PHP sanitize_for_dbの例

プログラミング言語: PHP

メソッド/関数: sanitize_for_db

hotexamples.comのコード掲載数: 2

PHP sanitize_for_db - 2件のコード例が見つかりました。すべてオープンソースプロジェクトから抽出されたPHPのsanitize_for_dbの実例で、最も評価が高いものを厳選しています。コード例の評価を行っていただくことで、より質の高いコード例が表示されるようになります。

コード例 #1

ファイルを表示

ファイル: functions.php プロジェクト: skelegon/I244

function suspend_user($id)
{
    if (!is_admin()) {
        header("Location: ?mode=login");
    } else {
        global $connection;
        $get_status = "SELECT status FROM 10153316_user WHERE user_ID='" . sanitize_for_db($connection, $id) . "'";
        $status = mysqli_fetch_assoc(mysqli_query($connection, $get_status))['status'];
        if ($status == 1) {
            $sql = "UPDATE 10153316_user SET status='0' WHERE user_ID='" . sanitize_for_db($connection, $id) . "'";
            $result = mysqli_query($connection, $sql);
            cancel_user_request($id);
            suspend_user_items($id);
            return "Successfully suspended!";
        }
        $sql = "UPDATE 10153316_user SET status='1' WHERE user_ID='" . sanitize_for_db($connection, $id) . "'";
        $result = mysqli_query($connection, $sql);
        suspend_user_items($id);
        return "Successfully un-suspended!";
    }
}

コード例 #2

ファイルを表示

ファイル: addproduct.php プロジェクト: skelegon/I244

 }
 if (empty($_POST["category"])) {
     $errors[] = "Please choose item category";
 }
 if (empty($errors)) {
     global $connection;
     //var_dump($_POST);
     $name = sanitize_for_db($connection, $_POST["name"]);
     $condition = sanitize_for_db($connection, $_POST["condition"]);
     $qty = sanitize_for_db($connection, $_POST["quantity"]);
     $unit = sanitize_for_db($connection, $_POST["unit"]);
     $usrtel = sanitize_for_db($connection, $_POST["usrtel"]);
     $email = sanitize_for_db($connection, $_POST["email"]);
     $p = sanitize_for_db($connection, upload("pic", "pictures/"));
     $description = sanitize_for_db($connection, $_POST["description"]);
     $category = sanitize_for_db($connection, $_POST["category"]);
     $sql = "INSERT INTO 10153316_item (name, cond, quantity, unit, thumbnail, phone, email, description, seller_ID, category_ID) VALUES ('{$name}', '{$condition}', '{$qty}', '{$unit}', 'pictures/" . $p . "', '{$usrtel}', '{$email}', '{$description}', '{$user_ID}', '{$category}')";
     $result = mysqli_query($connection, $sql);
     if (!$result) {
         $errors[] = "Upload failed";
     } else {
         $notifications[] = "Upload successful";
         $name = "";
         $qty = "";
         $unit = "";
         $description = "";
     }
 } else {
     $name = isset($_POST['name']) ? $_POST['name'] : "";
     $condition = isset($_POST['condition']) ? $_POST['condition'] : "";
     $qty = isset($_POST['quantity']) ? $_POST['quantity'] : "";