コード例 #1
0
ファイル: browserargs.php プロジェクト: tink3r/tt-pds
function filter_url($url)
{
    if (is_array($url)) {
        foreach ($url as $key => $value) {
            // recursion
            $url[$key] = filter_url($value);
        }
        return $url;
    } else {
        // remove everything except for a-ZA-Z0-9_.-&=
        $url = preg_replace('/[^a-zA-Z0-9_\\.\\-&=]/', '', $url);
        return $url;
    }
}
コード例 #2
0
ファイル: functions.php プロジェクト: moto485/Simple-Stats
function filter_link($_filters, $text)
{
    global $is_archive;
    if (isset($_filters['referrer']) || isset($_filters['resource'])) {
        $text = urldecode($text);
    }
    $text = htmlspecialchars($text);
    // avoid super-long referrer strings
    if (strlen($text) > 100) {
        $text = substr($text, 0, 100) . '…';
    }
    // cannot filter archives
    if ($is_archive) {
        return $text;
    }
    $url = filter_url($_filters);
    return "<a href='./{$url}' class='filter'>{$text}</a>";
}
コード例 #3
0
ファイル: error.php プロジェクト: tink3r/tt-pds
array_pop($parts);
$parentpath = implode('/', $parts);
define('TTPDS_URL', $_SERVER['HTTP_HOST'] . $parentpath);
// script url
define('TTPDS_DIR', $_SERVER['DOCUMENT_ROOT'] . $parentpath);
// script directory
include TTPDS_DIR . '/config.php';
include TTPDS_DIR . '/inc/lang.php';
include TTPDS_DIR . '/inc/files.php';
include TTPDS_DIR . '/inc/browserargs.php';
// Parsing arguments manually as $_GET is not working due to htaccess redirect
$uri_parts = explode('?', $_SERVER['REQUEST_URI'], 2);
$page_redirected_from = 'http://' . TTPDS_URL . substr($uri_parts[0], strlen($parentpath));
parse_str(isset($uri_parts[1]) ? $uri_parts[1] : "", $output_get);
$acc = filter_url(getargfrom('acc', $output_get));
$lang = filter_url(getargfrom('lang', $output_get));
asort($TTPDS_langs);
if ($lang == "" || !in_array($lang, $TTPDS_langs)) {
    $lang = prefered_language($TTPDS_langs);
}
switch ($lang) {
    case 'de':
        include TTPDS_DIR . '/lang/de.php';
        break;
    case 'en':
        include TTPDS_DIR . '/lang/en.php';
        break;
    default:
        // 'en'
        include TTPDS_DIR . '/lang/en.php';
        $lang = 'en';
コード例 #4
0
ファイル: reply.tpl.php プロジェクト: zhang19960118/html11
">所有</a>
							<a href="<?php 
echo filter_url('status:1');
?>
"  class="btn <?php 
if ($_GPC['status'] == '1') {
    ?>
btn-primary<?php 
} else {
    ?>
btn-default<?php 
}
?>
">启用</a>
							<a href="<?php 
echo filter_url('status:0');
?>
"  class="btn <?php 
if ($_GPC['status'] == '0') {
    ?>
btn-primary<?php 
} else {
    ?>
btn-default<?php 
}
?>
">禁用</a>
						</div>
					</div>
				</div>
				<div class="form-group">
コード例 #5
0
ファイル: file.php プロジェクト: pyur/site
$id = 0;
if (count($uri_e) == 2) {
    $act = filter_ln($uri_e[1]);
} elseif (count($uri_e) == 3) {
    $act = filter_ln($uri_e[1]);
    $id = filter_n($uri_e[2]);
}
// ---------------- authorization ---------------- //
//include 'auth.php';
// -------------------------------- file -------------------------------- //
if ($act == 'i' || $act == 'f') {
    //if ($act == 'foto')  $table = 'foto';
    //if ($act == 'catfoto')  $table = 'cat';
    //$id = filter_n($uri_e[2]);
    $qn = filter_n($uri_e[2]);
    $qt = filter_url($uri_e[2]);
    if ($qn != $qt) {
        $id = db_read(array('table' => 'file', 'col' => 'id', 'where' => '`url` = \'' . $qt . '\''));
    } else {
        $id = $qn;
    }
    if ($id) {
        $file = db_read(array('table' => 'file', 'col' => array('name', 'mime'), 'where' => '`id` = ' . $id));
        $mime = db_read(array('table' => 'mime', 'col' => 'mimed', 'where' => '`id` = ' . $file['mime']));
        $data = img_get_fdb('file', $id);
        if (ob_get_level()) {
            ob_end_clean();
        }
        header('Content-Type: ' . $mime);
        header('Content-Length: ' . strlen($data['data']));
        //header('Content-Disposition: '.(($act == 'f')?'attachment; ':'').'filename="'.mb_convert_encoding($fname, 'Windows-1251', 'UTF-8').'"');
コード例 #6
0
ファイル: bolt_map.php プロジェクト: Turante/boincweb
function show_unit_row($unit, $class, $level, $is_answer)
{
    global $breakdown, $breakdown_cat;
    global $rownum, $course_id;
    $a = $is_answer ? " (answer)" : "";
    $j = $rownum++ % 2;
    echo "<tr class=row{$j}>";
    if ($breakdown && $breakdown_cat) {
        echo "\n\t\t\t<td><br></td>\n\t\t\t<td><br></td>\n\t\t";
    } else {
        $c = class_name($class);
        echo "\n\t\t\t<td><b>" . spaces($level) . "{$unit->name}</b></td>\n\t\t\t<td>{$c} {$a}</td>\n\t\t";
    }
    if ($breakdown) {
        if ($breakdown_cat) {
            echo "<td>{$breakdown_cat}</td>\n";
        } else {
            echo "<td>Total</td>\n";
        }
    }
    switch ($class) {
        case "BoltLesson":
            $mode = BOLT_MODE_LESSON;
            $views = get_views($unit, $mode);
            $n = count($views);
            $out = outcomes($views);
            $t = avg_time($views);
            echo "<td>{$n}</td>";
            $n = get_nquestions($unit, $mode);
            if ($n) {
                echo "<td><a href=bolt_map.php?action=questions&course_id={$course_id}&name={$unit->name}&mode={$mode}" . filter_url() . ">{$n}</a></td>\n";
            } else {
                echo "<td>0</td>\n";
            }
            echo outcome_graph($out, 200);
            echo empty_cell();
            echo time_graph($t, 200);
            break;
        case "BoltExercise":
            $mode = $is_answer ? BOLT_MODE_ANSWER : BOLT_MODE_SHOW;
            $views = get_views($unit, $mode);
            $n = count($views);
            $out = outcomes($views);
            $t = avg_time($views);
            echo "<td>{$n}</td>";
            $n = get_nquestions($unit, $mode);
            if ($n) {
                echo "<td><a href=bolt_map.php?action=questions&course_id={$course_id}&name={$unit->name}&mode={$mode}>{$n}</a></td>\n";
            } else {
                echo "<td>0</td>\n";
            }
            echo outcome_graph($out, 200);
            if ($is_answer) {
                echo empty_cell();
            } else {
                $results = get_results($unit);
                $score = avg_score($results);
                echo score_graph($score, 200);
            }
            echo time_graph($t, 200);
            break;
        case "BoltExerciseSet":
            $xr = get_xset_results($unit);
            $n = count($xr);
            echo "<td>{$n}</td>";
            echo empty_cell();
            echo empty_cell();
            $score = avg_score($xr);
            echo score_graph($score, 200);
            echo empty_cell();
            break;
        default:
            echo empty_cell();
            echo empty_cell();
            echo empty_cell();
            echo empty_cell();
            echo empty_cell();
    }
    echo "</tr>\n";
}
コード例 #7
0
ファイル: 2main.php プロジェクト: pyur/site
// -------------------------------- init -------------------------------- //
$title = '';
$body = '';
include 'l/lib.php';
//include 'lib_mini.php';
db_open();
// ---------------- parse request URI ---------------- //
$uri_e = explode('?', $_SERVER['REQUEST_URI']);
//$uri_q = (isset($uri_e[1]) ? $uri_e[1] : '');
$uri_e = explode('/', $uri_e[0]);
$act = '';
$url = '';
$id = 1;
//if (count($uri_e) == 2 && $uri_e[1]) {
if (count($uri_e) == 2) {
    $url = filter_url($uri_e[1]) || 'main';
} elseif (count($uri_e) == 3) {
    $act = filter_ln($uri_e[1]);
    $id = filter_n($uri_e[2]);
}
// ---------------- determine parameters ---------------- //
$language = FALSE;
if (getb('language')) {
    $language = gets('language');
    setcookie('language', $language, 2000000000, '/');
} elseif (isset($_COOKIE['language'])) {
    $language = filter_ln($_COOKIE['language']);
} elseif (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
    $accept_language = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
    $accept_language = explode(';', $accept_language[0]);
    $accept_language = explode('-', $accept_language[0]);
コード例 #8
0
function calendar_widget()
{
    global $filters, $is_archive;
    $start_offset = gmdate('w', gmmktime(12, 0, 0, $filters['mo'], 1, $filters['yr']));
    $days_in_month = days_in_month($filters['mo'], $filters['yr']);
    $table = array();
    for ($d = 1; $d <= $days_in_month; $d++) {
        $this_w = intval(floor(($d + $start_offset - 1) / 7));
        $target_w = $this_w;
        if (!isset($table[$target_w])) {
            $table[$target_w] = array();
            for ($x = 0; $x < 7; $x++) {
                $table[$target_w][$x] = 0;
            }
        }
        $table[$target_w][$d + $start_offset - 1 - $this_w * 7] = $d;
    }
    $prev = prev_period($filters, true);
    $prev_link = '<a href="./' . filter_url($prev) . '" title="' . date_label($prev, false) . '">&larr;</a>';
    if ($filters['yr'] < date('Y') || $filters['mo'] < date('n')) {
        $next = next_period($filters, true);
        $next_link = '<a href="./' . filter_url($next) . '" title="' . date_label($next, false) . '">&rarr;</a>';
    } else {
        $next_link = '';
    }
    echo '<table class="calendar center"><thead>';
    echo '<tr>';
    echo "<th>{$prev_link}";
    echo '<th colspan="5"><a href="./' . filter_url(next_period($prev)) . '" title="' . date_label($filters, false) . '">' . date_label($filters, false) . '</a>';
    echo "<th>{$next_link}";
    if ($is_archive) {
        echo '</table>';
        return;
    }
    echo '<tbody>';
    echo '<tr>';
    foreach (array(__('Sunday'), __('Monday'), __('Tuesday'), __('Wednesday'), __('Thursday'), __('Friday'), __('Saturday')) as $day) {
        $day = htmlspecialchars($day);
        $d = substr($day, 0, 1);
        echo "<th title='{$day}'>{$d}";
    }
    $actual_dy = intval(date('d'));
    $actual_mo = intval(date('m'));
    $actual_yr = intval(date('Y'));
    $dy_filters = $filters;
    for ($w = 0; $w < sizeof($table); $w++) {
        echo '<tr>';
        for ($d = 0; $d < 7; $d++) {
            $class = isset($filters['dy']) && $filters['dy'] == $table[$w][$d] ? ' class="selected"' : '';
            echo "<td{$class}>";
            if ($table[$w][$d] > 0) {
                if ($filters['yr'] == $actual_yr && $filters['mo'] == $actual_mo && $table[$w][$d] > $actual_dy) {
                    echo '<a class="future">' . $table[$w][$d] . '</a>';
                } else {
                    $dy_filters['dy'] = $table[$w][$d];
                    echo '<a href="./' . filter_url($dy_filters) . '" title="';
                    echo date_label($filters, $table[$w][$d]) . '">' . $table[$w][$d] . '</a>';
                }
            }
        }
    }
    echo '</table>';
}
コード例 #9
0
} else {
    if (strlen($excerpt) > 300) {
        $excerpt = subString($excerpt, 0, 300) . " ...";
    }
}
//检查过滤
if (!filter_ip($userdetail['ip'])) {
    tb_xml_error("Your IP address is banned from sending trackbacks.");
}
$weburl = str_replace("http://", "", $url);
$weburl = str_replace("https://", "", $weburl);
$posurl = strpos($weburl, "/");
if ($posurl >= 1) {
    $weburl = substr($weburl, 0, $posurl);
}
if (!filter_url($weburl)) {
    tb_xml_error("Your Web address is banned from sending trackbacks.");
}
if (replace_filter($excerpt) || replace_filter($title) || replace_filter($blog_name)) {
    tb_xml_error("The trackback content contains some words that are not welcomed on our site. You may edit your post and send it again. Sorry for the inconvenience.");
}
//同一个网址,在10分钟这内发送不给通过
$trytb = $DMC->numRows($DMC->query("SELECT * FROM " . $DBPrefix . "trackbacks WHERE blogUrl like '%{$weburl}%' AND postTime+600>='" . time() . "'"));
if ($trytb > 0) {
    tb_xml_error("Same Blog try to send after 10 minutes!");
}
$trytb = $DMC->numRows($DMC->query("SELECT * FROM " . $DBPrefix . "trackbacks WHERE ip='" . getip() . "' AND postTime+30>='" . time() . "'"));
if ($trytb > 0) {
    tb_xml_error("Same IP try to send after 30 seconds !");
}
$spam = $settingInfo['isTbApp'];