db_real_escape_string PHP 코드 예제들

예제 #1

0

파일 보기

파일: Chat.class.php 프로젝트: kardi31/ogl

 public static function login($name, $email, $user)
 {
     if (!$name || !$user) {
         throw new Exception('Wypełnij wszystkie pola.');
     }
     $user = new ChatUser(array('name' => $name, 'gravatar' => $user));
     include_once "../db_connect.php";
     include_once "../include/ust.php";
     $Querys = 'SELECT * FROM ' . $pre . 'user WHERE user_id=' . $_SESSION['user_id'] . '';
     $results = db_query($Querys) or die(db_error());
     while ($rows = db_fetch($results)) {
         $ile_pkt = $rows['user_money'];
         if ($rows['user_vip'] >= time()) {
             $czy_vp = 1;
         }
         $user_chat = $rows['user_chat'];
     }
     if ($user_chat == 1) {
         throw new Exception('Masz zablokowany dostęp do czatu.');
     }
     if ($czy_vp != 1) {
         if ($ile_pkt > $ust['chatp']) {
             $up = "UPDATE " . $pre . "user SET user_money=user_money-" . $ust['chatp'] . " WHERE user_id='" . db_real_escape_string($_SESSION['user_id']) . "'";
             db_query($up);
         } else {
             throw new Exception('Masz zamało punktów by dołączyć do czatu.');
         }
     }
     // The save method returns a MySQLi object
     if ($user->save()->affected_rows != 1) {
         throw new Exception('Nick jest zajęty.');
     }
     $_SESSION['user'] = array('name' => $name, 'gravatar' => $user);
     return array('status' => 1, 'name' => $name, 'gravatar' => $user);
 }

예제 #2

0

파일 보기

파일: user_model.php 프로젝트: jan-munneke/emoncms3

function user_apikey_session_control($apikey_in)
{
    //----------------------------------------------------
    // Check for apikey login
    //----------------------------------------------------
    $apikey_in = db_real_escape_string($apikey_in);
    $userid = get_apikey_read_user($apikey_in);
    if ($userid != 0) {
        session_regenerate_id();
        $session['userid'] = $userid;
        $session['read'] = 1;
        $session['write'] = 0;
        $session['admin'] = 0;
        //   $session['lang'] = "en";
    }
    $userid = get_apikey_write_user($apikey_in);
    if ($userid != 0) {
        session_regenerate_id();
        $session['userid'] = $userid;
        $session['read'] = 1;
        $session['write'] = 1;
        $session['admin'] = 0;
        // $session['lang'] = "en";
    }
    //----------------------------------------------------
    return $session;
}

예제 #3

0

파일 보기

파일: confirm_controller.php 프로젝트: jan-munneke/emoncms3

function confirm_controller()
{
    $message = preg_replace('/[^\\w\\s-.<>?:]/', '', $_POST['message']);
    // filter out all except for alphanumeric white space and dash
    $message = db_real_escape_string($message);
    $id = intval($_POST['id']);
    $action = preg_replace('/[^.\\/a-z]/', '', $_POST['action']);
    // filter out all except a-z / .
    $action = db_real_escape_string($action);
    $content['content'] = view("confirm_view.php", array('message' => $message, 'id' => $id, 'action' => $action));
    return $content;
}

예제 #4

0

파일 보기

파일: api_controller.php 프로젝트: jan-munneke/emoncms3

function api_controller()
{
    global $session, $action;
    require "Models/input_model.php";
    require "Models/feed_model.php";
    require "Models/process_model.php";
    // POST arduino posts up to emoncms
    if ($action == 'post' && $session['write']) {
        $node = intval($_GET['node']);
        $json = db_real_escape_string($_GET['json']);
        $csv = db_real_escape_string($_GET['csv']);
    }
    if ($csv) {
        $values = explode(',', $csv);
        $i = 0;
        foreach ($values as $value) {
            $i++;
            if ($node) {
                $key = $i;
            } else {
                $key = "csv" . $i;
            }
            $datapairs[] = $key . ":" . $value;
        }
    }
    if ($json) {
        // preg_replace strips out everything appart from alphanumeric characters, whitespace and -.:,
        $json = preg_replace('/[^\\w\\s-.:,]/', '', $json);
        $datapairs = explode(',', $json);
    }
    if ($json || $csv) {
        $time = time();
        // get the time - data recived time
        if (isset($_GET["time"])) {
            $time = intval($_GET["time"]);
            // - or use sent timestamp if present
        }
        $inputs = register_inputs($session['userid'], $node, $datapairs, $time);
        // register inputs
        process_inputs($session['userid'], $inputs, $time);
        // process inputs to feeds etc
        $output['message'] = "ok";
    }
    return $output;
}

예제 #5

0

파일 보기

파일: node_controller.php 프로젝트: CapeSepias/archive

function node_controller()
{
    require "Modules/node/node_model.php";
    global $session, $route;
    $output['content'] = "";
    $output['message'] = "";
    if ($route['action'] == 'create' && $session['write']) {
        $nodeid = create_node($session['userid'], "(new)", "");
        $output['message'] = "Node created";
    }
    if ($route['action'] == 'list' && $session['read']) {
        $list = get_node_list($session['userid']);
        $output['content'] = view('node/node_list.php', array('list' => $list));
    }
    if ($route['action'] == 'edit' && $session['write']) {
        $nodeid = intval($_GET['id']);
        $title = get_node_title($nodeid);
        $content = get_node_content($nodeid);
        $output['content'] = view('node/node_edit.php', array('id' => $nodeid, 'title' => $title, 'content' => $content));
    }
    if ($route['action'] == 'save' && $session['write']) {
        $nodeid = intval($_POST['id']);
        $title = $_POST['title'];
        $content = $_POST['content'];
        $content = db_real_escape_string($content);
        set_node_title($nodeid, $title);
        set_node_content($nodeid, $content);
        $output['message'] = "Node saved";
    }
    if ($route['action'] == 'view') {
        $nodeid = intval($_GET['id']);
        $title = get_node_title($nodeid);
        $content = get_node_content($nodeid);
        include_once "Modules/node/markdown/markdown.php";
        $content = Markdown($content);
        $output['content'] = view('node/node_view.php', array('title' => $title, 'content' => $content));
    }
    if ($route['action'] == 'delete' && $session['write']) {
        $nodeid = intval($_GET['id']);
        delete_node($nodeid);
        $output['message'] = "Node deleted";
    }
    return $output;
}

예제 #6

0

파일 보기

파일: zaproszenia.php 프로젝트: kardi31/ogl

<?php

include "subheader.php";
$ilepw = 0;
$Query = 'SELECT * FROM ' . $pre . 'friend WHERE fo_do="' . db_real_escape_string($_SESSION['user_id']) . '" order by fo_id DESC';
$result = db_query($Query) or die(db_error());
while ($row = db_fetch($result)) {
    $Query1 = 'SELECT * FROM ' . $pre . 'user WHERE user_id="' . db_real_escape_string($row['fo_od']) . '"';
    $result1 = db_query($Query1) or die(db_error());
    while ($row1 = db_fetch($result1)) {
        $user_login[] = $row1['user_login'];
        $user_loginn[] = namen($row1['user_login']);
    }
    $pw_id[] = $row['fo_id'];
    $pw_od[] = $row['fo_od'];
    $pw_czyt[] = $row['fo_akt'];
    $pw_tresc[] = $row['fo_tresc'];
    $pw_data[] = $row['fo_data'];
    $ilepw++;
}
$smarty->assign("od_login", $user_login);
$smarty->assign("od_loginn", $user_loginn);
$smarty->assign("pw_id", $pw_id);
$smarty->assign("temat", $pw_temat);
$smarty->assign("od", $pw_od);
$smarty->assign("pw_tresc", $pw_tresc);
$smarty->assign("czyt", $pw_czyt);
$smarty->assign("data", $pw_data);
$smarty->assign("ilepw", $ilepw);
if ($_GET['v'] == "wyslano") {
    $smarty->assign("wyslano", "ok");

예제 #7

0

파일 보기

파일: dashboard_controller.php 프로젝트: jan-munneke/emoncms3

function dashboard_controller()
{
    require "Models/dashboard_model.php";
    global $path, $session, $action, $subaction, $format;
    $output['content'] = "";
    $output['message'] = "";
    //----------------------------------------------------------------------------------------------------------------------
    // New dashboard
    //----------------------------------------------------------------------------------------------------------------------
    if ($action == 'new' && $session['write']) {
        $dashid = new_dashboard($session['userid']);
        $output['message'] = _("dashboards new");
        if ($format == 'html') {
            header("Location: ../dashboard/edit?id=" . $dashid);
        }
    } elseif ($action == 'delete' && $session['write']) {
        $output['message'] = delete_dashboard($session['userid'], intval($_POST["id"]));
    } elseif ($action == 'clone' && $session['write']) {
        $output['message'] = clone_dashboard($session['userid'], intval($_POST["id"]));
    } elseif ($action == 'list' && $session['read']) {
        $_SESSION['editmode'] = TRUE;
        if ($session['read']) {
            $apikey = get_apikey_read($session['userid']);
        }
        $dashboards = get_dashboard_list($session['userid'], 0, 0);
        $menu = build_dashboard_menu($session['userid'], "edit");
        $user = get_user($session['userid']);
        if ($format == 'html') {
            $output['content'] = view("dashboard/dashboard_list_view.php", array('apikey' => $apikey, 'dashboards' => $dashboards, 'menu' => $menu, 'user' => $user));
        }
    } elseif ($action == 'public') {
        $userlist = get_user_list();
        $dashboard_list = array();
        foreach ($userlist as $user) {
            $user_dash_list = get_dashboard_list($user['userid'], 1, 1);
            foreach ($user_dash_list as $user_dash) {
                $user_dash['username'] = $user['name'];
                $dashboard_list[] = $user_dash;
            }
        }
        if ($format == 'html') {
            $output['content'] = view("dashboard/dashboard_publiclist_view.php", array('dashboards' => $dashboard_list));
        }
    } elseif ($action == 'thumb' && $session['read']) {
        $_SESSION['editmode'] = TRUE;
        if ($session['read']) {
            $apikey = get_apikey_read($session['userid']);
        }
        $dashboards = get_dashboard_list($session['userid'], 0, 0);
        $menu = build_dashboard_menu($session['userid'], "edit");
        if ($format == 'html') {
            $output['content'] = view("dashboard/dashboard_thumb_view.php", array('apikey' => $apikey, 'dashboards' => $dashboards, 'menu' => $menu));
        }
    } elseif (($action == 'run' || $action == 'view') && $session['read']) {
        $id = intval($_GET['id']);
        $alias = preg_replace('/[^a-z]/', '', $subaction);
        if ($action == "run") {
            $public = !$session['write'];
            $published = 1;
        } else {
            $public = 0;
            $published = 0;
        }
        if ($id) {
            // If a dashboard id is given we get the coresponding dashboard
            $dashboard = get_dashboard_id($session['userid'], $id, $public, $published);
        } elseif ($alias) {
            $dashboard = get_dashboard_alias($session['userid'], $alias, $public, $published);
        } else {
            // Otherwise we get the main dashboard
            $dashboard = get_main_dashboard($session['userid']);
        }
        // URL ENCODE...
        if ($format == 'json') {
            $output['content'] = urlencode($dashboard['content']);
            return $output;
        }
        $menu = build_dashboard_menu($session['userid'], $action);
        if ($action == "run") {
            // In run mode dashboard menu becomes the main menu
            $_SESSION['editmode'] = FALSE;
            $output['runmenu'] = '<div class="nav-collapse collapse">';
            $output['runmenu'] .= '<ul class="nav">' . $menu . '</ul>';
            if ($session['write']) {
                $output['runmenu'] .= "<ul class='nav pull-right'><li><a href='" . $GLOBALS['path'] . "user/logout'>" . _("Logout") . "</a></li></ul>";
            }
            $output['runmenu'] .= "</div>";
        } else {
            // Otherwise in view mode the dashboard menu is an additional grey menu
            $_SESSION['editmode'] = TRUE;
            $output['submenu'] = view("dashboard/dashboard_menu.php", array('id' => $dashboard['id'], 'menu' => $menu, 'type' => "view"));
        }
        //if ($dashboard_arr)
        //{
        $apikey = get_apikey_read($session['userid']);
        $output['content'] = view("dashboard/dashboard_view.php", array('dashboard' => $dashboard, "apikey_read" => $apikey));
        // If run mode avoid include dashboard configuration (this makes dashboard page lighter)
        if ($action != "run") {
            $output['content'] .= view("dashboard/dashboard_config.php", array('dashboard' => $dashboard));
        }
        //}
        //else
        //{
        //  $output['content'] = view("dashboard_run_errornomain.php",array());
        //}
    } elseif ($action == 'edit' && $session['write']) {
        $id = intval($_GET['id']);
        $alias = preg_replace('/[^a-z]/', '', $subaction);
        if ($id) {
            // If a dashboard id is given we get the coresponding dashboard
            $dashboard = get_dashboard_id($session['userid'], $id, 0, 0);
        } elseif ($alias) {
            $dashboard = get_dashboard_alias($session['userid'], $alias, 0, 0);
        } else {
            // Otherwise we get the main dashboard
            $dashboard = get_main_dashboard($session['userid']);
        }
        $apikey = get_apikey_read($session['userid']);
        $menu = build_dashboard_menu($session['userid'], "edit");
        $output['content'] = view("dashboard/dashboard_edit_view.php", array('dashboard' => $dashboard, "apikey_read" => $apikey));
        $output['content'] .= view("dashboard/dashboard_config.php", array('dashboard' => $dashboard));
        $output['submenu'] = view("dashboard/dashboard_menu.php", array('id' => $dashboard['id'], 'menu' => $menu, 'type' => "edit"));
    } elseif ($action == 'ckeditor' && $session['write']) {
        $id = intval($_GET['id']);
        $alias = preg_replace('/[^a-z]/', '', $subaction);
        if ($id) {
            // If a dashboard id is given we get the coresponding dashboard
            $dashboard = get_dashboard_id($session['userid'], $id, 0, 0);
        } elseif ($alias) {
            $dashboard = get_dashboard_alias($session['userid'], $alias, 0, 0);
        } else {
            // Otherwise we get the main dashboard
            $dashboard = get_main_dashboard($session['userid']);
        }
        $menu = build_dashboard_menu($session['userid'], "ckeditor");
        $output['content'] = view("dashboard/dashboard_ckeditor_view.php", array('dashboard' => $dashboard, 'menu' => $menu));
        $output['submenu'] = view("dashboard/dashboard_menu.php", array('id' => $dashboard['id'], 'menu' => $menu, 'type' => "ckeditor"));
    }
    //----------------------------------------------------------------------------------------------------------------------
    // SET dashboard
    // dashboard/set?content=<h2>HelloWorld</h2>
    //----------------------------------------------------------------------------------------------------------------------
    if ($action == 'set' && $session['write']) {
        $content = $_POST['content'];
        if (!$content) {
            $content = $_GET['content'];
        }
        $id = intval($_POST['id']);
        if (!$id) {
            $id = intval($_GET['id']);
        }
        // IMPORTANT: if you get problems with characters being removed check this line:
        $content = preg_replace('/[^\\w\\s-.#<>?",;:=&\\/%]/', '', $content);
        // filter out all except characters usually used
        $content = db_real_escape_string($content);
        set_dashboard_content($session['userid'], $content, $id);
        if ($format == 'html') {
            $output['message'] = _("dashboard set");
        } else {
            $output['message'] = "ok";
        }
    } elseif ($action == 'setconf' && $session['write']) {
        $id = intval($_POST['id']);
        $name = preg_replace('/[^\\w\\s-]/', '', $_POST['name']);
        $alias = preg_replace('/[^a-z]/', '', $_POST['alias']);
        $description = preg_replace('/[^\\w\\s-]/', '', $_POST['description']);
        // Separated functions to allow set values in independent way
        if (isset($_POST['main'])) {
            set_dashboard_main($session['userid'], $id, intval($_POST['main']));
        }
        if (isset($_POST['published'])) {
            set_dashboard_publish($session['userid'], $id, intval($_POST['published']));
        }
        if (isset($_POST['public'])) {
            set_dashboard_public($session['userid'], $id, intval($_POST['public']));
        }
        if (isset($_POST['name'])) {
            set_dashboard_name($session['userid'], $id, $name);
        }
        if (isset($_POST['alias'])) {
            set_dashboard_alias($session['userid'], $id, $alias);
        }
        if (isset($_POST['description'])) {
            set_dashboard_description($session['userid'], $id, $description);
        }
        if (isset($_POST['showdescription'])) {
            set_dashboard_showdescription($session['userid'], $id, intval($_POST['showdescription']));
        }
        //set_dashboard_conf($session['userid'],$id,$name,$alias,$description,$main,$public,$published);
        $output['message'] = _("dashboard set configuration");
    }
    return $output;
}

예제 #8

0

파일 보기

파일: up_faq.php 프로젝트: kardi31/ogl

<?php

session_start();
include '../db_connect.php';
if ($_SESSION['logadm'] == "adm") {
    if ($_POST['nazwa'] != "") {
        $up = "UPDATE " . $pre . "faq SET faq_nazwa='" . $_POST['nazwa'] . "', faq_tresc='" . $_POST['tresc'] . "' WHERE faq_id='" . db_real_escape_string($_GET['id']) . "'";
        db_query($up);
    } else {
        header('Location: index.php?page=faq&action=&e=t');
        exit;
    }
}
header('Location: index.php?page=faq&action=&e=2');

예제 #9

0

파일 보기

파일: subheader.php 프로젝트: kardi31/ogl

            $smarty->assign("vipendd", $rows['user_vip']);
            $smarty->assign("vipend", date("Y.m.d", $rows['user_vip']));
        } else {
            $smarty->assign("vipend", "0");
        }
    }
    $smarty->assign("get_user_prezenty", get_user_prezenty($_SESSION['user_id']));
}
//------
if ($_GET['v'] == "delete-zaproszenie") {
    $del = "DELETE FROM " . $pre . "friend WHERE fo_id='" . db_real_escape_string($_GET['id']) . "' and fo_do='" . $_SESSION['user_id'] . "' ";
    db_query($del);
    $smarty->assign("del-zaproszenie", "ok");
}
if ($_GET['v'] == "zatwierdz") {
    $del = "UPDATE " . $pre . "friend SET fo_akt=1 WHERE fo_id='" . db_real_escape_string($_GET['id']) . "' and fo_do='" . $_SESSION['user_id'] . "' ";
    db_query($del);
}
//------
if ($_GET['enter'] == "ok") {
    $_SESSION['user_18'] = "ok";
}
if ($ust['kos'] == "1" and $_SESSION['user_18'] != "ok") {
    $smarty->display($ust['templates'] . '/page_18.tpl');
    exit;
}
$topads = array();
$bottom1ads = array();
$bottom2ads = array();
$bottom3ads = array();
//$bottom4ads = array();

예제 #10

0

파일 보기

파일: do_pay.php 프로젝트: kardi31/ogl

<?php

session_start();
include 'db_connect.php';
include 'include/function.php';
include 'include/ust.php';
if ($_COOKIE['lang'] != "" and isset($_COOKIE['lang']) and strlen($_COOKIE['lang']) <= 3) {
    $u_usr['lang'] = substr($_COOKIE['lang'], 0, 3);
} else {
    $u_usr['lang'] = $ust['lang_d'];
}
include "lang/" . $u_usr['lang'] . "/site.php";
if ($_GET['p'] == "v") {
    $Query = 'SELECT * FROM ' . $pre . 'dni WHERE dni_id="' . db_real_escape_string($_GET['id']) . '" ORDER by dni_dni ASC';
    $result = db_query($Query) or die(db_error());
    while ($row = db_fetch($result)) {
        $p_dni = $row['dni_dni'];
        $p_pkt = $row['dni_pkt'];
        $p_cpkt = $row['dni_cpkt'];
        $p_dniid = $row['dni_id'];
        $p_dnicena = $row['dni_cena'];
        $p_dnicenasms = $row['dni_cenasms'];
        $p_dninumer = $row['dni_numer'];
        $p_dnikod = $row['dni_kod'];
        $p_dnitresc = $row['dni_tresc'];
        $p_dnismspkt = $row['dni_sms_pkt'];
        $p_dnipaykod = $row['dni_pay_kod'];
        $p_dnipaypkt = $row['dni_pay_pkt'];
    }
    $in = "INSERT INTO " . $pre . "zamowienia(`za_pakiet`,`za_user`,`za_data`,`za_cena`,`za_punkty`)VALUES('pay','" . $_SESSION['user_id'] . "',NOW(),'" . $p_dnicena . "','" . $p_dniid . "')";
    db_query($in);

예제 #11

0

파일 보기

파일: moje-filmy.php 프로젝트: kardi31/ogl

                    db_query($up);
                }
                header("Location: /user/moje-filmy/5");
                exit;
            } else {
                $msg = "Sorry, there was an error uploading your file.";
            }
            header("Location: /user/moje-filmy/15");
            exit;
        }
    } else {
        header("Location: /user/moje-filmy/19");
        exit;
    }
}
$Query = 'SELECT * FROM ' . $pre . 'mov WHERE fo_user="******" order by fo_id DESC';
$result = db_query($Query) or die(db_error());
while ($row = db_fetch($result)) {
    $fo_id[] = $row['fo_id'];
    $fo_fd[] = $row['fo_fd'];
    $fo_opis[] = $row['fo_opis'];
    $fo_prv[] = $row['fo_prv'];
    $fo_custom_file[] = $row['fo_custom_file'];
    $fo_cena[] = $row['fo_cena'];
    $fo_user[] = $row['fo_user'];
    if ($row['fo_custom_file'] == 1) {
        $fo_fm[] = $row['fo_fm'];
    } else {
        $fo_fm[] = get_you($row['fo_fm']);
    }
    $fo_thumb[] = $row['fo_thumb'];

예제 #12

0

파일 보기

파일: register.php 프로젝트: kardi31/ogl

 } else {
     $e_plec = 0;
 }
 if ($_POST['y'] == "" or $_POST['m'] == "" or $_POST['d'] == "") {
     $smarty->assign("e_wiek", "1");
     $e_wiek = 1;
 } else {
     $e_wiek = 0;
 }
 if ($_POST['regulamin'] == "") {
     $smarty->assign("reg", "1");
     $reg = 1;
 } else {
     $reg = 0;
 }
 $ile_email = db_num_rows(db_query("SELECT user_email FROM " . $pre . "user WHERE user_email='" . db_real_escape_string($_POST['email']) . "'"));
 if ($ile_email >= 1) {
     $smarty->assign("ei", "1");
     $ei = 1;
 } else {
     $ei = 0;
 }
 if (!spremail($_POST['email'])) {
     $smarty->assign("e", "1");
     $e = 1;
 } else {
     $e = 0;
 }
 $resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
 if ($ust['token_r'] == 1) {
     if (!$resp->is_valid) {

예제 #13

0

파일 보기

파일: u_dg.php 프로젝트: kardi31/ogl

<?php

session_start();
include "../db_connect.php";
include "../include/function.php";
if ($_SESSION['user_id'] >= 1) {
    $del = "DELETE FROM " . $pre . "czlonkowie WHERE c_id='" . db_real_escape_string($_GET['id']) . "'";
    db_query($del);
}
header("Location: " . $_SERVER['HTTP_REFERER'] . "");

예제 #14

0

파일 보기

파일: panel-imprezy.php 프로젝트: kardi31/ogl

<?php

include "subheader.php";
if ($_GET['del'] >= 1) {
    $del = "DELETE FROM " . $pre . "imprezy WHERE i_id=" . db_real_escape_string($_GET['del']) . " and i_user="******"";
    db_query($del);
    $smarty->assign("delc", "1");
}
$Query = 'SELECT * FROM ' . $pre . 'imprezy WHERE i_user="******"';
$result = db_query($Query) or die(db_error());
while ($row = db_fetch($result)) {
    $i_id[] = $row['i_id'];
    $i_d[] = $row['i_d'];
    $i_m[] = $row['i_m'];
    $i_y[] = $row['i_y'];
    $i_h[] = $row['i_h'];
    $i_mi[] = $row['i_mi'];
    $i_nazwa[] = $row['i_nazwa'];
    $i_opis[] = $row['i_opis'];
}
$smarty->assign("i_id", $i_id);
$smarty->assign("i_d", $i_d);
$smarty->assign("i_m", $i_m);
$smarty->assign("i_y", $i_y);
$smarty->assign("i_h", $i_h);
$smarty->assign("i_mi", $i_mi);
$smarty->assign("i_nazwa", $i_nazwa);
$smarty->assign("i_opis", $i_opis);
$smarty->assign("stan", $_GET['stan']);
$smarty->assign("title", $lang['464'] . ' - ' . $ust['nazwa']);
$smarty->display($ust['templates'] . '/panel-imprezy.tpl');

예제 #15

0

파일 보기

파일: up_user.php 프로젝트: kardi31/ogl

<?php

session_start();
include '../db_connect.php';
if ($_SESSION['logadm'] == "adm") {
    $uid = $_POST['uid'];
    $up = "UPDATE " . $pre . "user SET user_money='" . $_POST['punkty'] . "', user_vip='" . strtotime($_POST['vip']) . "' WHERE user_id='" . db_real_escape_string($uid) . "'";
    db_query($up);
    header('Location: index.php?page=user&action=view&id=' . $uid . '&e=1');
    exit;
}
header('Location: index.php?page=cat&action=&e=2');

예제 #16

0

파일 보기

파일: komentarze.php 프로젝트: kardi31/ogl

            echo ' align="center">' . $row['user_id'] . '</td>
<td width="95%"';
            if ($i % 2 == 0) {
                echo ' bgcolor="#dddddd" ';
            }
            echo ' align="center"><a href="index.php?page=komentarze&action=galerie&typ=g&id=' . $row['user_id'] . '" title="Zobacz komentarze">' . $row['user_login'] . '</a> [' . $ilek . ']</td>
</tr>';
            $i++;
        }
        echo '</table>';
        if ($i == "1") {
            echo '<center><b>Brak</b></center>';
        }
    } else {
        $k = 0;
        $Query = 'SELECT * FROM ' . $pre . 'komentarze WHERE kom_typ="g" AND kom_idk="' . db_real_escape_string($_GET['id']) . '" ORDER by kom_id DESC ';
        $result = db_query($Query) or die(db_error());
        while ($row = db_fetch($result)) {
            echo '
Nick: <b>';
            if ($row['kom_idu'] == "") {
                echo '' . $row['kom_nick'] . '';
            } else {
                echo '<a href="../user/' . namen($row['kom_nick']) . '/' . $row['kom_idu'] . '">' . $row['kom_nick'] . '</a>';
            }
            echo '</b> Data: <b>' . $row['kom_data'] . '</b> - <b><a href="index.php?page=komentarze&action=galerie&typ=g&id=' . htmlspecialchars($_GET['id']) . '&id_del=' . $row['kom_id'] . '&v=delete"><b>Usuń</b></a></b><br>
' . $row['kom_tresc'] . '<br><hr><br>
';
            $k++;
        }
        if ($k == "0") {

예제 #17

0

파일 보기

파일: ustawienia.php 프로젝트: kardi31/ogl

if ($_GET['action'] == "woj") {
    echo '
<br>
<a name="glowne"></a>
<br>';
    echo '
<form action="dodaj_woj.php" method="POST">
' . $lang['47'] . ' <input type="text" name="nazwa"><input type="submit" name="ddd" value="' . $lang['48'] . '"></form>


';
    if ($_GET['v'] == "dodane") {
        echo '<div id="ukryj" ><br><br><div id="green" style="border-style:solid;border-width:thin;width:400px;height:30px;text-align:center;display:table-cell;vertical-align:middle;border-color:black;background-color:#e9ffd3;"><center><b>' . $lang['49'] . '</b></center></div></div>';
    }
    if ($_GET['v'] == "delete") {
        $del = "DELETE FROM " . $pre . "woj WHERE w_id='" . db_real_escape_string($_GET['id']) . "'";
        db_query($del);
        echo '<div id="ukryj" ><br><br><div id="red" style="border-style:solid;border-width:thin;width:400px;height:30px;text-align:center;display:table-cell;vertical-align:middle;border-color:black;background-color:#fde1e1;"><center><b>' . $lang['50'] . '</b></center></div></div>';
    }
    echo '<br><br>
<table width="40%" cellspacing="0" cellpadding="0" style="border: 1px solid #cccccc;">
<tr>
<td width="5%" background="style/images/belka.gif" height="24" align="center"><b></b></td>
<td width="90%" background="style/images/belka.gif" height="24" align="center"><b>' . $lang['51'] . '</b></td>
<td width="5%" background="style/images/belka.gif" height="24" align="center"><b>' . $lang['52'] . '</b></td>
</tr>';
    $i = 1;
    $Query = 'SELECT * FROM ' . $pre . 'woj  ORDER by w_id DESC ';
    $result = db_query($Query) or die(db_error());
    while ($row = db_fetch($result)) {
        echo '<tr>

예제 #18

0

파일 보기

파일: grupa.php 프로젝트: kardi31/ogl

<?php

include "subheader.php";
$Query = 'SELECT * FROM ' . $pre . 'czlonkowie WHERE c_g="' . db_real_escape_string($_GET['id']) . '" and c_user="******" and c_akt="1" ';
$result = db_query($Query) or die(db_error());
while ($row = db_fetch($result)) {
    $smarty->assign("czlonek", $row['c_akt']);
}
$Query = 'SELECT * FROM ' . $pre . 'grupa WHERE g_id="' . db_real_escape_string($_GET['id']) . '" ORDER by g_nazwa ASC';
$result = db_query($Query) or die(db_error());
while ($row = db_fetch($result)) {
    $g_id = $row['g_id'];
    $g_nazwan = namen($row['g_nazwa']);
    $g_nazwa = $row['g_nazwa'];
    $g_typ = $row['g_typ'];
    $g_data = $row['g_data'];
    $g_user = $row['g_user'];
}
$smarty->assign("g_id", $g_id);
$smarty->assign("g_typ", $g_typ);
$smarty->assign("g_nazwan", $g_nazwan);
$smarty->assign("g_nazwa", $g_nazwa);
$smarty->assign("g_data", $g_data);
$smarty->assign("g_user", $g_user);
$Query = 'SELECT * FROM ' . $pre . 'temat WHERE t_g=' . $g_id . ' ORDER by t_dataz DESC';
$result = db_query($Query) or die(db_error());
while ($row = db_fetch($result)) {
    $gt_id[] = $row['t_id'];
    $gt_nazwan[] = namen($row['t_nazwa']);
    $gt_nazwa[] = $row['t_nazwa'];
    $gt_data[] = $row['t_data'];

예제 #19

0

파일 보기

파일: news.php 프로젝트: kardi31/ogl

            $smarty->assign("k_n", "1");
        }
    }
}
$kom_ile = 0;
$Query = 'SELECT * FROM ' . $pre . 'komentarze WHERE kom_idk="' . db_real_escape_string($_GET['id']) . '" AND kom_typ="n" ORDER by kom_id DESC';
$result = db_query($Query) or die(db_error());
while ($row = db_fetch($result)) {
    $kom_data[] = $row['kom_data'];
    $kom_nick[] = $row['kom_nick'];
    $kom_nickn[] = namen($row['kom_nick']);
    $kom_tresc[] = $row['kom_tresc'];
    $kom_idu[] = $row['kom_idu'];
    $kom_ile++;
}
$Query = "SELECT * FROM " . $pre . "news WHERE news_wys='1' AND news_id='" . db_real_escape_string($_GET['id']) . "' ORDER by news_id DESC";
$result = db_query($Query) or die(db_error());
while ($row = db_fetch($result)) {
    $news_tytul = $row['news_tytul'];
    $news_tytul_n = namen($row['news_tytul']);
    $news_tresc = $row['news_tresc'];
    $news_data = $row['news_data'];
    $news_autor = $row['news_user'];
    $news_autorn = namen($row['news_user']);
    $news_autorid = $row['news_userid'];
    $news_id = $row['news_id'];
    $ocena = $row['news_ocena'];
    $ileg = $row['news_ileg'];
    $wys = $row['news_wys'];
}
if ($wys == 1) {

예제 #20

0

파일 보기

파일: up_menu.php 프로젝트: kardi31/ogl

<?php

session_start();
include '../db_connect.php';
if ($_SESSION['logadm'] == "adm") {
    if ($_POST['nazwa'] != "") {
        $up = "UPDATE " . $pre . "menu SET menu_nazwa='" . $_POST['nazwa'] . "', menu_tresc='" . $_POST['tresc'] . "', menu_wys='" . $_POST['wys'] . "', menu_t='" . $_POST['tf'] . "' WHERE menu_id='" . db_real_escape_string($_GET['id']) . "'";
        db_query($up);
    } else {
        header('Location: index.php?page=menu&e=t');
        exit;
    }
}
header('Location: index.php?page=menu&e=2');

예제 #21

0

파일 보기

파일: ezu.php 프로젝트: kardi31/ogl

<?php

session_start();
include "../db_connect.php";
include "../include/ust.php";
if ($_SESSION['user_id'] >= 1) {
    $up = "UPDATE " . $pre . "foto SET fo_opis='" . htmlspecialchars($_POST['opis']) . "' WHERE fo_id='" . db_real_escape_string($_POST['id']) . "' and fo_user='******'user_id'] . "'";
    db_query($up);
}
header("Location: " . $ust['adres'] . "user/moje-zdjecia/");
exit;

예제 #22

0

파일 보기

파일: usun-konto.php 프로젝트: kardi31/ogl

         $del = "DELETE FROM " . $pre . "friend WHERE fo_id='" . $row['fo_id'] . "'";
         db_query($del);
     }
     $Query = 'SELECT * FROM ' . $pre . 'komentarze WHERE kom_idu="' . db_real_escape_string($user_id) . '"';
     $result = db_query($Query) or die(db_error());
     while ($row = db_fetch($result)) {
         $del = "DELETE FROM " . $pre . "komentarze WHERE kom_id='" . $row['kom_id'] . "'";
         db_query($del);
     }
     $Query = 'SELECT * FROM ' . $pre . 'pw WHERE pw_od="' . db_real_escape_string($user_id) . '" or pw_do="' . db_real_escape_string($user_id) . '"';
     $result = db_query($Query) or die(db_error());
     while ($row = db_fetch($result)) {
         $del = "DELETE FROM " . $pre . "pw WHERE pw_id='" . $row['pw_id'] . "'";
         db_query($del);
     }
     $Query = 'SELECT * FROM ' . $pre . 'foto WHERE fo_user="******"';
     $result = db_query($Query) or die(db_error());
     while ($row = db_fetch($result)) {
         @unlink("../upload/zdjecia/" . $row['fo_fm']);
         @unlink("../upload/zdjecia/" . $row['fo_fd']);
         $del = "DELETE FROM " . $pre . "foto WHERE fo_id='" . $row['fo_id'] . "'";
         db_query($del);
     }
     unset($_SESSION['logadm']);
     unset($_SESSION['user_nick']);
     unset($_SESSION['user_id']);
     unset($_SESSION['user_t']);
     setcookie("autologin", "", time() - 86400000);
     header("Location: " . $ust['adres'] . "user/usun-konto/2");
     exit;
 }

예제 #23

0

파일 보기

파일: user.php 프로젝트: kardi31/ogl

    }
    if ($_GET['v'] == "readm") {
        $del = "UPDATE " . $pre . "user SET user_t='1' WHERE user_id='" . db_real_escape_string($_GET['id']) . "'";
        db_query($del);
        echo '<div id="ukryj" ><div id="red" style="border-style:solid;border-width:thin;width:400px;height:30px;text-align:center;display:table-cell;vertical-align:middle;border-color:black;background-color:#fde1e1;"><center><b>' . $lang['200'] . '</b></center></div></div><br>';
    }
    if ($_GET['e'] == 1) {
        echo '<div id="ukryj" ><div id="green" style="border-style:solid;border-width:thin;width:400px;height:30px;text-align:center;display:table-cell;vertical-align:middle;border-color:black;background-color:#e9ffd3;"><center><b>' . $lang['201'] . '</b></center></div></div><br>';
    }
    if ($_GET['nh'] == 1) {
        echo '<div id="ukryj" ><div id="green" style="border-style:solid;border-width:thin;width:400px;height:30px;text-align:center;display:table-cell;vertical-align:middle;border-color:black;background-color:#e9ffd3;"><center><b>' . $lang['202'] . '</b></center></div></div><br>';
    }
    if ($_GET['nh'] == 2) {
        echo '<div id="ukryj" ><div id="green" style="border-style:solid;border-width:thin;width:400px;height:30px;text-align:center;display:table-cell;vertical-align:middle;border-color:black;background-color:#e9ffd3;"><center><b>' . $lang['203'] . '</b></center></div></div><br>';
    }
    $Query = 'SELECT * FROM ' . $pre . 'user WHERE user_id="' . db_real_escape_string($_GET['id']) . '" ';
    $result = db_query($Query) or die(db_error());
    while ($row = db_fetch($result)) {
        echo '
<table>
<tr>
<td  align="center">';
        if ($row['user_akt'] != "1") {
            echo '<a href="index.php?page=user&action=view&id=' . $row['user_id'] . '&strona=' . $_GET['strona'] . '&sort=' . $_GET['sort'] . '&q=' . $_GET['q'] . '&query=' . $_GET['query'] . '&v=akt&id=' . $row['user_id'] . '"><img src="style/images/ok16r.png" title="' . $lang['204'] . '"></a>';
        } else {
            echo '<a href="index.php?page=user&action=view&id=' . $row['user_id'] . '&strona=' . $_GET['strona'] . '&sort=' . $_GET['sort'] . '&q=' . $_GET['q'] . '&query=' . $_GET['query'] . '&v=dakt&id=' . $row['user_id'] . '"><img src="style/images/ok16.png" title="' . $lang['205'] . '"></a>';
        }
        echo '</td>

<td  align="center">';
        if ($row['user_t'] == "3") {

예제 #24

0

파일 보기

파일: menu.php 프로젝트: kardi31/ogl

</td>
</tr>
<div id="paneltresc">
<tr>
<td valign="top"><b>' . $lang['341'] . '</b></td>
<td><textarea name="tresc" style="width:300px;height:100px;" ></textarea></td>
</tr>
</div>
</table>
<input type="submit" value="' . $lang['342'] . '" name="addcat">
</form>

';
}
if ($_GET['action'] == "edit") {
    $Query = 'SELECT * FROM ' . $pre . 'menu WHERE menu_id="' . db_real_escape_string($_GET['id']) . '" limit 1';
    $result = db_query($Query) or die(db_error());
    while ($row = db_fetch($result)) {
        echo '
<center>
<form action="up_menu.php?id=' . $row['menu_id'] . '" method="POST" name="frmn" onSubmit="return sprn()">

<table>
<tr>
<td><b>' . $lang['334'] . '</b></td>
<td><input type="text" name="nazwa" style="width:250px;" value="' . $row['menu_nazwa'] . '"></td>
</tr>
<tr>
<td><b>' . $lang['335'] . '</b></td>
<td><input type="checkbox" name="wys" value="1" ';
        if ($row['menu_wys']) {

예제 #25

0

파일 보기

파일: page.php 프로젝트: kardi31/ogl

<?php

include "subheader.php";
$Query = "SELECT * FROM " . $pre . "strony WHERE strony_wys='1' AND strony_id='" . db_real_escape_string($_GET['id']) . "' ORDER by strony_id DESC";
$result = db_query($Query) or die(db_error());
while ($row = db_fetch($result)) {
    $page_nazwa = $row['strony_nazwa'];
    $page_id = $row['strony_id'];
    $page_nazwa_n = namen($row['strony_nazwa']);
    $page_tresc = $row['strony_tresc'];
    $wys = $row['strony_wys'];
}
if ($wys == 1) {
    $smarty->assign("page_nazwa", $page_nazwa);
    $smarty->assign("page_nazwa_n", $page_nazwa_n);
    $smarty->assign("page_tresc", $page_tresc);
    $smarty->assign("page_id", $page_id);
    $smarty->assign("title", $page_nazwa . ' - ' . $ust['nazwa']);
}
$smarty->display($ust['templates'] . '/page.tpl');

예제 #26

0

파일 보기

파일: subheader.php 프로젝트: kardi31/ogl

    }
    //-------------------------
    if ($_POST['upcatg']) {
        if ($_POST['nazwa'] != "") {
            include "include/add_cat_img.php";
            $fotm = @imggd($ust);
            if ($_POST['del'] == 1 and $fotm == "") {
                $up = "UPDATE " . $pre . "gift SET ga_img='', gi_nazwa='" . htmlspecialchars($_POST['nazwa']) . "', gi_money='" . htmlspecialchars($_POST['money']) . "', gi_cena='" . htmlspecialchars($_POST['cena']) . "' WHERE gi_id='" . db_real_escape_string($_GET['id']) . "'";
                db_query($up);
            } else {
                if ($fotm == "") {
                    $up = "UPDATE " . $pre . "gift SET gi_nazwa='" . htmlspecialchars($_POST['nazwa']) . "', gi_money='" . htmlspecialchars($_POST['money']) . "', gi_cena='" . htmlspecialchars($_POST['cena']) . "' WHERE gi_id='" . db_real_escape_string($_GET['id']) . "'";
                    db_query($up);
                } else {
                    if ($fotm != "") {
                        $up = "UPDATE " . $pre . "gift SET gi_img='" . $fotm . "', gi_nazwa='" . htmlspecialchars($_POST['nazwa']) . "', gi_money='" . htmlspecialchars($_POST['money']) . "', gi_cena='" . htmlspecialchars($_POST['cena']) . "' WHERE gi_id='" . db_real_escape_string($_GET['id']) . "'";
                        db_query($up);
                    }
                }
            }
            header("Location: " . $ust['adres'] . "admin/index.php?page=gift&e=2");
            exit;
        } else {
            header("Location: " . $ust['adres'] . "admin/index.php?page=galerie&e=t");
            exit;
        }
    }
}
//-------------------------
?>
<html>

예제 #27

0

파일 보기

파일: eav.class.php 프로젝트: ritthai/LMS

 protected static function delete_attrib($id, $attrib, $val = false)
 {
     Error::generate('debug', "delete_attrib({$id}, {$attrib}, {$val})");
     if (is_int($attrib)) {
         $attribid = $attrib;
     } else {
         $attribid = static::get_attrib_id($attrib);
     }
     $attribtype = static::get_attrib_type($attribid);
     $attribprops = static::get_attrib_props($attribid);
     switch ($attribtype) {
         case static::ATTRIB_TYPE_STRING:
             $datacol = 'stringdata';
             break;
         case static::ATTRIB_TYPE_INT:
             $datacol = 'intdata';
             break;
         default:
             Error::generate('debug', "Bad attribute type in store_attrib({$id}, {$attribstr}, {$val})");
             return false;
     }
     if ($val) {
         $val = db_real_escape_string($val);
         $valconstraint = "AND {$datacol}='{$val}'";
     } else {
         $valconstraint = '';
     }
     db_query("DELETE FROM %s_data WHERE attrib='%d' AND id='%d' {$valconstraint}", static::subGetClass(), $attribid, $id);
     if (db_affected_rows() >= 1) {
         static::$cache[$id][$attribid] = false;
         return true;
     } else {
         Error::generate('debug', 'could not delete attribute');
         return false;
     }
 }

예제 #28

0

파일 보기

파일: safe.php 프로젝트: kardi31/ogl

<?php

$tab_saf_z = array(");", "\$", "<?", "?>", ".'", "eval", "base64_decode", "base64_", '."', "`");
$tab_saf_na = array("", " \$ ", "", "", "'", "", "", "", ' " ', "");
if (isset($_POST)) {
    foreach ($_POST as $key => $value) {
        if (!is_array($_POST[$key])) {
            $_POST[$key] = is_array($key) ? $_POST[$key] : db_real_escape_string(str_replace($tab_saf_z, $tab_saf_na, $_POST[$key]));
        }
    }
}
if (isset($_GET)) {
    foreach ($_GET as $key => $value) {
        $_GET[$key] = is_array($key) ? $_GET[$key] : db_real_escape_string(str_replace($tab_saf_z, $tab_saf_na, $_GET[$key]));
    }
}

예제 #29

0

파일 보기

파일: u_zg.php 프로젝트: kardi31/ogl

session_start();
include "../db_connect.php";
include "../include/function.php";
if ($_SESSION['user_id'] >= 1) {
    if ($_COOKIE['lang'] != "" and isset($_COOKIE['lang']) and strlen($_COOKIE['lang']) <= 3) {
        $u_usr['lang'] = substr($_COOKIE['lang'], 0, 3);
    } else {
        $u_usr['lang'] = $ust['lang_d'];
    }
    include "../lang/" . $u_usr['lang'] . "/site.php";
}
if ($_SESSION['user_id'] >= 1) {
    $Query = 'SELECT * FROM ' . $pre . 'czlonkowie WHERE c_id="' . db_real_escape_string($_GET['id']) . '"';
    $result = db_query($Query) or die(db_error());
    while ($row = db_fetch($result)) {
        $g_user = $row['c_user'];
        $g_g = $row['c_g'];
    }
    $Query = 'SELECT * FROM ' . $pre . 'grupa WHERE g_id="' . $g_g . '" ORDER by g_nazwa ASC';
    $result = db_query($Query) or die(db_error());
    while ($row = db_fetch($result)) {
        $g_typ = $row['g_typ'];
        $g_id = $row['g_id'];
        $g_nazwa = $row['g_nazwa'];
    }
    $del = "UPDATE " . $pre . "czlonkowie SET c_akt='1' WHERE c_id='" . db_real_escape_string($_GET['id']) . "'";
    db_query($del);
    $in = "INSERT INTO " . $pre . "pw(`pw_tytul`, `pw_tresc`, `pw_od`, `pw_do`, `pw_data`, `pw_typ`)VALUES('" . $lang['598'] . " " . $g_nazwa . "','" . $lang['599'] . " " . $g_nazwa . "', '0', '" . $g_user . "', NOW(), '1')";
    db_query($in);
}
header("Location: " . $_SERVER['HTTP_REFERER'] . "");

예제 #30

0

파일 보기

파일: sync_controller.php 프로젝트: jan-munneke/emoncms3

function sync_controller()
{
    require "Models/feed_model.php";
    global $session, $action, $format;
    $output['content'] = "";
    $output['message'] = "";
    $url = urldecode($_GET['url']);
    $remotekey = db_real_escape_string(preg_replace('/[^.\\/A-Za-z0-9]/', '', $_GET['remotekey']));
    // Register a feed to be downloaded action
    // sync/feed?url=URL &remotekey=REMOTEKEY &id=FEEDID &name=FEEDNAME
    if ($action == "feed" && $session['write']) {
        $id = intval($_GET['id']);
        $name = preg_replace('/[^\\w\\s-.]/', '', $_GET["name"]);
        $localfeedid = get_feed_id($session['userid'], $name);
        if (!$localfeedid) {
            $localfeedid = create_feed($session['userid'], $name, 1, 0);
        }
        // Make sure feed is not already in que
        $result = db_query("SELECT * FROM importqueue WHERE baseurl='{$url}' AND apikey='{$remotekey}' AND feedid='{$id}' AND localfeedid='{$localfeedid}'");
        if (!db_fetch_array($result)) {
            db_query("INSERT INTO importqueue (`baseurl`,`apikey`,`feedid`,`localfeedid`) VALUES ('{$url}','{$remotekey}','{$id}','{$localfeedid}')");
        }
    }
    // SYNC Page display
    if ($session['write']) {
        $settingsarray = get_user_settingsarray($session['userid']);
        if (!$url || !$remotekey) {
            $url = $settingsarray->remoteurl;
            $remotekey = $settingsarray->remotekey;
        }
        if ($url && $remotekey) {
            $settingsarray->remoteurl = $url;
            $settingsarray->remotekey = $remotekey;
            set_user_settingsarray($session['userid'], $settingsarray);
            // Request feed list
            $fh = @fopen($url . "/feed/list.json?apikey=" . $remotekey, 'r');
            // Read reply
            $data = "";
            while (($buffer = fgets($fh)) !== false) {
                $data .= $buffer;
            }
            // Convert into feedlist array
            $remote_feeds = json_decode($data);
            fclose($fh);
            /*
                  
                  This section gets import queue location of the feeds
            */
            // Get id position of first feed in line
            $result = db_query("SELECT * FROM importqueue ORDER BY `queid` Asc LIMIT 1");
            $row = db_fetch_array($result);
            $first_in_line = $row['queid'];
            // For each feed check that the feed exists in the import que and calculate its position
            for ($i = 0; $i < count($remote_feeds); $i++) {
                $id = $remote_feeds[$i][0];
                $localfeedid = get_feed_id($session['userid'], $remote_feeds[$i][1]);
                $result = db_query("SELECT * FROM importqueue WHERE baseurl='{$url}' AND apikey='{$remotekey}' AND feedid='{$id}' AND localfeedid='{$localfeedid}'");
                if ($row = db_fetch_array($result)) {
                    $remote_feeds[$i]['inque'] = "Queue position: " . ($row['queid'] - $first_in_line);
                }
                if ($localfeedid) {
                    $localfeedname = "feed_" . trim($localfeedid) . "";
                    $localfeedtime_result = db_query("SELECT * FROM {$localfeedname} ORDER BY time Desc LIMIT 1");
                    $localfeedtime_row = db_fetch_array($localfeedtime_result);
                    $time_diff = ($remote_feeds[$i][3] / 1000 - $localfeedtime_row[0]) / 3600;
                    $remote_feeds[$i]['synctime'] = intval($time_diff) . " hours";
                    if ($time_diff > 48) {
                        $remote_feeds[$i]['synctime'] = intval($time_diff / 24) . " days";
                    }
                    if ($time_diff > 24 * 365) {
                        $remote_feeds[$i]['synctime'] = intval($time_diff / (24 * 365)) . " years";
                    }
                } else {
                    $remote_feeds[$i]['synctime'] = "no local feed";
                }
            }
        }
        $output['content'] = view("sync_view.php", array('url' => $url, 'remotekey' => $remotekey, 'feeds' => $remote_feeds));
    }
    return $output;
}

PHP db_real_escape_string 예제들