function utf8_substr($str, $len, $slh = 0) { $len = $len * 2; $str = html_decode($str); if (strlen($str) <= $len) { return $str; } $n = 0; $tempstr = ''; for ($i = 0; $i < $len; $i++) { if (ord(substr($str, $n, 1)) > 224) { $tempstr .= substr($str, $n, 3); $n += 3; $i++; } elseif (ord(substr($str, $n, 1)) > 192) { $tempstr .= substr($str, $n, 2); $n += 2; $i++; } else { $tempstr .= substr($str, $n, 1); $n++; } } $tempstr = html_encode($tempstr); return $tempstr . ($slh ? '...' : ''); }
function get_raw_title($redirect_data) { $rd_url = $redirect_data["url"]; $rd_cookies = $redirect_data["cookies"]; $rd_extra_headers = $redirect_data["extra_headers"]; $host = ""; $uri = ""; $port = 80; if (get_host_and_uri($rd_url, $host, $uri, $port) == False) { term_echo("get_host_and_uri=false"); return False; } $breakcode = "return ((strpos(strtolower(\$response),\"</title>\")!==False) or (strlen(\$response)>=10000));"; #$breakcode=""; $response = wget($host, $uri, $port, ICEWEASEL_UA, $rd_extra_headers, 20, $breakcode, 256); #var_dump($response); $html = strip_headers($response); $title = extract_raw_tag($html, "title"); $title = html_decode($title); $title = trim(html_decode($title)); if ($title == "") { term_echo(" get_raw_title: title is empty"); return False; } return $title; }
function translate($lang_from, $lang_to, $msg) { $html = wget_ssl("translate.google.com", "/?sl=" . urlencode($lang_from) . "&tl=" . urlencode($lang_to) . "&js=n&ie=UTF-8&text=" . urlencode($msg)); $html = strip_headers($html); if ($html === False) { return ""; } strip_all_tag($html, "head"); strip_all_tag($html, "style"); strip_all_tag($html, "a"); $html = strip_tags($html, "<div>"); $delim1 = "TRANSLATED_TEXT='"; $delim2 = "';"; $i = strpos($html, $delim1) + strlen($delim1); if ($i === False) { return ""; } $html = substr($html, $i); $i = strpos($html, $delim2); if ($i === False) { return ""; } $result = trim(substr($html, 0, $i)); $result = str_replace("\\x26", "&", $result); $result = html_decode($result); $result = html_decode($result); return $result; }
/** * Remove. * @param string|array $input * @param bool $decode * @return string|array */ function html_remove($input = null, bool $decode = false) { if (is_array($input)) { return array_map('html_remove', $input); } if ($decode) { $input = html_decode($input); } return preg_replace('~<([^>]+)>(.*?)</([^>]+)>|<([^>]+)/?>~', '', $input); }
public function faq_detail($id) { // global $db, $config; global $config; $db = new mysql($config["db2"]); $db->connect(); $query = "SELECT f.*, fc.name cname\n\t\tFROM `{$config["db"][0]["dbname"]}`.`{$config['default_prefix']}faq` f \n\t\tLEFT OUTER JOIN `{$config["db"][0]["dbname"]}`.`{$config['default_prefix']}faq_category` fc ON \n\t\t\tf.prefixid = fc.prefixid \n\t\t\tAND f.fcid = fc.fcid \n\t\t\tAND fc.`switch`='Y' \n\t\tWHERE \n\t\t\tf.prefixid = '{$config["default_prefix_id"]}' \n\t\t\tAND f.faqid ='{$id}' \n\t\t\tAND f.switch = 'Y'\n\t\t"; $table = $db->getQueryRecord($query); if (!empty($table['table']['record'][0])) { //简介 $description = !empty($table['table']['record'][0]['description']) ? $table['table']['record'][0]['description'] : '空白'; $table['table']['record'][0]['description'] = html_decode($description); return $table['table']['record'][0]; } return false; }
function youtube_search($query) { $agent = ICEWEASEL_UA; $host = "www.youtube.com"; $uri = "/results"; $port = 443; $params = array(); $params["search_query"] = $query; $response = wpost($host, $uri, $port, $agent, $params); $html = strip_headers($response); strip_all_tag($html, "head"); strip_all_tag($html, "script"); strip_all_tag($html, "style"); $delim1 = "class=\"item-section\">"; $delim2 = "</ol>"; $html = extract_text_nofalse($html, $delim1, $delim2); $results = explode("<li><div class=\"yt-lockup yt-lockup-tile yt-lockup-video vve-check clearfix yt-uix-tile\"", $html); array_shift($results); if (count($results) == 0) { return False; } for ($i = 0; $i < count($results); $i++) { $parts = explode(">", $results[$i]); array_shift($parts); $results[$i] = implode(">", $parts); $delim1 = "<h3 class=\"yt-lockup-title \">"; $delim2 = "</h3>"; $results[$i] = extract_text_nofalse($results[$i], $delim1, $delim2); $delim1 = "<a href=\""; $delim2 = "\" "; $url = "https://www.youtube.com" . extract_text_nofalse($results[$i], $delim1, $delim2); $delim1 = "dir=\"ltr\">"; $delim2 = "</a>"; $title = extract_text_nofalse($results[$i], $delim1, $delim2); $title = html_decode($title); $title = html_decode($title); $delim1 = "> - Duration: "; $delim2 = ".</span>"; $time = extract_text_nofalse($results[$i], $delim1, $delim2); $results[$i] = $url . " - " . $title . " - " . $time; } return $results; }
function quick_wget($trailing) { $parts = explode(" ", $trailing); delete_empty_elements($parts); if (count($parts) < 2) { return False; } $url = $parts[0]; array_shift($parts); $trailing = implode(" ", $parts); $parts = explode("<>", $trailing); delete_empty_elements($parts); if (count($parts) < 2) { return False; } $delim1 = trim($parts[0]); $delim2 = trim($parts[1]); $host = ""; $uri = ""; $port = ""; if (get_host_and_uri($url, $host, $uri, $port) == False) { return False; } $response = wget_ssl($host, $uri, $port); $result = extract_text($response, $delim1, $delim2); if ($result === False) { return False; } $result = strip_tags($result); $result = html_decode($result); $result = html_decode($result); $result = trim($result); if ($result == "") { return False; } return $result; }
function get_text($title, $section, $return = False, $return_lines_array = False) { if ($title == "") { wiki_privmsg($return, "wiki: get_text=invalid title"); return False; } $index = -1; $title = str_replace(" ", "_", $title); if ($section != "") { $uri = "/w/api.php?action=parse&format=php&page=" . urlencode($title) . "&prop=sections"; $response = wget(WIKI_HOST, $uri, 80, WIKI_USER_AGENT); $data = unserialize(strip_headers($response)); if (isset($data["parse"]["sections"]) == False) { wiki_privmsg($return, "wiki: get_text=error getting sections for page \"" . $title . "\""); return False; } $sections = $data["parse"]["sections"]; for ($i = 0; $i < count($sections); $i++) { $line = $sections[$i]["line"]; if (strtolower($section) == strtolower($line)) { $index = $sections[$i]["index"]; break; } } } $uri = "/w/api.php?action=parse&format=php&page=" . urlencode($title) . "&prop=text"; if ($index > 0) { $uri = $uri . "§ion={$index}"; } /*$url="http://".WIKI_HOST.$uri; $url=get_redirected_url($url); if (get_host_and_uri($url,&$host,&$uri,&$port)==False) { wiki_privmsg($return,"wiki: get_text=url parse failed"); return False; }*/ $response = wget(WIKI_HOST, $uri, 80, WIKI_USER_AGENT); $data = unserialize(strip_headers($response)); if (isset($data["parse"]["text"]["*"]) == True) { $text = $data["parse"]["text"]["*"]; if ($section != "") { $id = str_replace(" ", "_", $section); $id = str_replace("~", ".7E", $id); $id = str_replace("(", ".28", $id); $id = str_replace(")", ".29", $id); $head = "<span class=\"mw-headline\" id=\"{$id}\">{$section}</span>"; if (strpos($text, $head) === False) { wiki_privmsg($return, "wiki: get_text=section span not found"); return False; } } } else { wiki_privmsg($return, "wiki: get_text=section not found"); return False; } strip_comments($text); strip_all_tag($text, "h2"); strip_all_tag($text, "h3"); $text = strip_tags($text); $text = trim($text, " \t\n\r\v\""); $br = random_string(30); $text = str_replace("\n", $br, $text); $text = replace_ctrl_chars($text, " "); $text = html_decode($text); $text = clean_text($text); $url = "http://wiki.soylentnews.org/wiki/" . urlencode($title); if ($section != "") { $url = $url . "#{$id}"; } if ($return_lines_array == False) { $text = str_replace($br, " ", $text); $text = clean_text($text); if (strlen($text) > 400) { $text = trim(substr($text, 0, 400)) . "..."; } bot_ignore_next(); wiki_privmsg($return, $text); wiki_privmsg($return, $url); $result = $text; } else { $result = explode($br, $text); for ($i = 0; $i < count($result); $i++) { $result[$i] = trim($result[$i]); if (strlen($result[$i]) > 300) { $result[$i] = trim(substr($result[$i], 0, 300)) . "..."; } } delete_empty_elements($result); $result[] = $url; } return $result; }
/** * This function cleans a string with any valid rules that have been provided in the $rules array. * Note that $rules can also be a string if you only want to apply a single rule. * If no rules are provided, then the string will simply be trimmed using the trim() function. * @param string $string * @param array $rules * @return string * @example $variable = clean_input(" 1235\t\t", array("nows", "int")); // $variable will equal an integer value of 1235. */ function clean_input($string, $rules = array()) { if (is_scalar($rules)) { if (trim($rules) != "") { $rules = array($rules); } else { $rules = array(); } } if (count($rules) > 0) { foreach ($rules as $rule) { switch ($rule) { case "page_url": // Acceptable characters for community page urls. // Acceptable characters for community page urls. case "module": $string = preg_replace("/[^a-z0-9_\\-]/i", "", $string); break; case "url": // Allows only a minimal number of characters $string = preg_replace(array("/[^a-z0-9_\\-\\.\\/\\~\\?\\&\\:\\#\\=\\+]/i", "/(\\.)\\.+/", "/(\\/)\\/+/"), "\$1", $string); break; case "file": case "dir": // Allows only a minimal number of characters $string = preg_replace(array("/[^a-z0-9_\\-\\.\\/]/i", "/(\\.)\\.+/", "/(\\/)\\/+/"), "\$1", $string); break; case "int": // Change string to an integer. $string = (int) $string; break; case "float": // Change string to a float. $string = (double) $string; break; case "bool": // Change string to a boolean. $string = (bool) $string; break; case "nows": // Trim all whitespace anywhere in the string. $string = str_replace(array(" ", "\t", "\n", "\r", "", "\v", " "), "", $string); break; case "trim": // Trim whitespace from ends of string. $string = trim($string); break; case "trimds": // Removes double spaces. $string = str_replace(array(" ", "\t", "\n", "\r", "", "\v", " ", "", "ÿ", "", ""), " ", $string); $string = html_decode(str_replace(" ", "", html_encode($string))); break; case "nl2br": $string = nl2br($string); break; case "underscores": // Trim all whitespace anywhere in the string. $string = str_replace(array(" ", "\t", "\n", "\r", "", "\v", " "), "_", $string); break; case "lower": // Change string to all lower case. // Change string to all lower case. case "lowercase": $string = strtolower($string); break; case "upper": // Change string to all upper case. // Change string to all upper case. case "uppercase": $string = strtoupper($string); break; case "ucwords": // Change string to correct word case. $string = ucwords(strtolower($string)); break; case "boolops": // Removed recognized boolean operators. $string = str_replace(array("\"", "+", "-", "AND", "OR", "NOT", "(", ")", ",", "-"), "", $string); break; case "quotemeta": // Quote's meta characters $string = quotemeta($string); break; case "credentials": // Acceptable characters for login credentials. $string = preg_replace("/[^a-z0-9_\\-\\.]/i", "", $string); break; case "alphanumeric": // Remove anything that is not alphanumeric. $string = preg_replace("/[^a-z0-9]+/i", "", $string); break; case "alpha": // Remove anything that is not an alpha. $string = preg_replace("/[^a-z]+/i", "", $string); break; case "numeric": // Remove everything but numbers 0 - 9 for when int won't do. $string = preg_replace("/[^0-9]+/i", "", $string); break; case "name": // @todo jellis ? $string = preg_replace("/^([a-z]+(\\'|-|\\.\\s|\\s)?[a-z]*){1,2}\$/i", "", $string); break; case "emailcontent": // Check for evil tags that could be used to spam. $string = str_ireplace(array("content-type:", "bcc:", "to:", "cc:"), "", $string); break; case "postclean": // @todo jellis ? $string = preg_replace('/\\<br\\s*\\/?\\>/i', "\n", $string); $string = str_replace(" ", " ", $string); break; case "decode": // Returns the output of the html_decode() function. $string = html_decode($string); break; case "encode": // Returns the output of the html_encode() function. $string = html_encode($string); break; case "htmlspecialchars": // Returns the output of the htmlspecialchars() function. // Returns the output of the htmlspecialchars() function. case "specialchars": $string = htmlspecialchars($string, ENT_QUOTES, DEFAULT_CHARSET); break; case "htmlbrackets": // Converts only brackets into entities. $string = str_replace(array("<", ">"), array("<", ">"), $string); break; case "notags": // Strips tags from the string. // Strips tags from the string. case "nohtml": case "striptags": $string = strip_tags($string); break; default: // Unknown rule, log notice. continue; break; } } return $string; } else { return trim($string); } }
?> " method="post" class="form-horizontal"> <div class="control-group"> <label for="instructional_method" class="control-label form-required">Instructional Method:</label> <div class="controls"> <input type="text" id="instructional_method" name="instructional_method" value="<?php echo isset($medbiq_instructional_method) ? html_decode($medbiq_instructional_method->getInstructionalMethod()) : ""; ?> " /> </div> </div> <div class="control-group"> <label for="instructional_method_description" class="control-label form-nrequired">Description:</label> <div class="controls"> <textarea id="instructional_method_description" name="instructional_method_description" style="width: 98%; height: 200px"><?php echo isset($medbiq_instructional_method) ? html_decode($medbiq_instructional_method->getInstructionalMethodDescription()) : ""; ?> </textarea> </div> </div> <div class="control-group"> <label for="code" class="control-label form-required">Instructional Code:</label> <div class="controls"> <input type="text" class="input-small" id="code" name="code" value="<?php echo isset($medbiq_instructional_method) ? html_encode($medbiq_instructional_method->getCode()) : ""; ?> " /> </div> </div> <div class="control-group"> <label class="control-label form-nrequired">Mapped Event Types:</label>
break; } $elective = true; } else { $elective = false; $skip = false; } if (!$skip) { echo "<tr" . ($is_here && $cssclass != " class=\"in_draft\"" ? " class=\"current\"" : $cssclass) . ">\n"; echo "\t<td class=\"modified\">" . (!empty($click_url) ? "<a href=\"" . $click_url . "\" style=\"font-size: 11px\">" : "") . "<img src=\"" . ENTRADA_URL . "/images/" . ($apartment_available ? "housing-icon-small.gif" : "pixel.gif") . "\" width=\"16\" height=\"16\" alt=\"" . ($apartment_available ? "Detailed apartment information available." : "") . "\" title=\"" . ($apartment_available ? "Detailed apartment information available." : "") . "\" style=\"border: 0px\" />" . (!empty($click_url) ? "</a>" : "") . "</td>\n"; echo "\t<td class=\"type\">" . (!empty($click_url) ? "<a href=\"" . $click_url . "\" style=\"font-size: 11px\">" : "") . "" . ($elective ? "Elective" . ($elective_word != "" ? " (" . $elective_word . ")" : "") : "Core Rotation") . "" . (!empty($click_url) ? "</a>" : "") . "" . "</td>\n"; echo "\t<td class=\"date-smallest\">" . (!empty($click_url) ? "<a href=\"" . $click_url . "\" style=\"font-size: 11px\">" : "") . "" . date("D M d/y", $result["event_start"]) . "" . (!empty($click_url) ? "</a>" : "") . "</td>\n"; echo "\t<td class=\"date-smallest\">" . (!empty($click_url) ? "<a href=\"" . $click_url . "\" style=\"font-size: 11px\">" : "") . "" . date("D M d/y", $result["event_finish"]) . "" . (!empty($click_url) ? "</a>" : "") . "</td>\n"; echo "\t<td class=\"region\">" . (!empty($click_url) ? "<a href=\"" . $click_url . "\" style=\"font-size: 11px\">" : "") . "" . html_encode($result["city"] == "" ? limit_chars($result["region_name"], 30) : $result["city"]) . "" . (!empty($click_url) ? "</a>" : "") . "</td>\n"; echo "\t<td class=\"title\">"; echo "\t\t" . (!empty($click_url) ? "<a href=\"" . $click_url . "\" style=\"font-size: 11px\">" : "") . "<span title=\"" . $event_title . "\">" . limit_chars(html_decode($event_title), 55) . "</span>" . (!empty($click_url) ? "</a>" : ""); echo "\t</td>\n"; echo "</tr>\n"; } } ?> </tbody> </table> </div> <?php $accessible_rotation_ids = clerkship_rotations_access(); if (is_array($accessible_rotation_ids) && count($accessible_rotation_ids)) { $query = "\tSELECT " . $_SESSION[APPLICATION_IDENTIFIER][$MODULE]["sb"] . " AS `sort_by`, a.`lentry_id`, d.`rotation_id`, a.`entry_active`\n FROM `" . CLERKSHIP_DATABASE . "`.`logbook_entries` AS a \n LEFT JOIN `" . CLERKSHIP_DATABASE . "`.`logbook_lu_locations` AS b\n ON a.`llocation_id` = b.`llocation_id`\n LEFT JOIN `" . CLERKSHIP_DATABASE . "`.`logbook_lu_sites` AS c\n ON a.`lsite_id` = c.`lsite_id`\n LEFT JOIN `" . CLERKSHIP_DATABASE . "`.`events` AS d\n ON a.`rotation_id` = d.`event_id`\n LEFT JOIN `" . CLERKSHIP_DATABASE . "`.`global_lu_rotations` AS e\n ON d.`rotation_id` = e.`rotation_id`\n WHERE a.`proxy_id` = " . $db->qstr($PROXY_ID) . "\n ORDER BY " . $_SESSION[APPLICATION_IDENTIFIER][$MODULE]["sb"] . " ASC"; $results = $db->GetAll($query); if ($results) { $rotation_ids = array();
$cssclass = " class=\"rejected\""; break; default: $cssclass = ""; } } $getStudentsQuery = "SELECT `etype_id`\n\t\t\t\tFROM " . CLERKSHIP_DATABASE . ".`event_contacts`\n\t\t\t\tWHERE `event_id` = " . $db->qstr($result["event_id"]); $getStudentsResults = $db->GetAll($getStudentsQuery); foreach ($getStudentsResults as $student) { $name = get_account_data("firstlast", $student["etype_id"]); echo "<tr" . ($is_here ? " class=\"current\"" : $cssclass) . ">\n"; echo "\t<td class=\"modified\"> </td>\n"; echo "\t<td class=\"date\"><a href=\"" . $click_url . "\" style=\"font-size: 11px\">" . $name . "</a></td>\n"; echo "\t<td class=\"date\"><a href=\"" . $click_url . "\" style=\"font-size: 11px\">" . date(DEFAULT_DATE_FORMAT, $result["event_start"]) . "</a></td>\n"; echo "\t<td class=\"region\"><a href=\"" . $click_url . "\" style=\"font-size: 11px\">" . ($result["city"] == "" ? html_encode(limit_chars($result["region_name"], 30)) : $result["city"]) . "</a></td>\n"; echo "\t<td class=\"title\"><a href=\"" . $click_url . "\" style=\"font-size: 11px\">" . limit_chars(html_decode($result["event_title"]), 55, true, false) . "</a></td>\n"; echo "</tr>\n"; } } ?> </tbody> </table> <br /><br /> <?php } // Setup internal variables. $DISPLAY = true; if ($DISPLAY) { if ($_GET["gradyear"] || $_GET["gradyear"] === "0") { $GRADYEAR = trim($_GET["gradyear"]); @app_setcookie("student_search[gradyear]", trim($_GET["gradyear"]));
$host = "www.just-one-liners.com"; $port = 80; if (mt_rand(0, 4) == 0) { $uri = "/"; } else { $uri = "/category/confucius-say-wordplay"; } $response = wget($host, $uri, $port, $agent); $delim1 = "<h2 class=\"title\" id=\"post-"; $delim2 = "</h2>"; $text = extract_text($response, $delim1, $delim2); if ($text === False) { return; } $i = strpos($text, "<"); if ($i === False) { return; } $text = substr($text, $i); $text = replace_ctrl_chars($text, " "); $text = trim(strip_tags($text)); $text = str_replace(" ", " ", $text); $text = html_decode($text); $text = html_decode($text); $text_len = strlen($text); $max_text_length = 300; if (strlen($text) > $max_text_length) { $text = trim(substr($text, 0, $max_text_length)) . "..."; } privmsg($text); #####################################################################################################
function parse_xml($html) { $parts = explode("<story", $html); array_shift($parts); $items = array(); for ($i = 0; $i < count($parts); $i++) { $item = array(); $item["type"] = "xml_story"; $item["title"] = extract_raw_tag($parts[$i], "title"); $item["title"] = html_decode($item["title"]); $item["title"] = html_decode($item["title"]); $item["title"] = replace_ctrl_chars($item["title"], " "); $item["title"] = str_replace(" ", " ", $item["title"]); $url = str_replace("&", "&", strip_ctrl_chars(extract_raw_tag($parts[$i], "url"))); term_echo("*** raw story url: " . $url); $item["url"] = get_redirected_url($url); $item["timestamp"] = time(); if ($item["title"] === False or $item["url"] === False) { continue; } $items[] = $item; } return $items; }
* @author Unit: School of Medicine * @author Developer: Andrew Dos-Santos <*****@*****.**> * @copyright Copyright 2010 Queen's University. All Rights Reserved. * */ /** * Load the grid - used by the annualreport module. */ @set_include_path(implode(PATH_SEPARATOR, array(dirname(__FILE__) . "/../core", dirname(__FILE__) . "/../core/includes", dirname(__FILE__) . "/../core/library", get_include_path()))); /** * Include the Entrada init code. */ require_once "init.inc.php"; if (isset($_SESSION["isAuthorized"]) && (bool) $_SESSION["isAuthorized"]) { $proxy_id = $ENTRADA_USER->getActiveId(); $args = html_decode($_GET["t"]); if (isset($_POST["sortname"]) && $_POST["sortname"] != '') { $sort = $_POST["sortname"]; } else { $sort = 'year_reported'; } if (isset($_POST["sortorder"]) && $_POST["sortorder"] != '') { $dir = $_POST["sortorder"]; } else { $dir = 'DESC'; } if (isset($_POST["rp"]) && $_POST["rp"] != '') { $limit = $_POST["rp"]; } else { $limit = '10'; }
} ?> at this point. <br /><br /> Try changing the group that results are calculated for in the <strong>Result Calculation</strong> menu. </div> <?php } /** * Sidebar item that will provide a method for choosing which results to display. */ $sidebar_html = "Calculate results for:\n"; $sidebar_html .= "<ul class=\"menu\">\n"; if (is_array($calculation_targets)) { foreach ($calculation_targets as $key => $target_name) { $sidebar_html .= "\t<li class=\"" . (strtolower($_SESSION[APPLICATION_IDENTIFIER][$MODULE]["target"]) == $key ? "on" : "off") . "\"><a href=\"" . ENTRADA_URL . "/admin/" . $MODULE . "?" . replace_query(array("target" => $key)) . "\" title=\"" . trim(html_decode($target_name)) . "\">" . $target_name . "</a></li>\n"; } } $sidebar_html .= "</ul>\n"; $sidebar_html .= "Results based on:\n"; $sidebar_html .= "<ul class=\"menu\">\n"; $sidebar_html .= "\t<li class=\"" . (strtolower($_SESSION[APPLICATION_IDENTIFIER][$MODULE]["attempt"]) == "first" ? "on" : "off") . "\"><a href=\"" . ENTRADA_URL . "/admin/" . $MODULE . "?" . replace_query(array("attempt" => "first")) . "\" title=\"The First Attempt\">only the first attempt</a></li>\n"; $sidebar_html .= "\t<li class=\"" . (strtolower($_SESSION[APPLICATION_IDENTIFIER][$MODULE]["attempt"]) == "last" ? "on" : "off") . "\"><a href=\"" . ENTRADA_URL . "/admin/" . $MODULE . "?" . replace_query(array("attempt" => "last")) . "\" title=\"The Last Attempt\">only the last attempt</a></li>\n"; $sidebar_html .= "\t<li class=\"" . (strtolower($_SESSION[APPLICATION_IDENTIFIER][$MODULE]["attempt"]) == "best" ? "on" : "off") . "\"><a href=\"" . ENTRADA_URL . "/admin/" . $MODULE . "?" . replace_query(array("attempt" => "best")) . "\" title=\"The Best Attempt\">only the highest scored attempt</a></li>\n"; $sidebar_html .= "\t<li class=\"" . (strtolower($_SESSION[APPLICATION_IDENTIFIER][$MODULE]["attempt"]) == "all" ? "on" : "off") . "\"><a href=\"" . ENTRADA_URL . "/admin/" . $MODULE . "?" . replace_query(array("attempt" => "all")) . "\" title=\"All Attempts\">all attempts</a></li>\n"; $sidebar_html .= "</ul>\n"; new_sidebar_item("Result Calculation", $sidebar_html, "sort-results", "open"); /** * Sidebar item that will provide the links to the different sections within this page. */ $sidebar_html = "<ul class=\"menu\">\n";
$source_title = trim(substr($source_title, 0, $i)); } $i = strpos($source_title, " — "); if ($i !== False) { $source_title = trim(substr($source_title, 0, $i)); } $i = strpos($source_title, " • "); if ($i !== False) { $source_title = trim(substr($source_title, 0, $i)); } if ($source_title === False or $source_title == "") { privmsg("error: title not found or empty"); return; } $source_title = html_decode($source_title); $source_title = html_decode($source_title); $source_body = extract_meta_content($source_html, "description"); if ($source_body === False or $source_body == "") { $source_body = extract_meta_content($source_html, "og:description", "property"); if ($source_body === False or $source_body == "") { privmsg("error: description meta content not found or empty"); return; } } /*$html=$source_html; $article=extract_raw_tag($html,"article"); if ($article!==False) { $html=$article; }
<form name="size_selections" action="?select" method="post"> <?php $refresh = $imageprocessor = $found = $fixed = $fixedFolder = 0; XSRFToken('cacheDBImages'); $watermarks = getWatermarks(); $missingImages = NULL; foreach ($tables as $table => $fields) { foreach ($fields as $field) { $sql = 'SELECT * FROM ' . prefix($table) . ' WHERE `' . $field . '` REGEXP "<img.*src\\s*=\\s*\\".*i.php((\\.|[^\\"])*)"'; $result = query($sql); if ($result) { while ($row = db_fetch_assoc($result)) { $imageprocessor++; preg_match_all('|\\<\\s*img.*?\\ssrc\\s*=\\s*"(.*i\\.php\\?([^"]*)).*/\\>|', $row[$field], $matches); foreach ($matches[1] as $uri) { $params = parse_url(html_decode($uri)); if (array_key_exists('query', $params)) { parse_str($params['query'], $query); if (!file_exists(getAlbumFolder() . $query['a'] . '/' . $query['i'])) { recordMissing($table, $row, $query['a'] . '/' . $query['i']); } else { $text = zpFunctions::updateImageProcessorLink($uri); if (strpos($text, 'i.php') !== false) { $url = '<img src="' . $uri . '" height="20" width="20" alt="X" />'; $title = getTitle($table, $row) . ' ' . gettext('image processor reference'); ?> <a href="<?php echo $uri; ?> &debug" title="<?php echo $title;
$lastdate = strftime($format, $temp['date_post']); $description = truncate(html_decode(strip_tags($temp['summary'])), 100); $guid = "article." . $temp['ID']; if ($temp['patrol'] != 0) { echo "\n\t\t\t\t<item>\n\t\t\t\t<title>{$temp['title']} [Article]</title>\n\t\t\t\t<link>{$config['siteaddress']}index.php?page=patrolpages&patrol={$temp['patrol']}&content=patrolarticle&id={$temp['ID']}&action=view</link>"; } else { echo "\n\t\t\t\t<item>\n\t\t\t\t<title>{$temp['title']} [Article]</title>\n\t\t\t\t<link>{$config['siteaddress']}index.php?page=patrolarticle&id={$temp['ID']}&action=view</link>"; } echo "\n\t\t\t\t<guid isPermaLink=\"false\">{$guid}</guid>\n\t\t\t <description>{$description}</description> \n\t\t\t <pubDate>{$lastdate}</pubDate> \n\t\t\t </item>"; } break; default: $sql = $data->select_query("newscontent", "WHERE allowed = 1 ORDER BY `event` DESC LIMIT {$config['numlatest']}"); while ($temp = $data->fetch_array($sql)) { $lastdate = strftime($format, $temp['event']); $description = truncate(html_decode(strip_tags($temp['news'])), 100); $guid = "news." . $temp['id']; echo "\n\t\t\t <item>\n\t\t\t <title>{$temp['title']} [News]</title> \n\t\t\t <guid isPermaLink=\"false\">{$guid}</guid>\n\t\t\t <link>{$config['siteaddress']}index.php?page=news&id={$temp['id']}</link> \n\t\t\t <description>{$description}</description> \n\t\t\t <pubDate>{$lastdate}</pubDate> \n\t\t\t </item>"; } break; } } echo "\n </channel>\n </rss>"; exit; } elseif ($action == "add") { $type = safesql($_GET['type'], "int"); $id = safesql($_GET['id'], "text"); $uname = safesql(md5($check['uname']), "text"); $data->insert_query("rssfeeds", "NULL, {$id}, {$type}, {$uname}, {$check['id']}"); switch ($_GET['type']) { case 1:
public function player($id) { $this->load_model('Player'); $this->load_model('Award'); $this->load_model('Unit'); $params = explode('/', $id); $id = $params[0]; if (count($params) > 1) { $action = $params[1]; } if (count($params) > 2) { $roastbeef = $params[2]; } $thePlayerDetails = $this->Player->fetch_player_details($id); if (strlen($action) > 0) { $this->request->save('Admin_player', true); $r = ['Status' => 0]; if (!isset($this->session->user_id)) { header('Location: ' . UIR . "Login/login/Admin/player/{$id}"); } else { switch ($action) { case 'updateclasses': $class_update = []; if (is_array($this->request->Reconciled)) { foreach ($this->request->Reconciled as $class_id => $qty) { if ($thePlayerDetails['Classes'][$class_id]['Reconciled'] != $qty) { $class_update[] = ['ClassId' => $class_id, 'Quantity' => $qty]; } } $this->Player->update_class_reconciliation(['Token' => $this->session->token, 'MundaneId' => $id, 'Reconcile' => $class_update]); } break; case 'update': if ($this->request->RemoveDues == 'Revoke Dues') { $this->load_model('Treasury'); $this->Treasury->RemoveLastDuesPaid(['MundaneId' => $id, 'Token' => $this->session->token]); } if ($this->request->Update == 'Update Media') { if ($_FILES['Heraldry']['size'] > 0 && Common::supported_mime_types($_FILES['Heraldry']['type'])) { if (move_uploaded_file($_FILES['Heraldry']['tmp_name'], DIR_TMP . sprintf("h_%06d", $id))) { $h_im = file_get_contents(DIR_TMP . sprintf("h_%06d", $id)); $h_imdata = base64_encode($h_im); $this->Player->SetHeraldry(['MundaneId' => $id, 'Heraldry' => strlen($h_imdata) > 0 ? $h_imdata : null, 'HeraldryMimeType' => strlen($h_imdata) > 0 ? $_FILES['Heraldry']['type'] : '', 'Token' => $this->session->token]); } } if ($_FILES['Waiver']['size'] > 0 && Common::supported_mime_types($_FILES['Waiver']['type'])) { if (move_uploaded_file($_FILES['Waiver']['tmp_name'], DIR_TMP . sprintf("w_%06d", $id))) { $w_im = file_get_contents(DIR_TMP . sprintf("w_%06d", $id)); $w_imdata = base64_encode($w_im); $this->Player->SetWaiver(['MundaneId' => $id, 'HasImage' => strlen($pi_imdata), 'Waivered' => strlen($w_imdata), 'Waiver' => strlen($w_imdata) > 0 ? $w_imdata : null, 'WaiverMimeType' => strlen($w_imdata) > 0 ? $_FILES['Waiver']['type'] : '', 'Token' => $this->session->token]); } } if ($_FILES['PlayerImage']['size'] > 0 && Common::supported_mime_types($_FILES['PlayerImage']['type'])) { if (move_uploaded_file($_FILES['PlayerImage']['tmp_name'], DIR_TMP . sprintf("pi_%06d", $id))) { $pi_im = file_get_contents(DIR_TMP . sprintf("pi_%06d", $id)); $pi_imdata = base64_encode($pi_im); $this->Player->SetImage(['MundaneId' => $id, 'HasImage' => strlen($pi_imdata), 'Image' => strlen($pi_imdata) > 0 ? $pi_imdata : null, 'ImageMimeType' => strlen($pi_imdata) > 0 ? $_FILES['PlayerImage']['type'] : '', 'Token' => $this->session->token]); } } } if ($this->request->Update == 'Update Details') { if (valid_id($this->request->Admin_player->DuesSemesters)) { $this->load_model('Treasury'); $duespaid = $this->Treasury->DuesPaidToPark(['Token' => $this->session->token, 'MundaneId' => $id, 'TransactionDate' => $this->request->Admin_player->DuesDate, 'Semesters' => $this->request->Admin_player->DuesSemesters]); if ($duespaid['Status'] > 0) { $this->data['Message'] .= 'Problem adding dues: ' . print_r($duespaid['Detail'], true); } } $r = $this->Player->update_player(['MundaneId' => $id, 'GivenName' => html_decode($this->request->Admin_player->GivenName), 'Surname' => html_decode($this->request->Admin_player->Surname), 'Persona' => html_decode($this->request->Admin_player->Persona), 'UserName' => html_decode($this->request->Admin_player->UserName), 'Password' => $this->request->Admin_player->Password == $this->request->Admin_player->PasswordAgain ? $this->request->Admin_player->Password : null, 'Email' => html_decode($this->request->Admin_player->Email), 'Restricted' => $this->request->Admin_player->Restricted == 'Restricted' ? 1 : 0, 'Active' => $this->request->Admin_player->Active == 'Active' ? 1 : 0, 'HasImage' => strlen($pi_imdata), 'Image' => strlen($pi_imdata) > 0 ? $pi_imdata : null, 'ImageMimeType' => strlen($pi_imdata) > 0 ? $_FILES['PlayerImage']['type'] : '', 'Heraldry' => strlen($h_imdata) > 0 ? $h_imdata : null, 'HeraldryMimeType' => strlen($h_imdata) > 0 ? $_FILES['Heraldry']['type'] : '', 'Waivered' => $this->request->Admin_player->Waivered == 'Waivered' || strlen($w_imdata), 'Waiver' => strlen($w_imdata) > 0 ? $w_imdata : null, 'WaiverMimeType' => strlen($w_imdata) > 0 ? $_FILES['Waiver']['type'] : '', 'Token' => $this->session->token]); if ($this->request->Admin_player->Password != $this->request->Admin_player->PasswordAgain) { $this->data['Error'] = 'Passwords do not match.'; } } break; case 'addaward': if (!valid_id($id)) { $this->data['Error'] = 'You must choose a recipient. Award not added!'; break; } if (!valid_id($this->request->Admin_player->KingdomAwardId)) { $this->data['Error'] = 'You must choose an award. Award not added!'; break; } if (!valid_id($this->request->Admin_player->MundaneId)) { $this->data['Error'] = 'Who gave this award? You should rethink your life decisions'; } $r = $this->Player->add_player_award(['Token' => $this->session->token, 'RecipientId' => $id, 'KingdomAwardId' => $this->request->Admin_player->KingdomAwardId, 'CustomName' => $this->request->Admin_player->AwardName, 'Rank' => $this->request->Admin_player->Rank, 'Date' => $this->request->Admin_player->Date, 'GivenById' => $this->request->Admin_player->MundaneId, 'Note' => $this->request->Admin_player->Note, 'ParkId' => valid_id($this->request->Admin_player->ParkId) ? $this->request->Admin_player->ParkId : 0, 'KingdomId' => valid_id($this->request->Admin_player->KingdomId) ? $this->request->Admin_player->KingdomId : 0, 'EventId' => valid_id($this->request->Admin_player->EventId) ? $this->request->Admin_player->EventId : 0]); break; case 'deleteaward': $r = $this->Player->delete_player_award(['Token' => $this->session->token, 'AwardsId' => $roastbeef]); break; case 'updateaward': $r = $this->Player->update_player_award(['Token' => $this->session->token, 'AwardsId' => $roastbeef, 'RecipientId' => $id, 'AwardId' => $this->request->Admin_player->AwardId, 'Rank' => $this->request->Admin_player->Rank, 'Date' => $this->request->Admin_player->Date, 'GivenById' => $this->request->Admin_player->MundaneId, 'Note' => $this->request->Admin_player->Note, 'ParkId' => valid_id($this->request->Admin_player->ParkId) ? $this->request->Admin_player->ParkId : 0, 'KingdomId' => valid_id($this->request->Admin_player->KingdomId) ? $this->request->Admin_player->KingdomId : 0, 'EventId' => valid_id($this->request->Admin_player->EventId) ? $this->request->Admin_player->EventId : 0]); break; case 'quitunit': $r = $this->Unit->retire_unit_member(['UnitId' => $roastbeef, 'MundaneId' => $id]); break; case 'deletenote': $r = $this->Player->remove_note(['NotesId' => $roastbeef, 'MundaneId' => $id, 'Token' => $this->session->token]); break; } if ($r['Status'] == 0) { $this->data['Message'] .= 'Player has been updated:<blockquote>' . $r['Detail'] . '</blockquote>'; $this->request->clear('Admin_player'); } else { if ($r['Status'] == 5) { header('Location: ' . UIR . "Login/login/Admin/player/{$id}"); } else { $this->data['Error'] = $r['Error'] . ':<p>' . $r['Detail']; } } } } else { $this->request->clear('Admin_player'); } if ($this->request->exists('Admin_player')) { $this->data['Admin_player'] = $this->request->Admin_player->Request; } $this->data['KingdomId'] = $this->session->kingdom_id; $this->data['AwardOptions'] = $this->Award->fetch_award_option_list($this->session->kingdom_id); $this->data['Player'] = $this->Player->fetch_player($id); $this->data['Details'] = $this->Player->fetch_player_details($id); $this->data['Notes'] = $this->Player->get_notes($id); $this->data['Units'] = $this->Unit->get_unit_list(['MundaneId' => $id, 'IncludeCompanies' => 1, 'IncludeHouseholds' => 1, 'IncludeEvents' => 1, 'ActiveOnly' => 1]); $this->data['menu']['admin'] = ['url' => UIR . "Admin/player/{$id}", 'display' => 'Admin']; $this->data['menu']['player'] = ['url' => UIR . "Player/index/{$id}", 'display' => $this->data['Player']['Persona']]; }
define('OFFSET_PATH', 1); require_once dirname(__FILE__) . '/admin-globals.php'; require_once dirname(__FILE__) . '/template-functions.php'; admin_securityChecks(TAGS_RIGHTS, currentRelativeURL()); $_GET['page'] = 'tags'; $tagsort = getTagOrder(); $action = ''; if (count($_POST) > 0) { if (isset($_GET['newtags'])) { XSRFdefender('new_tags'); $language = sanitize($_POST['language']); unset($_POST['language']); unset($_POST['XSRFToken']); foreach ($_POST as $value) { if (!empty($value)) { $value = html_decode(sanitize($value, 3)); $result = query_single_row('SELECT `id` FROM ' . prefix('tags') . ' WHERE `name`=' . db_quote($value)); if (!is_array($result)) { // it really is a new tag query('INSERT INTO ' . prefix('tags') . ' (`name`,`language`) VALUES (' . db_quote($value) . ',' . db_quote($language) . ')'); } } } $action = gettext('New tags added'); } // newtags if (isset($_POST['tag_action'])) { XSRFdefender('tag_action'); $language = sanitize($_POST['language']); unset($_POST['language']); $action = $_POST['tag_action'];
while (array_key_exists($category_acronym = substr($result["ctype_name"], 0, $letters), $category_types) && strlen($result["ctype_name"]) <= $letters) { if ($letters > 15) { break; } $letters++; $category_acronym = substr($result["ctype_name"], 0, $letters); } $category_types[$category_acronym] = "<strong>" . html_encode($category_acronym) . "</strong> = " . html_encode($result["ctype_name"]); echo "<tr id=\"event-" . $result["event_id"] . "\" class=\"event\">\n"; echo "\t<td class=\"modified\">" . html_encode($category_acronym) . "</td>\n"; echo "\t<td class=\"teacher\"><a href=\"mailto:" . html_encode($result["email"]) . "\">" . html_encode($result["fullname"]) . "</a></td>\n"; echo "\t<td class=\"phase\">" . html_encode($result["role"]) . "</td>\n"; echo "\t<td class=\"date-smallest\">" . date("D M d/y", $result["event_start"]) . "</td>\n"; echo "\t<td class=\"date-smallest\">" . date("D M d/y", $result["event_finish"]) . "</td>\n"; echo "\t<td class=\"region\">" . html_encode($result["region_name"]) . "</td>\n"; echo "\t<td class=\"title\">" . limit_chars(html_decode($result["event_title"]), 55, true, false) . "</td>\n"; echo "</tr>\n"; } ?> </tbody> </table> <div class="content-small" style="margin-top: 5px"> <?php echo implode(", ", $category_types); ?> </div> <form action="#" method="get"> <input type="hidden" id="dstamp" name="dstamp" value="<?php echo $DATE_START; ?> " />
/** * produce debugging information on 404 errors * @param string $album * @param string $image * @param string $theme */ function debug404($album, $image, $theme) { if (DEBUG_404) { $list = explode('/', $album); if (array_shift($list) == 'cache') { return; } $ignore = array('/favicon.ico', '/zp-data/tést.jpg'); $target = getRequestURI(); foreach ($ignore as $uri) { if ($target == $uri) { return; } } $server = array(); foreach (array('REQUEST_URI', 'HTTP_REFERER', 'REMOTE_ADDR', 'REDIRECT_STATUS') as $key) { $server[$key] = @$_SERVER[$key]; } $request = $_REQUEST; $request['theme'] = $theme; if (!empty($image)) { $request['image'] = $image; } trigger_error(sprintf(gettext('Zenphoto processed a 404 error on %s. See the debug log for details.'), $target), E_USER_NOTICE); ob_start(); var_dump($server); $server = preg_replace('~array\\s*\\(.*\\)\\s*~', '', html_decode(getBare(ob_get_contents()))); ob_end_clean(); ob_start(); var_dump($request); $request['theme'] = $theme; if (!empty($image)) { $request['image'] = $image; } $request = preg_replace('~array\\s*\\(.*\\)\\s*~', '', html_decode(getBare(ob_get_contents()))); ob_end_clean(); debugLog("404 error details\n" . $server . $request); } }
<td class="completed">Procedures</td> </tr> </thead> <tbody> <tr><td colspan="5"></td></tr> <?php $other = false; foreach ($results as $result) { $click_url = ENTRADA_URL . "/clerkship?core=" . $result["rotation_id"]; $clinical_encounters = clerkship_get_rotation_overview($result["rotation_id"]); if ($clinical_encounters["entries"]) { $click_url = ENTRADA_URL . "/clerkship/logbook?section=view&type=entries&core=" . $result["rotation_id"]; } else { $click_url = ENTRADA_URL . "/clerkship?core=" . $result["rotation_id"]; } echo "<tr><td class=\"region\"><a href=\"" . $click_url . "\" style=\"font-size: 11px\">" . limit_chars(html_decode($result["rotation_title"]), 55, true, false) . "</a></td>\n"; echo "<td class=\"completed\">" . blank_zero($clinical_encounters["entries"]) . "</td>\n"; echo "<td class=\"completed\">" . blank_zero($clinical_encounters["objectives"]) . "</td>\n"; echo "<td class=\"completed\">" . blank_zero($clinical_encounters["mandatories"]) . " " . ($clinical_encounters["other_mandatories"] ? " (" . $clinical_encounters["other_mandatories"] . ")" : '') . "</td>\n"; echo "<td class=\"completed\">" . blank_zero($clinical_encounters["procedures"]) . "</td></tr>\n"; } ?> </tbody> </table> <br /> <?php if ($other) { echo "<div style=\"color:#666; text-align:right;\">"; echo "Parenthisized (value) indicate mandatory objectives seen in other rotations."; echo "</div>\n"; }
/** * Records a Var to the debug log * * @param string $message message to insert in log [optional] * @param mixed $var the variable to record * @param string $log alternative log file */ function debugLogVar($message) { $args = func_get_args(); if (count($args) == 1) { $var = $message; $message = ''; } else { $message .= ' '; $var = $args[1]; } if (count($args) == 3) { $log = $args[2]; } else { $log = 'debug'; } ob_start(); var_dump($var); $str = ob_get_contents(); ob_end_clean(); debugLog(trim($message) . "\r" . html_decode(getBare($str)), false, $log); }
?> " method="post" class="form-horizontal"> <div class="control-group"> <label for="assessment_method" class="form-required control-label">Assessment Method:</label> <div class="controls"> <input type="text" class="input-xlarge" id="assessment_method" name="assessment_method" value="<?php echo isset($PROCESSED["assessment_method"]) ? html_decode($PROCESSED["assessment_method"]) : ""; ?> " maxlength="60" /> </div> </div> <div class="control-group"> <label for="assessment_method_description" class="form-nrequired control-label">Description:</label> <div class="controls"> <textarea id="assessment_method_description" name="assessment_method_description" style="width: 98%; height: 200px" rows="20" cols="70"><?php echo isset($PROCESSED["assessment_method_description"]) ? html_decode($PROCESSED["assessment_method_description"]) : ""; ?> </textarea> </div> </div> <div class="control-group"> <label class="form-nrequired control-label">Mapped Assessment Types:</label> <div class="controls"> <?php $title_list = array(); $query = "\tSELECT * FROM `assessments_lu_meta` \n WHERE `organisation_id` = " . $db->qstr($ORGANISATION_ID) . "\n AND `active` = '1' \n ORDER BY `title` ASC"; if ($results = $db->GetAll($query)) { foreach ($results as $result) { $title_list[] = array("id" => $result['id'], "title" => $result["title"]); } }
} else { $elective = false; $skip = false; } if (!$click_url) { $click_url = ENTRADA_URL . "/admin/clerkship/electives?section=edit&id=" . $result["event_id"]; } if (!$skip) { echo "<tr" . ($is_here && $cssclass != " class=\"in_draft\"" ? " class=\"current\"" : $cssclass) . ">\n"; echo "\t<td class=\"modified\"><a href=\"" . $click_url . "\" style=\"font-size: 11px\"><img src=\"" . ENTRADA_URL . "/images/" . ($apartment_available ? "housing-icon-small.gif" : "pixel.gif") . "\" width=\"16\" height=\"16\" alt=\"" . ($apartment_available ? "Detailed apartment information available." : "") . "\" title=\"" . ($apartment_available ? "Detailed apartment information available." : "") . "\" style=\"border: 0px\" /></a></td>\n"; echo "\t<td class=\"type\"><a href=\"" . $click_url . "\" style=\"font-size: 11px\">" . ($elective ? "Elective" . ($elective_word != "" ? " (" . $elective_word . ")" : "") : "Core Rotation") . "</a>" . "</td>\n"; echo "\t<td class=\"date-smallest\"><a href=\"" . $click_url . "\" style=\"font-size: 11px\">" . date("D M d/y", $result["event_start"]) . "</a></td>\n"; echo "\t<td class=\"date-smallest\"><a href=\"" . $click_url . "\" style=\"font-size: 11px\">" . date("D M d/y", $result["event_finish"]) . "</a></td>\n"; echo "\t<td class=\"region\"><a href=\"" . $click_url . "\" style=\"font-size: 11px\">" . html_encode($result["city"] == "" ? limit_chars($result["region_name"], 30) : $result["city"]) . "</a></td>\n"; echo "\t<td class=\"title\">"; echo "\t\t<a href=\"" . $click_url . "\" style=\"font-size: 11px\"><span title=\"" . $event_title . "\">" . limit_chars(html_decode($event_title), 55) . "</span></a>"; echo "\t</td>\n"; echo "</tr>\n"; } } ?> </tbody> </table> </div> <div class="tab-page" id="encounters"> <h3 class="tab">Logged Encounters</h3> <?php if (isset($_GET["ids"]) && (int) $_GET["ids"]) { $PROXY_ID = $_GET["ids"]; } if (isset($_GET["sb"])) {
/** * This function cleans a string with any valid rules that have been provided in the $rules array. * Note that $rules can also be a string if you only want to apply a single rule. * If no rules are provided, then the string will simply be trimmed using the trim() function. * @param string $string * @param array $rules * @return string * @example $variable = clean_input(" 1235\t\t", array("nows", "int")); // $variable will equal an integer value of 1235. */ function clean_input($string, $rules = array()) { if (is_scalar($rules)) { if (trim($rules) != "") { $rules = array($rules); } else { $rules = array(); } } if (count($rules) > 0) { foreach ($rules as $rule) { switch ($rule) { case "page_url": // Acceptable characters for community page urls. // Acceptable characters for community page urls. case "module": $string = preg_replace("/[^a-z0-9_\\-]/i", "", $string); break; case "url": // Allows only a minimal number of characters $string = preg_replace(array("/[^a-z0-9_\\-\\.\\/\\~\\?\\&\\:\\#\\=\\+\\~]/i", "/(\\.)\\.+/", "/(\\/)\\/+/"), "\$1", $string); break; case "file": case "dir": // Allows only a minimal number of characters $string = preg_replace(array("/[^a-z0-9_\\-\\.\\/]/i", "/(\\.)\\.+/", "/(\\/)\\/+/"), "\$1", $string); break; case "int": // Change string to an integer. $string = (int) $string; break; case "float": // Change string to a float. $string = (double) $string; break; case "bool": // Change string to a boolean. $string = (bool) $string; break; case "nows": // Trim all whitespace anywhere in the string. $string = str_replace(array(" ", "\t", "\n", "\r", "", "\v", " "), "", $string); break; case "trim": // Trim whitespace from ends of string. $string = trim($string); break; case "trimds": // Removes double spaces. $string = str_replace(array(" ", "\t", "\n", "\r", "", "\v", " ", "", "ÿ", "", ""), " ", $string); $string = html_decode(str_replace(" ", "", html_encode($string))); break; case "nl2br": $string = nl2br($string); break; case "underscores": // Trim all whitespace anywhere in the string. $string = str_replace(array(" ", "\t", "\n", "\r", "", "\v", " "), "_", $string); break; case "lower": // Change string to all lower case. // Change string to all lower case. case "lowercase": $string = strtolower($string); break; case "upper": // Change string to all upper case. // Change string to all upper case. case "uppercase": $string = strtoupper($string); break; case "ucwords": // Change string to correct word case. $string = ucwords(strtolower($string)); break; case "boolops": // Removed recognized boolean operators. $string = str_replace(array("\"", "+", "-", "AND", "OR", "NOT", "(", ")", ",", "-"), "", $string); break; case "quotemeta": // Quote's meta characters $string = quotemeta($string); break; case "credentials": // Acceptable characters for login credentials. $string = preg_replace("/[^a-z0-9_\\-\\.]/i", "", $string); break; case "alphanumeric": // Remove anything that is not alphanumeric. $string = preg_replace("/[^a-z0-9]+/i", "", $string); break; case "alpha": // Remove anything that is not an alpha. $string = preg_replace("/[^a-z]+/i", "", $string); break; case "name": // @todo jellis ? $string = preg_replace("/^([a-z]+(\\'|-|\\.\\s|\\s)?[a-z]*){1,2}\$/i", "", $string); break; case "emailcontent": // Check for evil tags that could be used to spam. $string = str_ireplace(array("content-type:", "bcc:", "to:", "cc:"), "", $string); break; case "postclean": // @todo jellis ? $string = preg_replace('/\\<br\\s*\\/?\\>/i', "\n", $string); $string = str_replace(" ", " ", $string); break; case "decode": // Returns the output of the html_decode() function. $string = html_decode($string); break; case "encode": // Returns the output of the html_encode() function. $string = html_encode($string); break; case "htmlspecialchars": // Returns the output of the htmlspecialchars() function. // Returns the output of the htmlspecialchars() function. case "specialchars": $string = htmlspecialchars($string, ENT_QUOTES, DEFAULT_CHARSET); break; case "htmlbrackets": // Converts only brackets into entities. $string = str_replace(array("<", ">"), array("<", ">"), $string); break; case "notags": // Strips tags from the string. // Strips tags from the string. case "nohtml": case "striptags": $string = strip_tags($string); break; case "allowedtags": // Cleans and validates HTML, requires HTMLPurifier: http://htmlpurifier.org // Cleans and validates HTML, requires HTMLPurifier: http://htmlpurifier.org case "nicehtml": case "html": require_once "Entrada/htmlpurifier/HTMLPurifier.auto.php"; $html = new HTMLPurifier(); $config = HTMLPurifier_Config::createDefault(); $config->set("Cache.SerializerPath", CACHE_DIRECTORY); $config->set("Core.Encoding", DEFAULT_CHARSET); $config->set("Core.EscapeNonASCIICharacters", true); $config->set("HTML.SafeObject", true); $config->set("Output.FlashCompat", true); $config->set("HTML.TidyLevel", "medium"); $config->set("Test.ForceNoIconv", true); $config->set("Attr.AllowedFrameTargets", array("_blank", "_self", "_parent", "_top")); $string = $html->purify($string, $config); break; default: // Unknown rule, log notice. application_log("notice", "Unknown clean_input function rule [" . $rule . "]"); break; } } return $string; } else { return trim($string); } }
break; default: $elective_word = ""; $cssclass = ""; break; } $elective = true; } else { $elective = false; $skip = false; } if (!$skip) { echo "<tr" . ($is_here && $cssclass != " class=\"in_draft\"" ? " class=\"current\"" : $cssclass) . ">\n"; echo "\t<td class=\"modified\">" . ($apartment_available ? "<a href=\"" . $click_url . "\">" : "") . "<img src=\"" . ENTRADA_RELATIVE . "/images/" . ($apartment_available ? "housing-icon-small.gif" : "pixel.gif") . "\" width=\"16\" height=\"16\" alt=\"" . ($apartment_available ? "Detailed apartment information available." : "") . "\" title=\"" . ($apartment_available ? "Detailed apartment information available." : "") . "\" style=\"border: 0px\" />" . ($apartment_available ? "</a>" : "") . "</td>\n"; echo "\t<td class=\"type\">" . ($apartment_available || $elective ? "<a href=\"" . $click_url . "\" style=\"font-size: 11px\">" : "") . ($elective ? "Elective" . ($elective_word != "" ? " (" . $elective_word . ")" : "") : "Core Rotation") . ($apartment_available || $elective ? "</a>" : "") . "</td>\n"; echo "\t<td class=\"title\"><span title=\"" . $event_title . "\">" . ($apartment_available ? "<a href=\"" . $click_url . "\" style=\"font-size: 11px\">" : "") . limit_chars(html_decode($event_title), 55) . ($apartment_available ? "</a>" : "") . "</span></td>\n"; echo "\t<td class=\"region\">" . ($apartment_available || $elective ? "<a href=\"" . $click_url . "\" style=\"font-size: 11px\">" : "") . html_encode($result["city"] == "" ? limit_chars($result["region_name"], 30) : $result["city"]) . ($apartment_available || $elective ? "</a>" : "") . "</td>\n"; echo "\t<td class=\"date-smallest\">" . ($apartment_available ? "<a href=\"" . $click_url . "\" style=\"font-size: 11px\">" : "") . date("D M d/y", $result["event_start"]) . ($apartment_available ? "</a>" : "") . "</td>\n"; echo "\t<td class=\"date-smallest\">" . ($apartment_available ? "<a href=\"" . $click_url . "\" style=\"font-size: 11px\">" : "") . date("D M d/y", $result["event_finish"]) . ($apartment_available ? "</a>" : "") . "</td>\n"; echo "</tr>\n"; } } ?> </tbody> </table> <div style="margin-top: 15px; text-align: right"> <a href="<?php echo ENTRADA_RELATIVE; ?> /clerkship" style="font-size: 11px">Click here to view your full schedule.</a> </div>
</td> </tr> </tfoot> <tbody> <tr> <td><label for="resource" class="form-required">Resource:</label></td> <td><input type="text" id="resource" name="resource" value="<?php echo isset($PROCESSED["resource"]) ? html_decode($PROCESSED["resource"]) : ""; ?> " maxlength="60" style="width: 300px" /></td> </tr> <tr> <td style="vertical-align: top;"><label for="resource_description" class="form-nrequired">Description:</label></td> <td> <textarea id="resource_description" name="resource_description" style="width: 98%; height: 200px" rows="20" cols="70"><?php echo isset($PROCESSED["resource_description"]) ? html_decode($PROCESSED["resource_description"]) : ""; ?> </textarea> </td> </tr> <tr> <td><label for="resource" class="form-nrequired">Mapped Resources:</label></td> <?php $resource_list = array(); $query = "\tSELECT * FROM `events_lu_resources` \n\t\t\t\t\t\tWHERE `organisation_id` = " . $db->qstr($ORGANISATION_ID) . "\n\t\t\t\t\t\tAND `active` = '1' \n\t\t\t\t\t\tORDER BY `resource` ASC"; if ($results = $db->GetAll($query)) { foreach ($results as $result) { $resource_list[] = array("resource_id" => $result['resource_id'], "resource" => $result["resource"]); } } if (isset($resource_list) && is_array($resource_list) && !empty($resource_list)) {