Exemplos de código com checkstring em PHP

Exemplo n.º 1

0

Exibir arquivo

Arquivo: moderate.php Projeto: koeznailbiter/Koez-RO-CP

 if ($POST_code == '03' && checkprivilege_action($CP[login_id], g_edit_topics)) {
     echo "\n<form action=\"index.php?act=mod\" method=\"post\" enctype=\"multipart/form-data\" name=\"Edit_Topic_Form\" OnSubmit=\"return CheckEdittopic()\">\n<input type=\"hidden\" name=\"code\" value=\"05\">\n<input type=\"hidden\" name=\"t\" value=\"{$POST_t}\">\n\t<TABLE width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" align=\"center\" class=\"topic_title\">\n\t\t<TBODY>\n\t\t\t<TR>\n\t\t\t\t<TD class=\"title_bar\" height=\"29\">\n\t\t\t\t\t<a class=\"m_title\">&nbsp;&nbsp;Editing Topic: {$topic_name}</a>\n\t\t\t\t</TD>\n\t\t\t</TR>\n\t\t\t<TR>\n\t\t\t\t<TD>\n\t\t\t\t\t<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"5\" align=\"center\">\n\t\t\t\t\t\t<TBODY>\n\t\t\t\t\t\t\t<TR class=\"topic_title5\">\n\t\t\t\t\t\t\t\t<TD width=\"100%\" colspan=\"2\" height=\"27\">\n\t\t\t\t\t\t\t\t\t<div class=\"title_face\">\n\t\t\t\t\t\t\t\t\t\tEditing Topic Details\n\t\t\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t</TR>\n\t\t\t\t\t\t\t<TR class=\"topic_title6\">\n\t\t\t\t\t\t\t\t<TD width=\"30%\">\n\t\t\t\t\t\t\t\t\t<div class=\"title_face4\">\n\t\t\t\t\t\t\t\t\t\t<B>Topic Title</B>\n\t\t\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t<TD width=\"70%\">\n\t\t\t\t\t\t\t\t\t<input name=\"t_title\" type=\"text\" size=\"40\" maxlength=\"50\" class=\"textinput\" value=\"{$topic_name}\">\n\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t</TR>\n\t\t\t\t\t\t\t<TR class=\"topic_title6\">\n\t\t\t\t\t\t\t\t<TD width=\"30%\">\n\t\t\t\t\t\t\t\t\t<div class=\"title_face4\">\n\t\t\t\t\t\t\t\t\t\t<B>Topic Description</B>\n\t\t\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t<TD width=\"70%\">\n\t\t\t\t\t\t\t\t\t<input name=\"t_desc\" type=\"text\" size=\"40\" maxlength=\"40\" class=\"textinput\" value=\"{$topic_description}\">\n\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t</TR>\n\t\t\t\t\t\t\t<TR class=\"topic_title5\">\n\t\t\t\t\t\t\t\t<TD width=\"100%\" colspan=\"2\" align=\"center\">\n\t\t\t\t\t\t\t\t\t<input type=\"submit\" name=\"Submit\" value=\"Edit�this�topic\" class=\"textinput\">\n\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t</TR>\n\t\t\t\t\t\t</TBODY>\n\t\t\t\t\t</TABLE>\n\t\t\t\t</TD>\n\t\t\t</TR>\n\t\t</TBODY>\n\t</TABLE>\n</form>\n";
 }
 if ($POST_code == '04' && checkprivilege_action($CP[login_id], g_pinned_topics)) {
     if ($POST_topic_pin == '1') {
         $sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.board_topic set pinned_mode='0' WHERE topic_id=\"" . mysql_res($POST_t) . "\"", 'moderate.php');
         $sql->total_query++;
     } else {
         $sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.board_topic set pinned_mode=\"1\" WHERE topic_id=\"" . mysql_res($POST_t) . "\"", 'moderate.php');
         $sql->total_query++;
     }
     header_location("index.php?showtopic={$POST_t}");
 }
 if ($POST_code == '05' && checkprivilege_action($CP[login_id], g_edit_topics)) {
     $POST_t_title = checkstring($POST_t_title, 1);
     $POST_t_desc = checkstring($POST_t_desc, 1);
     $sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.board_topic set topic_name = \"" . $POST_t_title . "\",topic_description = \"" . $POST_t_desc . "\" WHERE topic_id=\"" . mysql_res($POST_t) . "\" ", 'moderate.php');
     $sql->total_query++;
     header_location("index.php?showtopic={$POST_t}");
 }
 if ($POST_code == '06' && checkprivilege_action($CP[login_id], g_delete_topics)) {
     $query = "SELECT forum_id FROM {$CONFIG_sql_cpdbname}.board_topic WHERE topic_id =\"" . mysql_res($POST_t) . "\"";
     $sql->result = $sql->execute_query($query, 'moderate.php');
     $row = $sql->fetch_row();
     $sql->execute_query("DELETE FROM {$CONFIG_sql_cpdbname}.board_reply WHERE topic_id =\"" . mysql_res($POST_t) . "\" ", 'moderate.php');
     $sql->execute_query("DELETE FROM {$CONFIG_sql_cpdbname}.board_topic WHERE topic_id =\"" . mysql_res($POST_t) . "\" ", 'moderate.php');
     $sql->execute_query("DELETE FROM {$CONFIG_sql_cpdbname}.poll WHERE topic_id =\"" . mysql_res($POST_t) . "\" ", 'moderate.php');
     $sql->execute_query("DELETE FROM {$CONFIG_sql_cpdbname}.poll_vote WHERE topic_id =\"" . mysql_res($POST_t) . "\" ", 'moderate.php');
     $sql->execute_query("DELETE FROM {$CONFIG_sql_cpdbname}.voters WHERE topic_id =\"" . mysql_res($POST_t) . "\" ", 'moderate.php');
     header_location("index.php?showforum={$row['forum_id']}");
 }

Exemplo n.º 2

0

Exibir arquivo

Arquivo: change_profile.php Projeto: koeznailbiter/Koez-RO-CP

 } else {
     if ($GET_code == '06') {
         $query = "SELECT COUNT(*) FROM {$CONFIG_sql_cpdbname}.user_profile WHERE user_id = \"" . $CP['login_id'] . "\"";
         $sql->result = $sql->execute_query($query, 'change_profile.php');
         $sql->total_query++;
         if (!$sql->result()) {
             $display = "{$lang['change_wrong_time_offset']}";
         } else {
             $sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.user_profile SET user_time_offset = \"" . mysql_res($POST_u_timezone) . "\" WHERE user_id = \"" . $CP['login_id'] . "\" ", 'change_profile.php');
             $sql->total_query++;
             $display = "{$lang['change_right_time_offset']}";
         }
     } else {
         if ($GET_code == '07' && length($POST_display_name, 4, 24)) {
             $POST_password = mysql_res(checkmd5($CONFIG_md5_support, $POST_password));
             $POST_display_name = checkstring($POST_display_name, 1);
             $query = "SELECT userid FROM {$CONFIG_sql_dbname}.login WHERE account_id = \"" . $CP['login_id'] . "\" AND user_pass = \"" . $POST_password . "\"";
             $sql->result = $sql->execute_query($query, 'change_profile.php');
             $sql->total_query++;
             $row = $sql->fetch_row();
             if (!$sql->count_rows()) {
                 $display = "{$lang['change_wrong_display_name']}";
             } else {
                 $query = "SELECT COUNT(*) FROM {$CONFIG_sql_cpdbname}.user_profile WHERE display_name = \"" . mysql_res($POST_display_name) . "\"";
                 $sql->result = $sql->execute_query($query, 'change_profile.php');
                 $sql->total_query++;
                 $count1 = $sql->result();
                 $query = "SELECT COUNT(*) FROM {$CONFIG_sql_dbname}.login WHERE userid = \"" . $POST_display_name . "\" AND userid != \"" . $row["userid"] . "\"";
                 $sql->result = $sql->execute_query($query, 'change_profile.php');
                 $sql->total_query++;
                 $count2 = $sql->result();

Exemplo n.º 3

0

Exibir arquivo

Arquivo: mescontrol.php Projeto: koeznailbiter/Koez-RO-CP

        if ($GET_code == 02) {
            $query = "SELECT COUNT(*) FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object=\"ro_message\"";
            $sql->result = $sql->execute_query($query, 'mescontrol.php');
            $sql->total_query++;
            $POST_t_mes = checkstring($POST_t_mes, 1);
            if ($sql->result()) {
                $sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.memory SET memory_value1=\"" . $CP['login_name'] . "\", memory_value2=\"" . $CP['time'] . "\", memory_value3=\"" . $POST_t_mes . "\" WHERE memory_object=\"ro_message\"", 'mescontrol.php', 0);
            } else {
                $sql->execute_query("INSERT INTO {$CONFIG_sql_cpdbname}.memory (memory_object,memory_value1,memory_value2,memory_value3) VALUES (\"ro_message\",\"" . $CP['login_name'] . "\",\"" . $CP['time'] . "\",\"" . $POST_t_mes . "\")", 'mescontrol.php', 0);
            }
            header_location("index.php?act=mesctrl&code=00");
        } else {
            if ($GET_code == 03) {
                $query = "SELECT COUNT(*) FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object=\"server_info\"";
                $sql->result = $sql->execute_query($query, 'mescontrol.php');
                $sql->total_query++;
                $POST_t_mes = checkstring($POST_t_mes, 1);
                if ($sql->result()) {
                    $sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.memory SET memory_value3=\"" . $POST_t_mes . "\" WHERE memory_object=\"server_info\"", 'mescontrol.php', 0);
                } else {
                    $sql->execute_query("INSERT INTO {$CONFIG_sql_cpdbname}.memory (memory_object,memory_value3) VALUES (\"server_info\",\"" . $POST_t_mes . "\")", 'mescontrol.php', 0);
                }
                header_location("index.php?act=mesctrl&code=01");
            } else {
                redir("index.php?act=idx", "{$lang['Error']}", 3);
            }
        }
    }
} else {
    redir("index.php?act=idx", "{$lang['No_privilege']}", 3);
}

Exemplo n.º 4

0

Exibir arquivo

Arquivo: privilege_action.php Projeto: koeznailbiter/Koez-RO-CP

                 $display = "{$lang['Success_deleteprivilege']}";
             } else {
                 $display = "{$lang['No_aclv']}";
             }
         } else {
             $display = "CP can not delete this group";
         }
         redir("index.php?act=privilege&code=03", $display, 3);
     } else {
         $display = "{$lang['No_privilege']}";
         redir("index.php?act=privilege", $display, 3);
     }
 } else {
     if ($GET_code == 04 && $POST_g_1) {
         if (checkprivilege_action($CP[login_id], g_add_privilege)) {
             $POST_g_1 = checkstring($POST_g_1, 1);
             $POST_g_2 = truestr($POST_g_2);
             $POST_g_3 = truestr($POST_g_3);
             for ($i = 2; $i <= MAX_GROUP_PRIVILEGE; $i++) {
                 $g_name = "POST_g_" . $i . "";
                 ${$g_name} = mysql_res(${$g_name});
             }
             $sql->execute_query("INSERT INTO {$CONFIG_sql_cpdbname}.groups VALUES ('',\n\t\"{$POST_g_1}\",\n\t\"{$POST_g_2}\",\n\t\"{$POST_g_3}\",\n\t\"{$POST_g_4}\",\n\t\"{$POST_g_5}\",\n\t\"{$POST_g_6}\",\n\t\"{$POST_g_7}\",\n\t\"{$POST_g_8}\",\n\t\"{$POST_g_9}\",\n\t\"{$POST_g_10}\",\n\t\"{$POST_g_11}\",\n\t\"{$POST_g_12}\",\n\t\"{$POST_g_13}\",\n\t\"{$POST_g_14}\",\n\t\"{$POST_g_15}\",\n\t\"{$POST_g_16}\",\n\t\"{$POST_g_17}\",\n\t\"{$POST_g_18}\",\n\t\"{$POST_g_19}\",\n\t\"{$POST_g_20}\",\n\t\"{$POST_g_21}\",\n\t\"{$POST_g_22}\",\n\t\"{$POST_g_23}\",\n\t\"{$POST_g_24}\",\n\t\"{$POST_g_25}\",\n\t\"{$POST_g_26}\",\n\t\"{$POST_g_27}\",\n\t\"{$POST_g_28}\",\n\t\"{$POST_g_29}\",\n\t\"{$POST_g_30}\",\n\t\"{$POST_g_31}\",\n\t\"{$POST_g_32}\",\n\t\"{$POST_g_33}\",\n\t\"{$POST_g_34}\",\n\t\"{$POST_g_35}\",\n\t\"{$POST_g_36}\",\n\t\"{$POST_g_37}\",\n\t\"{$POST_g_38}\")", 'privilege_action.php');
             $sql->total_query++;
             $display = "{$lang['Success_addprivilege']}";
             redir("index.php?act=privilege&code=03", $display, 3);
         } else {
             $display = "{$lang['No_privilege']}";
             redir("index.php?act=privilege", $display, 3);
         }
     } else {

Exemplo n.º 5

0

Exibir arquivo

Arquivo: forum_manage.php Projeto: koeznailbiter/Koez-RO-CP

             $forum_perm .= "[/g" . $g_id . "]";
         }
         $sql->execute_query("INSERT INTO {$CONFIG_sql_cpdbname}.forum (category_id,forum_title,forum_description,forum_perm) VALUES (\"" . mysql_res($POST_c) . "\",\"" . $POST_forum_name . "\",\"" . $POST_forum_description . "\",\"" . $forum_perm . "\")", 'forum_manage.php');
     }
     break;
 case editcategory:
     if (length($POST_category_name, 1, 50)) {
         $POST_category_name = checkstring($POST_category_name, 1);
         $sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.memory SET memory_value3=\"" . $POST_category_name . "\" WHERE memory_object=\"forum_category\" AND memory_value1=\"" . mysql_res($POST_c) . "\"");
         $sql->total_query++;
     }
     break;
 case editforum:
     if (length($POST_forum_name, 1, 50) && length($POST_forum_description, 0, 100)) {
         $POST_forum_name = checkstring($POST_forum_name, 1);
         $POST_forum_description = checkstring($POST_forum_description, 1);
         $query = "SELECT g_id, g_title FROM {$CONFIG_sql_cpdbname}.groups ORDER by g_id";
         $sql->result = $sql->execute_query($query, 'forum_manage.php');
         while ($grow = $sql->fetch_row()) {
             $g_id = $grow[0];
             $forum_perm .= "[g" . $g_id . "]";
             if ($_POST["show_forum_" . $g_id . ""]) {
                 $forum_perm .= ":show_perm:";
             }
             if ($_POST["read_topics_" . $g_id . ""]) {
                 $forum_perm .= ":read_perm:";
             }
             if ($_POST["reply_topics_" . $g_id . ""]) {
                 $forum_perm .= ":reply_perm:";
             }
             if ($_POST["start_topics_" . $g_id . ""]) {

Exemplo n.º 6

0

Exibir arquivo

Arquivo: account_manage.php Projeto: koeznailbiter/Koez-RO-CP

         break;
     case account_id:
         $searchby_selected[1] = 'selected';
         break;
     case email:
         $searchby_selected[2] = 'selected';
         break;
     case last_ip:
         $searchby_selected[3] = 'selected';
         break;
     case state:
         $searchby_selected[4] = 'selected';
         break;
 }
 opmain_body("Searching Option");
 echo "<TABLE width=\"100%\" cellspacing=\"5\" cellpadding=\"0\" align=\"center\" class=\"topic_title6\">\n\t<form name=\"Searching_Option\" method=\"post\" enctype=\"multipart/form-data\" OnSubmit=\"return CheckSearch('view_account');\">\n\t<TBODY>\n\t\t<TR>\n\t\t\t<TD width=\"10%\">\n\t\t\t\t<select name=\"searchby\" class=\"textinput\">\n\t\t\t\t\t<option value=\"userid\"" . $searchby_selected[0] . ">User ID</option>\n\t\t\t\t\t<option value=\"account_id\"" . $searchby_selected[1] . ">Account ID</option>\n\t\t\t\t\t<option value=\"email\"" . $searchby_selected[2] . ">Email</option>\n\t\t\t\t\t<option value=\"last_ip\"" . $searchby_selected[3] . ">Last IP</option>\n\t\t\t\t\t<option value=\"state\"" . $searchby_selected[4] . ">State</option>\n\t\t\t\t</select>\n\t\t\t</TD>\n\t\t\t<TD width=\"90%\">\n\t\t\t\t<input type=\"text\" name=\"search_value\" value=\"" . checkstring($GET_search_value) . "\" size=\"20\" class=\"textinput\">\n\t\t\t\t<select name=\"ctype\" class=\"textinput\">\n\t\t\t\t\t<option value=\"anyword\"" . $s_anyword . ">Any words</option>\n\t\t\t\t\t<option value=\"allword\"" . $s_allword . ">All words</option>\n\t\t\t\t</select>\n\t\t\t\t<input type=\"submit\" name=\"Submit\" value=\"Search\" class=\"textinput\">\n\t\t\t</TD>\n\t\t</TR>\n\t</TBODY>\n\t</form>\n</TABLE>\n";
 clmain_body();
 $search_value = mysql_res($GET_search_value);
 if ($GET_ctype == 'allword') {
     $s_allword = ' selected';
     $search_ctype = "= \"{$search_value}\"";
 } else {
     $GET_ctype = 'anyword';
     $s_anyword = ' selected';
     $search_ctype = "LIKE \"%" . $search_value . "%\"";
 }
 if (!isset($GET_st)) {
     $GET_st = 0;
 }
 $GET_st = (int) $GET_st;
 $page = get_page($GET_st, $CONFIG_AM_per_page);

Exemplo n.º 7

0

Exibir arquivo

Arquivo: rank_title.php Projeto: koeznailbiter/Koez-RO-CP

         } else {
             redir("index.php?act=idx", "{$lang['Error']}", 3);
         }
     }
 } else {
     if ($GET_code == 03) {
         $GET_id = (int) $GET_id;
         $POST_min_post = (int) $POST_min_post;
         if (empty($GET_id)) {
             redir("index.php?act=idx", "{$lang['Error']}", 3);
         } else {
             $query = "SELECT COUNT(*) FROM {$CONFIG_sql_cpdbname}.rank_title WHERE title_id = \"" . mysql_res($GET_id) . "\"";
             $sql->result = $sql->execute_query($query, 'rank_title.php');
             $sql->total_query++;
             if ($sql->result()) {
                 $POST_title = checkstring($POST_title, 1);
                 $sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.rank_title SET title=\"" . $POST_title . "\",min_post=\"" . mysql_res($POST_min_post) . "\" WHERE title_id=\"" . mysql_res($GET_id) . "\"", 'rank_title.php', 0);
                 header_location("index.php?act=rank_title");
             } else {
                 redir("index.php?act=idx", "{$lang['Error']}", 3);
             }
         }
     } else {
         if ($GET_code == 04) {
             $GET_id = (int) $GET_id;
             if (empty($GET_id)) {
                 redir("index.php?act=idx", "{$lang['Error']}", 3);
             } else {
                 $query = "SELECT COUNT(*) FROM {$CONFIG_sql_cpdbname}.rank_title WHERE title_id = \"" . mysql_res($GET_id) . "\"";
                 $sql->result = $sql->execute_query($query, 'rank_title.php');
                 $sql->total_query++;

Exemplo n.º 8

0

Exibir arquivo

Arquivo: bugreport.php Projeto: koeznailbiter/Koez-RO-CP

     redir("index.php?act=bugreport", "{$display}", 3);
 } else {
     if ($GET_code == 04) {
         if (!$GET_post_id || !checkprivilege_action($CP[login_id], g_edit_news) || !length($POST_poster, 4, 24) || !length($POST_report, 5, 512)) {
             $display = "{$lang['Error']}";
         } else {
             if (!checkprivilege_action($CP[login_id], g_non_showip)) {
                 $ip = $CP['ip_address'];
             } else {
                 $ip = '---------------';
             }
             if (!$CP[login_sex]) {
                 $CP[login_sex] = 'M';
             }
             $POST_poster = checkstring($POST_poster, 1);
             $POST_report = checkstring($POST_report, 1);
             $query = "SELECT COUNT(*) FROM {$CONFIG_sql_cpdbname}.bugreport WHERE post_id = \"" . mysql_res($GET_post_id) . "\" LIMIT 0,1";
             $sql->result = $sql->execute_query($query, 'bugreport.php');
             $sql->total_query++;
             if (!$sql->result()) {
                 $display = "{$lang['Error']}";
             } else {
                 $sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.bugreport SET report = \"{$POST_report}\", poster = \"" . $CP['login_name'] . "\", sex = \"" . $CP['login_sex'] . "\", ip = \"" . $ip . "\", date = \"" . $CP[time] . "\" WHERE post_id = \"" . mysql_res($GET_post_id) . "\" ;", 'bugreport.php');
                 $sql->total_query++;
                 $display = "{$lang['Success_editnews']}";
             }
         }
         redir("index.php?act=bugreport", "{$display}", 3);
     } else {
         header("location:index.php?act=bugreport");
     }

Exemplo n.º 9

0

Exibir arquivo

Arquivo: player_rank.php Projeto: koeznailbiter/Koez-RO-CP

if (!$SERVER['system_safe']) {
    exit;
}
if ($STORED_loginname && $STORED_loginpass && !empty($player_rank_menu)) {
    opmain_body("Searching Option");
    $charname = checkstring($GET_charname);
    $GET_rows = (int) $GET_rows;
    if ($GET_ctype == 'allword') {
        $s_allword = ' selected';
        $search_ctype = "= \"" . mysql_res($charname) . "\"";
    } else {
        $GET_ctype = 'anyword';
        $s_anyword = ' selected';
        $search_ctype = "LIKE \"%" . mysql_res($charname) . "%\"";
    }
    echo "\n<TABLE width=\"100%\" cellspacing=\"5\" cellpadding=\"0\" align=\"center\" class=\"topic_title6\">\n\t<TBODY>\n\t\t<form name=\"Ranking_Sort\">\n\t\t<TR>\n\t\t\t<TD width=\"30%\">Character name:</TD>\n\t\t\t<TD width=\"70%\">\n\t\t\t\t<input type=\"text\" name=\"charname\" value=\"" . checkstring($GET_charname) . "\" size=\"20\" class=\"textinput\">\n\t\t\t\t<select name=\"ctype\" class=\"textinput\">\n\t\t\t\t\t<option value=\"anyword\"" . $s_anyword . ">Any words</option>\n\t\t\t\t\t<option value=\"allword\"" . $s_allword . ">All words</option>\n\t\t\t\t</select>\n\t\t\t</TD>\n\t\t</TR>\n\t\t<TR>\n\t\t\t<TD>Sort by class:</TD>\n\t\t\t<TD>\n\t\t\t\t<select name=\"job\" class=\"textinput\">\n";
    if ($GET_job >= '0' && $GET_job <= '25' || $GET_job >= '4001' && $GET_job <= '4049' || $GET_job >= '4054' && $GET_job <= '4087' || $GET_job >= '4096' && $GET_job <= '4112' || $GET_job == '4190' && $GET_job == '4191' || $GET_job == '4211' && $GET_job == '4212' && $GET_job != 'all') {
        $select = '';
    } else {
        $GET_job = 'all';
        $select = ' selected';
    }
    echo "\t\t\t\t\t<option value=\"all\"" . $select . ">All Class</option>\n";
    for ($j = 0; $j <= 4212; $j++) {
        if ($GET_job == $j && $GET_job != 'all') {
            $select = ' selected';
        } else {
            $select = '';
        }
        echo "\t\t\t\t\t<option value=\"{$j}\"" . $select . ">{$jobname[$j]}</option>\n";
        if ($j == 25) {

Exemplo n.º 10

0

Exibir arquivo

Arquivo: lib_ajax.php Projeto: koeznailbiter/Koez-RO-CP

function get_save_quick_edit($val, $reply_id)
{
    header("Content-type: text/xml;charset=windows-874");
    global $CONFIG_sql_cpdbname, $STORED, $SERVER, $CONFIG_max_post_length, $CP;
    $reply_id = (int) $reply_id;
    $val = iconv("UTF-8", "windows-874", $val);
    $val = str_replace("symbol_and", "&", $val);
    $val = str_replace("symbol_plus", "+", $val);
    $form_id = "quick_edit_form_" . $reply_id . "";
    $sql = new MySQL();
    $query = "SELECT reply_id,reply_message,reply_edit_date,reply_edit_name FROM {$CONFIG_sql_cpdbname}.board_reply WHERE reply_id =\"" . mysql_res($reply_id) . "\"";
    $sql->result = $sql->execute_query($query, 'lib_ajax.php');
    $row = $sql->fetch_row();
    $IS_EDIT_POST = checkprivilege_action($CP[login_id], g_edit_posts) ? 1 : 0;
    if (!empty($CP[login_id]) && ($CP[login_id] == $row[reply_user_id] || $IS_EDIT_POST) && length($val, 3, $CONFIG_max_post_length)) {
        $val = checkstring($val, 1);
        $sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.board_reply SET reply_message = \"" . $val . "\", reply_ip=\"" . $CP['ip_address'] . "\",reply_edit_name=\"" . $CP['login_name'] . "\",reply_edit_date=\"" . $CP['time'] . "\" WHERE reply_id = \"" . mysql_res($row['reply_id']) . "\"", 'lib_ajax.php');
        $query = "SELECT reply_message,reply_edit_date,reply_edit_name FROM {$CONFIG_sql_cpdbname}.board_reply WHERE reply_id =\"" . mysql_res($row['reply_id']) . "\"";
        $sql->result = $sql->execute_query($query, 'lib_ajax.php');
        $row = $sql->fetch_row();
        $reply_message = replace_text($row[reply_message], $img_num);
        $reply_edit_date = get_date("M j y, H:i:s A", $row[reply_edit_date]);
        echo "<div class=\"poststyle\">{$reply_message}</div>\n<br /><br /><span class=\"edit\">This post has been edited by <B>{$row['reply_edit_name']}</B> on {$reply_edit_date}</span>\n";
    } else {
        $reply_message = replace_text($row[reply_message]);
        echo "<div class=\"poststyle\">{$reply_message}</div>";
        if (!empty($row[reply_edit_name])) {
            $reply_edit_date = get_date("M j y, H:i:s A", $row[reply_edit_date]);
            echo "<br /><br /><span class=\"edit\">This post has been edited by <B>{$row['reply_edit_name']}</B> on {$reply_edit_date}</span>";
        }
    }
}

Exemplos de checkstring em PHP