$record = 'record'; } else { $record = 'records'; } $a = 1; while ($row = $result->fetch_assoc()) { if ($a % 2 == 0) { $class = 'listRowEven'; } else { $class = 'listRowOdd'; } $a++; extract($row); echo '<tr class="' . $class . '"> <td>' . cobalt_htmlentities($entry_id) . '</td> <td>' . cobalt_htmlentities($ip_address) . '</td> <td>' . cobalt_htmlentities($user) . '</td> <td>' . date("l, F d, Y -- h:i:s a", $datetime) . '</td> <td>' . nl2br(cobalt_htmlentities($action)) . '</td> <td>' . cobalt_htmlentities($module) . '</td> </tr>' . "\n"; } $result->close(); } else { error_handler("Error getting log entries: ", "Query: " . $data_con->query . " -----Error: " . $data_con->error); } ?> </table> </FORM> </fieldset> <?php $html_writer->draw_footer();
function draw_text_field_mf($param, $cntr) { $detail_view = $this->detail_view; $form_control_name = ''; $control_type = ''; $extra = ''; $html_flag = ''; if (isset($param[0])) { $form_control_name = $param[0]; } if (isset($param[1])) { $control_type = $param[1]; } if (isset($param[2])) { $extra = $param[2]; } if (isset($param[3])) { $html_flag = $param[3]; } if ($control_type == '') { $control_type = 'text'; } global ${$form_control_name}; $control_type = strtolower($control_type); init_var(${$form_control_name}[$cntr]); if ($html_flag != 'ALLOW' && $detail_view == TRUE) { $value = cobalt_htmlentities(${$form_control_name}[$cntr]); } else { $value = ${$form_control_name}[$cntr]; } if ($detail_view == FALSE) { ++$this->tabindex; $tabindex = $this->tabindex; if ($control_type == 'textarea') { if ($extra == '') { $extra = 'rows="5" cols="30"'; } echo "<textarea name='{$form_control_name}" . "[{$cntr}]' tabindex='{$tabindex}' {$extra}>" . $value . "</textarea>\r\n"; } else { echo "<input type='{$control_type}' name='{$form_control_name}" . "[{$cntr}]' tabindex='{$tabindex}' value='" . $value . "' {$extra}>\r\n"; } } else { if (trim($value) == '') { $value = ' '; } echo nl2br($value) . "\r\n"; } return $this; }
function sanitize_mf(&$param) { if (empty($this->field_from_parent)) { foreach ($this->relations as $rel_info) { if ($rel_info['type'] == 'M-1') { $this->field_from_parent = $rel_info['link_child']; } } } $minimum_rows = 0; foreach ($this->relations as $rel_info) { if ($rel_info['type'] == 'M-1') { $minimum_rows = $rel_info['minimum']; } } $lst_error = ''; require_once 'validation_class.php'; require_once 'char_set_class.php'; $validator = new validation(); //Check if some required fields are left blank in the submitted rows. foreach ($this->fields as $field_name => $field_details) { $dd_field_name = $field_name; $field_name = 'cf_' . $this->table_name . '_' . $field_name; $label = $field_details['label']; $required = $field_details['required']; if ($required && $dd_field_name != $this->field_from_parent) { if (isset($param[$field_name])) { $lst_error .= $validator->check_if_null($label, $param[$field_name]); } } } foreach ($param as $unclean => $unclean_value) { $prefix_length = strlen('cf_' . $this->table_name . '_'); $unclean_no_prefix = substr($unclean, $prefix_length, strlen($unclean)); if (isset($this->fields[$unclean_no_prefix])) { $length = $this->fields[$unclean_no_prefix]['length']; $data_type = $this->fields[$unclean_no_prefix]['data_type']; $attribute = $this->fields[$unclean_no_prefix]['attribute']; $control_type = $this->fields[$unclean_no_prefix]['control_type']; $label = $this->fields[$unclean_no_prefix]['label']; $char_set_method = $this->fields[$unclean_no_prefix]['char_set_method']; $char_set_allow_space = $this->fields[$unclean_no_prefix]['char_set_allow_space']; $extra_chars_allowed = $this->fields[$unclean_no_prefix]['extra_chars_allowed']; $trim = $this->fields[$unclean_no_prefix]['trim']; $valid_set = $this->fields[$unclean_no_prefix]['valid_set']; //Apply trimming if specified. //Triming should be applied to $unclean_value for purposes of further filtering/checking, //and then also applied to $param[$unclean] so as to actually affect the POST variable. //Note: since this is an mf-specialized method, we are dealing with arrays. Count first $num_items = 0; if (is_array($param[$unclean])) { $num_items = count($param[$unclean]); } for ($a = 0; $a < $num_items; ++$a) { if (strtolower($trim) == 'trim') { $unclean_value[$a] = trim($unclean_value[$a]); $param[$unclean][$a] = trim($unclean_value[$a]); } elseif (strtolower($trim) == 'ltrim') { $unclean_value[$a] = ltrim($unclean_value[$a]); $param[$unclean][$a] = ltrim($unclean_value[$a]); } elseif (strtolower($trim) == 'rtrim') { $unclean_value[$a] = rtrim($unclean_value[$a]); $param[$unclean][$a] = rtrim($unclean_value[$a]); } //Check length if ($length > 0) { if (strlen($unclean_value[$a]) > $length) { $lst_error .= "The field '{$label}' (in line #" . ($a + 1) . ") can only accept {$length} characters.<br>"; } } $validator = new validation(); //If there is a set of valid inputs, check if 'unclean' conforms to it. if (count($valid_set) > 1) { if ($unclean_value == '') { //No need to check because no value was submitted. } else { $validator->check_data_set($unclean_value[$a], $valid_set, TRUE); if ($validator->validity == FALSE) { $lst_error .= $validator->error_message . $label . '<br>'; } } } else { //If a char set method is given, check 'unclean' for invalid characters if ($char_set_method != '') { $cg = new char_set(); $cg->allow_space = $char_set_allow_space; $cg->{$char_set_method}($extra_chars_allowed); $allowed = $cg->allowed_chars; $validator->field_name = $label; $validator->validate_data($unclean_value[$a], $data_type, $allowed); if ($validator->validity == FALSE) { $cntInvalidChars = count($validator->invalid_chars); if ($cntInvalidChars == 1) { $lst_error .= "Invalid character found in '{$label}' in line #" . ($a + 1) . ": " . cobalt_htmlentities($validator->invalid_chars[0]) . '<br>'; } elseif ($cntInvalidChars > 1) { $lst_error .= "Invalid characters found in '{$label}' in line #" . ($a + 1) . ": "; for ($b = 0; $b < $cntInvalidChars; ++$b) { $lst_error .= cobalt_htmlentities($validator->invalid_chars[$b]) . ' '; } $lst_error .= '<br>'; } } } } } } } $this->lst_error = $lst_error; return $this; }
$cell_value = number_format($arr_results[$field_name][$i], $decimal_places); } elseif ($format == 'normal') { $cell_value = $arr_results[$field_name][$i]; } else { $cell_value = $format($arr_results[$field_name][$i]); } if ($arr_show_sum[$index]) { if (isset($arr_totals_aggregator[$index])) { $arr_totals_aggregator[$index] += $arr_results[$field_name][$i]; } else { $arr_totals_aggregator[$index] = $arr_results[$field_name][$i]; } } else { $arr_totals_aggregator[$index] = ''; } $nohtml_cell_value = nl2br(cobalt_htmlentities($cell_value)); //Screen output of cell contents echo '<td align="' . $alignment . '">'; echo $nohtml_cell_value; echo '</td>'; //Same data, but for CSV $csv_field = str_replace('"', "''", $cell_value); make_list($new_csv_line, $csv_field, ',', TRUE, '"'); //Same data, but for PDF $pdf_html_table .= <<<EOD <td align="{$alignment}"> {$nohtml_cell_value} </td> EOD; } //Screen output, end of row echo '</tr>'; //Same data, but for CSV (newline)
<?php $page_from = ''; $filter_used = ''; $filter_field_used = ''; $filter_sort_asc = ''; $filter_sort_desc = ''; if (isset($_GET['filter_field_used']) && isset($_GET['filter_used']) && isset($_GET['page_from'])) { $page_from = cobalt_htmlentities($_GET['page_from']); $filter_used = cobalt_htmlentities($_GET['filter_used']); $filter_field_used = cobalt_htmlentities($_GET['filter_field_used']); $filter_sort_asc = cobalt_htmlentities($_GET['filter_sort_asc']); $filter_sort_desc = cobalt_htmlentities($_GET['filter_sort_desc']); }
foreach ($field as $subtext) { if (${$subtext} != '') { $column_text .= ${$subtext}; if (isset($arr_subtext_separators[$separator_index][$sep_cntr])) { $column_text .= $arr_subtext_separators[$separator_index][$sep_cntr]; } else { $column_text .= ' '; } } ++$sep_cntr; } ++$separator_index; } else { $column_text = ${$field}; } $column_text = cobalt_htmlentities($column_text); if ($format == '') { echo $column_text; } else { if (substr($format, 0, 13) == 'number_format') { $decimal_places = substr($format, 13); echo number_format((double) $column_text, $decimal_places); } else { echo $format($column_text); } } echo '</td>'; } echo "</tr>\n"; } $result->close();
$html->draw_listview_referrer_info($filter_field_used, $filter_used, $page_from, $filter_sort_asc, $filter_sort_desc); $html->draw_hidden('role_id'); $html->draw_hidden('role_name'); echo '<div class="container">'; echo '<fieldset class="container_invisible">'; $html->draw_fieldset_header('Batch Process to Update "' . cobalt_htmlentities($role_name) . '" Users'); $html->draw_fieldset_body_start(); echo '<tr><td>'; if ($show_result) { if ($result_message_type == 'error') { $html->display_error($result_message); } else { $html->display_message($result_message); } } else { $html->display_info('This process will update the permissions of all users that are assigned the role "' . cobalt_htmlentities($role_name) . '"'); $html->display_error('WARNING: If you have a large number of users assigned to this role (several hundred or more) , this process can take a long time and cause a sharp increase in server load. It would be advisable to trigger this process during off-peak hours to avoid inconveniencing your users.'); } echo '</td></tr>'; $html->draw_fieldset_body_end(); $html->draw_fieldset_footer_start(); if ($show_result) { $html->draw_button('BACK'); } else { $html->draw_submit_cancel(FALSE, 2, 'btn_submit', 'CASCADE UPDATE'); } $html->draw_fieldset_footer_end(); echo '</fieldset>'; echo '</div>'; $html->draw_footer();
$checked = 'checked'; } echo '<td align="center"><input type="checkbox" name="show_field[]" value="' . $arr_fields[$i] . '" ' . $checked . '></td>'; echo '<td align="right">' . $arr_fields[$i] . ' </td>'; echo '<td>'; echo "<select name='operator[]'>\r\n"; echo '<option></option>'; $num_options = count($operator_settings['items']); for ($a = 0; $a < $num_options; $a++) { $selected = ''; if (isset($operator[$i])) { if ((string) $operator[$i] == (string) $operator_settings['values'][$a]) { $selected = 'selected'; } } echo '<option value="' . cobalt_htmlentities($operator_settings['values'][$a]) . '" ' . $selected . '> ' . $operator_settings['items'][$a] . '</option>' . "\r\n"; } echo "</select>\r\n"; echo '</td>'; echo '<td>'; echo '<input type="text" name="text_field[]" size="30" value="' . $text_field[$i] . '">'; echo '</td>'; $checked = ''; if (is_array($sum_field)) { if (in_array($arr_fields[$i], $sum_field)) { $checked = 'checked'; } } echo '<td align="center"><input type="checkbox" name="sum_field[]" value="' . $arr_fields[$i] . '" ' . $checked . '></td>'; $checked = ''; if (is_array($count_field)) {