function htmlspecialchars_deep($mixed, $quote_style = ENT_QUOTES, $charset = 'UTF-8')
{
if (is_array($mixed)) {
foreach ($mixed as $key => $value) {
$mixed[$key] = htmlspecialchars_deep($value, $quote_style, $charset);
}
} elseif (is_string($mixed)) {
$mixed = htmlspecialchars(htmlspecialchars_decode($mixed, $quote_style), $quote_style, $charset);
}
return $mixed;
}
/** 转义html字符 htmlspecialchars 包含括号
* @param string|array $s
*/
function htmlspecialchars_deep($s)
{
if (!is_array($s)) {
$s = htmlspecialchars($s, ENT_QUOTES, 'ISO-8859-1');
return $s;
} else {
foreach ($s as $i => $j) {
$s[$i] = htmlspecialchars_deep($j);
}
return $s;
}
}
// --- empty variables for values of $_POST - begin ---
$post_var_names = array('li', 'ai', 'ld');
$li = array('file' => 'example', 'name' => 'Example');
$ai = array('name' => 'Benny Baumann', 'email' => '*****@*****.**', 'web' => 'http://qbnz.com/highlighter/');
$ld = array('cmt' => array('sl' => array(1 => array('start' => '//', 'style' => 'font-style: italic; color: #666666;'), 2 => array('start' => '#', 'style' => 'font-style: italic; color: #666666;')), 'ml' => array(1 => array('start' => '/*', 'end' => '*/', 'style' => 'font-style: italic; color: #666666;'), 2 => array('start' => '/**', 'end' => '*/', 'style' => 'font-style: italic; color: #006600;')), 'rxc' => array(1 => array('rx' => '/Hello RegExp/', 'style' => 'font-style: italic; color: #666666;'))), 'str' => array('qm' => array(1 => array('delim' => "'", 'style' => 'color: #0000FF;'), 2 => array('delim' => """, 'style' => 'color: #0000FF;')), 'ec' => array('char' => '\\', 'style' => 'font-weight: bold; color: #000080;'), 'erx' => array(1 => array('rx' => '/\\{\\\\$\\w+\\}/', 'style' => 'font-weight: bold; color: #008080;'), 2 => array('rx' => '/\\{\\\\$\\w+\\}/', 'style' => 'font-weight: bold; color: #008080;'))), 'kw_case' => 'GESHI_CAPS_NO_CHANGE', 'kw' => array(1 => array('list' => '', 'case' => '0', 'style' => 'color: #0000FF; font-weight: bold;', 'docs' => '')), 'sy' => array(0 => array('list' => '', 'style' => 'color: #0000FF; font-weight: bold;')));
$kw_case_sel = array('GESHI_CAPS_NO_CHANGE' => '', 'GESHI_CAPS_UPPER' => '', 'GESHI_CAPS_LOWER' => '');
$kw_cases_sel = array(1 => array(0 => '', 1 => ''));
// --- empty variables for values of $_POST - end ---
echo "<pre>";
//var_dump($languages);
var_dump($_GET);
var_dump($_POST);
foreach ($post_var_names as $varName) {
// export wanted variables of $_POST array...
if (array_key_exists($varName, $_POST)) {
${$varName} = htmlspecialchars_deep($_POST[$varName]);
}
}
// determine the selected kw_case...
$kw_case_sel[$ld['kw_case']] = ' selected="selected"';
// determine the selected kw_cases...
for ($i = 1; $i <= count($kw_cases_sel); $i += 1) {
$kw_cases_sel[$i][(int) $ld['kw'][$i]['case']] = ' selected="selected"';
}
$lang = validate_lang();
var_dump($lang);
echo "</pre>";
?>
<form action="?action=test" method="post">
<fieldset>
<legend>Generic Information</legend>
function write_description($key, $insert_id, $name)
{
$sql = "insert into product_description set product_id = '?', language_id = '?', name = '?', description = '?', technical = '?', technical_name = '?',model = '?', model_number = '?', alt_description = '?', meta_title = '?', meta_description = '?', meta_keywords = '?'";
$this->database->query($this->database->parse($sql, $insert_id, $key, htmlspecialchars_deep($name), $this->description[$key], $this->technical[$key], htmlspecialchars_deep($this->technical_name[$key]), htmlspecialchars_deep($this->model[$key]), htmlspecialchars_deep($this->model_number[$key]), $this->alt_description[$key], strip_tags($this->meta_title[$key]), strip_tags($this->meta_description[$key]), strip_tags($this->meta_keywords[$key])));
}
function requestBody($products)
{
$language = $this->language->getCode() == 'fr' ? 'fr' : 'en';
$shipping_address_id = $this->session->get('shipping_address_id');
$output = "<?xml version=\"1.0\" ?>\n";
$output .= "<eparcel>\n";
$output .= "<language>" . $language . "</language>\n";
$output .= "<ratesAndServicesRequest>\n";
$output .= "<merchantCPCID>" . $this->config->get('canadapost_merchant_id') . "</merchantCPCID>\n";
$output .= "<fromPostalCode>" . $this->config->get('canadapost_postcode') . "</fromPostalCode>\n";
if ($this->config->get('canadapost_turnaround')) {
$output .= "<turnAroundTime>" . $this->config->get('canadapost_turnaround') . "</turnAroundTime>\n";
}
$output .= "<itemsPrice>" . str_replace(',', '', $this->currency->format($this->cart->getTotal(), 'CAD', FALSE, FALSE)) . "</itemsPrice>\n";
$output .= "<lineItems>\n";
foreach ($products as $product) {
$output .= "<item>\n";
$output .= "<quantity>" . $product['quantity'] . "</quantity>\n";
$output .= "<weight>" . str_replace(',', '.', $product['weight']) . "</weight>\n";
$output .= "<length>" . str_replace(',', '.', $product['length']) . "</length>\n";
$output .= "<width>" . str_replace(',', '.', $product['width']) . "</width>\n";
$output .= "<height>" . str_replace(',', '.', $product['height']) . "</height>\n";
$output .= "<description>" . $product['item'] . "</description>\n";
$output .= "</item>\n";
}
$output .= "</lineItems>\n";
if ($this->customer->isLogged()) {
$output .= "<city>" . htmlspecialchars_deep($this->address->getCity($shipping_address_id)) . "</city>\n";
$output .= "<provOrState>" . htmlspecialchars_deep($this->address->getZone($shipping_address_id)) . "</provOrState>\n";
$output .= "<country>" . htmlspecialchars_deep($this->address->getCountry($shipping_address_id)) . "</country>\n";
$output .= "<postalCode>" . str_replace(" ", '', $this->address->getPostCode($shipping_address_id)) . "</postalCode>\n";
} else {
$output .= "<provOrState>" . htmlspecialchars_deep($this->modelShipping->getZoneName($this->session->get('zone_id'))) . "</provOrState>\n";
$output .= "<country>" . htmlspecialchars_deep($this->modelShipping->getCountryName($this->session->get('country_id'))) . "</country>\n";
$output .= "<postalCode>" . str_replace(" ", '', $this->session->get('postcode')) . "</postalCode>\n";
}
$output .= "</ratesAndServicesRequest>\n";
$output .= "</eparcel>\n";
return $output;
}
function clean($key)
{
return htmlspecialchars_deep($this->sanitizer($key));
}
function message_send()
{
exit('Function ' . __FUNCTION__ . ' moved to the users API');
if ($_POST) {
$this->_requireLogin();
$currentUser = CI::library('session')->userdata('user');
$messageKey = $_POST['mk'];
unset($_POST['mk']);
$messageKey = base64_decode($messageKey);
$messageKey = CI::model('core')->securityDecryptString($messageKey);
if ($currentUser['email'] != $messageKey) {
exit(1);
}
$data = $_POST;
$data = stripFromArray($data);
$data = htmlspecialchars_deep($data);
/*
* Format data array
*/
// from user
$data['from_user'] = intval($currentUser['id']);
// to user
$data['to_user'] = intval($data['receiver']);
unset($data['receiver']);
// parent id
if ($data['conversation']) {
$data['parent_id'] = $data['conversation'];
}
unset($data['conversation']);
// validate 'to_user'
if ($data['parent_id']) {
$parentMessage = CI::model('core')->fetchDbData('firecms_messages', array(array('id', $data['parent_id'])));
$parentMessage = $parentMessage[0];
if (!in_array($data['to_user'], array($parentMessage['from_user'], $parentMessage['to_user']))) {
throw new Exception('Cheating detected.');
}
}
$sent = CI::model('core')->saveData('firecms_messages', $data);
echo $sent;
CI::model('core')->cleanCacheGroup('messages');
}
}
function check_barcode_id($value, $product_option = '')
{
$result = $this->database->getRow("select barcode, product_id from product where barcode = '" . htmlspecialchars_deep($value) . "' and product_id != '" . (int) $this->request->gethtml('product_id') . "'union select barcode, product_option from product_options where barcode = '" . htmlspecialchars_deep($value) . "' and product_option != '" . $product_option . "'");
return $result;
}
function commentsSave($data)
{
global $cms_db_tables;
$data = stripFromArray($data);
$data = htmlspecialchars_deep($data);
$table = $cms_db_tables['table_comments'];
//$data_to_save_options ['delete_cache_groups'] = array ('comments' );
$id = CI::model('core')->saveData($table, $data);
if (intval($id) != 0) {
CI::model('core')->cleanCacheGroup('comments/' . $id);
}
CI::model('core')->cleanCacheGroup('comments/global');
if (trim($data['to_table']) != '' and trim($data['to_table_id']) != '') {
$cache_group = "comments/{$data['to_table']}/{$data['to_table_id']}";
//var_dump($cache_group);
CI::model('core')->cleanCacheGroup($cache_group);
}
return $id;
}
function message_send()
{
require_once APPPATH . 'controllers/api/_api_require_login.php';
if ($_POST) {
$currentUser = CI::library('session')->userdata('user');
$messageKey = $_POST['mk'];
unset($_POST['mk']);
//$messageKey = ( $messageKey );
$messageKey = CI::model('core')->securityDecryptString($messageKey);
//var_dump( CI::model('core')->userId (), $messageKey);
if (CI::model('core')->userId() != $messageKey) {
exit('Error in $messageKey');
}
$data = $_POST;
$data = stripFromArray($data);
$data = htmlspecialchars_deep($data);
/*
* Format data array
*/
// from user
$data['from_user'] = intval(CI::model('core')->userId());
// to user
if (intval($data['receiver']) == 0) {
$data['receiver'] = $data['to_user'];
}
$data['to_user'] = intval($data['receiver']);
unset($data['receiver']);
// parent id
if ($data['conversation']) {
$data['parent_id'] = $data['conversation'];
}
unset($data['conversation']);
// validate 'to_user'
if ($data['parent_id']) {
$parentMessage = CI::model('core')->fetchDbData(TABLE_PREFIX . 'messages', array(array('id', $data['parent_id'])));
$parentMessage = $parentMessage[0];
if (!in_array($data['to_user'], array($parentMessage['from_user'], $parentMessage['to_user']))) {
//throw new Exception ( 'Cheating detected.' );
}
}
$data['is_read'] = 'n';
$sent = CI::model('messages')->messageSave($data);
if (intval($data['parent_id']) != 0) {
$data2 = array();
$data2['is_read'] = 'n';
$data2 = CI::model('messages')->messageSave($data2);
$cache_group = 'users/messages/' . $data['parent_id'];
CI::model('core')->cleanCacheGroup($cache_group);
}
//echo $sent;
echo 'Message sent';
$cache_group = 'users/messages/global/';
CI::model('core')->cleanCacheGroup($cache_group);
}
}
