PHP funct_ScrubVarsの例

コード例 #1

ファイル: do.php プロジェクト: bitcoinbrisbane/EzBitcoin-Api-Wallet

<?php

error_reporting(E_ERROR | E_PARSE);
//ini_set('display_errors',2);
include $_SERVER['DOCUMENT_ROOT'] . "/inc/session.php";
//Define Page Values
//$strThisPage =        PAGE_SETTINGS;
//check to see if user is logged in and an admin
include __ROOT__ . PATH_ADMIN . "checklogin.php";
//$intUserID =          DETECT_USERID;
//Get QueryString Values
$strDO = trim($_GET["do"]);
//need a do case for authorizing here
if ($strDO == "authorizeque") {
    $intQueID = funct_ScrubVars($_GET['queid']);
    //Get all post values, ckeck & clean them
    //get que info first
    $query = "SELECT * FROM " . TBL_TRANSACTIONS_QUE . " WHERE  id = '" . $intQueID . "' ";
    //echo "SQL STMNT = " . $query .  "<br>";
    $rs = mysqli_query($DB_LINK, $query) or die(mysqli_error());
    if (mysqli_num_rows($rs) > 0) {
        $row = mysqli_fetch_array($rs);
        $intTransactionID = $row["transaction_id"];
    }
    //get transaction info
    $query = "SELECT * FROM " . TBL_TRANSACTIONS . " WHERE  transaction_id = '" . $intTransactionID . "' ";
    //echo "SQL STMNT = " . $query .  "<br>";
    $rs = mysqli_query($DB_LINK, $query) or die(mysqli_error());
    if (mysqli_num_rows($rs) > 0) {
        $row = mysqli_fetch_array($rs);
        //records found so get details so we can recreate the send

コード例 #2

ファイル: hud.php プロジェクト: bitcoinbrisbane/EzBitcoin-Api-Wallet

<?php

$strDo = $_GET['do'];
if ($strDo == "searchhud") {
    include $_SERVER['DOCUMENT_ROOT'] . "/inc/session.php";
    //Get Form Post Data
    $strSearchText = funct_ScrubVars($_GET['searchtxt']);
    $strSearchText = mysqli_real_escape_string($DB_LINK, $strSearchText);
    $strSearchType = funct_ScrubVars($_GET['searchtype']);
    $strSearchType = mysqli_real_escape_string($DB_LINK, $strSearchType);
    if ($strSearchType == "name") {
        header('Location: ' . PATH_ADMIN . 'members.php?searchtype=' . $strSearchType . '&searchtxt=' . $strSearchText);
        die;
    }
    if ($strSearchType == "userid") {
        header('Location: ' . PATH_ADMIN . 'members.php?searchtype=' . $strSearchType . '&searchtxt=' . $strSearchText);
        die;
    }
    if ($strSearchType == "orderid") {
        header('Location: ' . PATH_ADMIN . 'orders.php?searchtype=' . $strSearchType . '&searchtxt=' . $strSearchText);
        die;
    }
    if ($strSearchType == "depositamt") {
        header('Location: ' . PATH_ADMIN . 'orders.php?searchtype=' . $strSearchType . '&searchtxt=' . $strSearchText);
        die;
    }
}
?>

<!--TOP NAVIGATION BAR-->
<nav class="top-bar" data-topbar data-options="is_hover: false" style="background-color:#666666;">

コード例 #3

ファイル: ajax_do.php プロジェクト: bitcoinbrisbane/EzBitcoin-Api-Wallet

         if ($intUserID) {
             $query = "UPDATE " . TBL_USERS . " SET verification_id= verification_id + 1 WHERE id=" . $intUserID;
             //echo "SQL STMNT = " . $query .  "<br>";
             mysqli_query($DB_LINK, $query);
         }
     }
     echo "ok";
     break;
     //!CASE $strDo "setstatus1"
 //!CASE $strDo "setstatus1"
 case "setstatus1":
     //we need user id, filename, file extension, orderid opt, from page
     $intUserID = funct_ScrubVars($_GET["userid"]);
     $intOrderID = funct_ScrubVars($_GET["orderid"]);
     $uploaded_file = __ROOT__ . PATH_UPLOADS . funct_ScrubVars($_GET["filename"]);
     $strFromPage = funct_ScrubVars($_GET["frompage"]);
     $intTime = time();
     if (!$strFromPage) {
         $strFromPage = "receipts";
     }
     if (!$intUserID) {
         $intUserID = DETECT_USERID;
     }
     if ($intUserID) {
         //Get User Data from DataBase
         $query = "SELECT * FROM " . TBL_USERS . " WHERE id = " . $intUserID;
         //echo "SQL STMNT = " . $query .  "<br>";
         $rs = mysqli_query($DB_LINK, $query) or die(mysqli_error());
         $row = mysqli_fetch_array($rs);
         $Email = $row["email"];
         $strFirstName = $row["first_name"];