false) { $regmsg = translate('The website that you\'ve entered is invalid. Please do not add http:// to the address.', sz_config('language'));
$websitedata['error'] = MSG00006; } if (isValid($_POST['website_url'], 'website')) { $websitedata['website_url'] = cleanPost($_POST['website_url']); } else { $websitedata['website_url'] = cleanPost($_POST['website_url']); $haserrors = true; $websitedata['error'] = MSG00005; } $websitedata['website_description'] = cleanPost($_POST['website_description']); $websitedata['website_keywords'] = cleanPost($_POST['website_keywords']); $websitedata['creator_name'] = cleanPost($_POST['creator_name']); if (isValid($_POST['creator_website'], 'website')) { $websitedata['creator_website'] = cleanPost($_POST['creator_website']); } else { $websitedata['creator_website'] = cleanPost($_POST['creator_website']); $haserrors = true; $websitedata['error'] = MSG00004; } if (isActive($userid)) { if ($haserrors == false) { saveWebsiteSettings($websitedata); } } else { demoMsg(); } } if ($haserrors) { editWebsiteSettings($siteid, $websitedata); } else { editWebsiteSettings($siteid);
header("Location: index.php"); } include_once 'functions/functions.php'; include_once 'functions/page_functions.php'; $userid = checkSession(); $siteid = checkSiteId(); include_once 'admin_template/header.php'; //START PAGES if ($siteid != 0) { if (isset($_GET['pages']) && is_numeric($_GET['pages']) && $_GET['pages'] > '0') { $pageid = cleanGet($_GET['pages']); if (pageBelongsTo($pageid, $siteid) == false) { $pageid = NULL; } elseif (isset($_POST['TextAreaData'])) { $page = array(); $page['id'] = cleanPost($_POST['id']); $page['content'] = $_POST['TextAreaData']; if (!isContactPage($page['id'])) { if (isActive($userid)) { savePage($page); // $_POST['TextAreaData'] = NULL; // $page['content'] = NULL; } else { demoMsg(); } } } editWebsitePage($siteid, $pageid); } else { editWebsitePage($siteid, NULL); }
} if (isset($_GET['items_per_page'])) { if (is_numeric($_GET['items_per_page'])) { $_SESSION['items_per_page'] = $_GET['items_per_page']; } } include_once 'functions/functions.php'; include_once 'functions/template_functions.php'; $userid = checkSession(); $siteid = checkSiteId(); include_once 'admin_template/header.php'; if ($siteid != 0) { if (isset($_GET['action'])) { $taction = cleanGet($_GET['action']); if ($taction == 'save' && isset($_POST['website_template'])) { $template = cleanPost($_POST['website_template']); if (isActive($userid)) { saveWebsiteTemplate($siteid, $template); } else { demoMsg(); } } } if (isset($_GET['tview']) && is_numeric($_GET['tview'])) { $view = $_GET['tview']; } else { $view = 0; } $_SESSION['website'] = $siteid; showTemplates($siteid, $view, 0, 'select'); } else {
$userdata['email'] = cleanPost($_POST['email']); $userdata['language'] = cleanPost($_POST['language']); $userdata['password'] = NULL; //check if password was changed and update if ($_POST['passw1'] != "" or $_POST['passw2'] != "") { if (strlen($_POST['passw1']) < 5) { $savedetails = false; $showindex = false; $userdata['password'] = NULL; sysMsg(MSG00182); userForm($userdata); } else { $passw1 = cleanPost($_POST['passw1']); $passw2 = cleanPost($_POST['passw2']); if ($passw1 == $passw2) { $password = cleanPost($_POST['passw1']); $newuserpass = md5($password); $userdata['password'] = $newuserpass; $_SESSION['user'] = md5($newuserpass); $passw_changed = true; } else { $savedetails = false; $showindex = false; $userdata['password'] = NULL; sysMsg(MSG00181); userForm($userdata); } } } if ($savedetails == true) { saveUser($userdata);