function add_user($data_user, $list_profil = '') { global $l; if (isset($data_user['PASSWORD'])) { $password = $data_user['PASSWORD']; } $data_user = strip_tags_array($data_user); if (trim($data_user['ID']) == "") { $ERROR = $l->g(997); } if (is_array($list_profil)) { if (!array_key_exists($data_user['ACCESSLVL'], $list_profil)) { $ERROR = $l->g(998); } } if (!isset($ERROR)) { $sql = "select id from operators where id= '%s'"; $arg = $data_user['ID']; $res = mysql2_query_secure($sql, $_SESSION['OCS']["readServer"], $arg); $row = mysqli_fetch_object($res); if (isset($row->id)) { if ($data_user['MODIF'] != $row->id) { return $l->g(999); } else { $sql_update = "update operators \n\t\t\t\t\t\t\t\tset firstname = '%s',\n\t\t\t\t\t\t\t\t\tlastname='%s',\n\t\t\t\t\t\t\t\t\tnew_accesslvl='%s',\n\t\t\t\t\t\t\t\t\temail='%s',\n\t\t\t\t\t\t\t\t\tcomments='%s',\n\t\t\t\t\t\t\t\t\tuser_group='%s'"; $arg_update = array($data_user['FIRSTNAME'], $data_user['LASTNAME'], $data_user['ACCESSLVL'], $data_user['EMAIL'], $data_user['COMMENTS'], $data_user['USER_GROUP']); if (isset($data_user['PASSWORD']) and $data_user['PASSWORD'] != '') { $sql_update .= ",passwd ='%s' , password_version ='%s' "; $arg_update[] = password_hash($password, constant($_SESSION['OCS']['PASSWORD_ENCRYPTION'])); $arg_update[] = $_SESSION['OCS']['PASSWORD_VERSION']; } $sql_update .= "\t where ID='%s'"; $arg_update[] = $row->id; mysql2_query_secure($sql_update, $_SESSION['OCS']["writeServer"], $arg_update); return $l->g(374); } } else { $sql = " insert into operators (id,firstname,lastname,new_accesslvl,email,comments,user_group"; if (isset($password)) { $sql .= ",passwd"; $sql .= ",password_version"; } $sql .= ") value ('%s','%s','%s','%s','%s','%s','%s'"; $arg = array($data_user['ID'], $data_user['FIRSTNAME'], $data_user['LASTNAME'], $data_user['ACCESSLVL'], $data_user['EMAIL'], $data_user['COMMENTS'], $data_user['USER_GROUP']); if (isset($password)) { $sql .= ",'%s','%s'"; $arg[] = password_hash($password, constant($_SESSION['OCS']['PASSWORD_ENCRYPTION'])); $arg[] = $_SESSION['OCS']['PASSWORD_VERSION']; } $sql .= ")"; mysql2_query_secure($sql, $_SESSION['OCS']["writeServer"], $arg); return $l->g(373); } } else { return $ERROR; } }
function testStripTagsArray() { $testArray = array("jason<pell>", array("Jason S<thingtag> </tag again>", "Something else no tags")); $new_array = strip_tags_array($testArray); $this->assertEquals(2, count($new_array)); $this->assertEquals(2, count($new_array[1])); $this->assertEquals("jason", $new_array[0]); $this->assertEquals("Jason S ", $new_array[1][0]); $this->assertEquals("Something else no tags", $new_array[1][1]); }
function find_lbl($id) { global $l; if (substr($id, 0, 2) == 'g(') { $lbl = ucfirst($l->g(substr(substr($id, 2), 0, -1))); } else { $lbl = $id; } return strip_tags_array($lbl); }
function strip_tags_array($params) { $rs = array(); while (list($key, $val) = @each($params)) { if (is_array($val)) { $rs[$key] = strip_tags_array($val); } else { $rs[$key] = strip_tags($val); } } return $rs; }
function print_r_V2($array) { $array = strip_tags_array($array); print "<table border='1'>"; if (is_array($array)) { foreach ($array as $key => $val) { print "<tr><td><font size=2>" . $key . "</td><td><font size=2>"; if (is_array($array[$key])) { print_r_V2($array[$key]); print "</td></tr>"; } else { print $val . "</td></tr>"; } } print "</table>"; } else { print_r($array); } }
function bandeau($data, $lbl, $link = array()) { global $protectedGet, $pages_refs; if (!is_array($link)) { $link = array(); } $data = data_encode_utf8($data); $nb_col = 2; echo "<table ALIGN = 'Center' class='mlt_bordure' border=0 width:100%><tr><td align =center>"; echo "\t\t<table align=center border='0' width='100%' ><tr>"; $i = 0; foreach ($data as $name => $value) { if (trim($value) != '') { if ($i == $nb_col) { echo "</tr><tr>"; $i = 0; } if (!array_key_exists($name, $link)) { //$value=htmlentities($value,ENT_COMPAT,'UTF-8'); $value = strip_tags_array($value); } if ($name == "IPADDR") { $value = preg_replace('/([x0-9])\\//', '$1 / ', $value); } echo "<td> <b>" . $lbl[$name] . ": </b></td><td >" . $value . "</td>"; $i++; } } echo "</tr></table></td>"; echo "</tr></table>"; }
// OpenDb will not work with this on!!! if (get_magic_quotes_runtime()) { set_magic_quotes_runtime(false); } // Only if $PHP_SELF is not already defined. if (!isset($PHP_SELF)) { // get_http_env is a OpenDb function! $PHP_SELF = get_http_env('PHP_SELF'); } // We want all the HTTP variables into the $HTTP_VARS array, so // we can reference everything from the one place. // any upload files will be in new post php 4.1 $_FILES array if (!empty($_GET)) { // fixes for XSS vulnerabilities reported in OpenDb 1.0.6 // http://secunia.com/advisories/31719 $HTTP_VARS = strip_tags_array($_GET); } else { if (!empty($_POST)) { $HTTP_VARS = $_POST; } } // Strip all slashes from this array. if (get_magic_quotes_gpc()) { $HTTP_VARS = stripslashes_array($HTTP_VARS); } //define a global browser sniffer object for use by theme and elsewhere $_OpendbBrowserSniffer = new OpenDbBrowserSniffer(); // if the mysql[i] extension has been loaded, the db_connect function should exist if (function_exists('db_connect')) { // defaults where no database access $_OPENDB_THEME = 'default';
if ($_SESSION['OCS']['SQL_BASE_VERS'] < 7006) { unset($_SESSION['OCS']['SQL_BASE_VERS']); require 'install.php'; } else { require 'update.php'; } die; } if (!defined("SERVER_READ")) { $fromdbconfig_out = true; require 'install.php'; die; } //SECURITY $protectedPost = strip_tags_array($_POST); $protectedGet = strip_tags_array($_GET); @set_time_limit(0); //Don't take care of error identify //For the fuser, $no_error = 'YES' if (!isset($no_error)) { $no_error = 'NO'; } /****************************************************SQL TABLE & FIELDS***********************************************/ if (!isset($_SESSION['OCS']['SQL_TABLE'])) { $sql = "show tables from %s"; $arg = DB_NAME; $res = mysql2_query_secure($sql, $_SESSION['OCS']["readServer"], $arg); while ($item = mysqli_fetch_row($res)) { $sql = "SHOW COLUMNS FROM %s"; $arg = $item[0]; $res_column = mysql2_query_secure($sql, $_SESSION['OCS']["readServer"], $arg);
// part of orsee. see orsee.org $debug__script_started = microtime(); include "../config/settings.php"; include "../config/system.php"; include "../config/requires.php"; require_once "../utils/general.php"; require_once "../utils/connections.php"; $proceed = true; if ($proceed) { site__database_config(); $settings = load_settings(); $settings['style'] = $settings['orsee_public_style']; $color = load_colors(); session_set_save_handler("orsee_session_open", "orsee_session_close", "orsee_session_read", "orsee_session_write", "orsee_session_destroy", "orsee_session_gc"); session_start(); $_REQUEST = strip_tags_array($_REQUEST); } if ($proceed) { if ($settings['stop_public_site'] == "y" && !isset($expadmindata['adminname']) && !(thisdoc() == "disabled.php")) { redirect("public/disabled.php"); } } if ($proceed) { // with token-only, do not allow access to these pages $token_exclude = array("participant_reset_pw.php", "participant_change_pw.php", "participant_login.php", "participant_login_mob.php"); if ($settings['subject_authentication'] == 'token' && in_array(thisdoc(), $token_exclude)) { redirect("public/"); } } if ($proceed) { // if we work with tokens or do the migration, check for token on any page
protected function translateLabel($label) { global $l; if (substr($label, 0, 2) == 'g(') { $label = ucfirst($l->g(substr(substr($label, 2), 0, -1))); } return strip_tags_array($label); }
function show_summary($data, $labels, $cat_labels, $links = array()) { global $protectedGet, $pages_refs; $data = data_encode_utf8($data); $nb_col = 2; $i = 0; echo '<table class="summary">'; foreach ($labels as $cat_key => $cat) { if ($i % $nb_col == 0) { echo '<tr class="summary-row">'; } echo '<td class="summary-cell">'; echo '<h5>' . mb_strtoupper($cat_labels[$cat_key]) . '</h5>'; foreach ($cat as $name => $label) { $value = $data[$name]; if (trim($value) != '') { if (!array_key_exists($name, $links)) { $value = strip_tags_array($value); } if ($name == "IPADDR") { $value = preg_replace('/([x0-9])\\//', '$1 / ', $value); } echo '<div class="summary-header">' . $label . ' :</div>'; echo '<div class="summary-value">' . $value . '</div>'; } } echo '</td>'; $i++; if ($i % $nb_col == 0) { echo '</tr>'; } } if ($i % $nb_col != 0) { echo '</tr>'; } echo '</table>'; }
function gestion_donnees($sql_data, $list_fields, $tab_options, $form_name, $default_fields, $list_col_cant_del, $queryDetails, $table_name) { global $l, $protectedPost, $pages_refs; //p($tab_options['REPLACE_VALUE_ALL_TIME']); $_SESSION['OCS']['list_fields'][$table_name] = $list_fields; //requete de condition d'affichage //attention: la requete doit etre du style: //select champ1 AS FIRST from table where... if (isset($tab_options['REQUEST'])) { foreach ($tab_options['REQUEST'] as $field_name => $value) { $tab_condition[$field_name] = array(); $resultDetails = mysql2_query_secure($value, $_SESSION['OCS']["readServer"], $tab_options['ARG'][$field_name]); while ($item = mysqli_fetch_object($resultDetails)) { $tab_condition[$field_name][$item->FIRST] = $item->FIRST; } } } if (isset($sql_data)) { foreach ($sql_data as $i => $donnees) { foreach ($list_fields as $key => $value) { $htmlentities = true; $truelabel = $key; // p($tab_options); //gestion des as de colonne if (isset($tab_options['AS'][$value])) { $value = $tab_options['AS'][$value]; } //echo $value."<br>"; $num_col = $key; if ($default_fields[$key]) { $correct_list_fields[$num_col] = $num_col; } if ($list_col_cant_del[$key]) { $correct_list_col_cant_del[$num_col] = $num_col; } $alias = explode('.', $value); if (isset($alias[1])) { $no_alias_value = $alias[1]; } else { $no_alias_value = $value; } //echo $no_alias_value; //si aucune valeur, on affiche un espace if ($donnees[$no_alias_value] == "") { $value_of_field = " "; $htmlentities = false; } else { $value_of_field = $donnees[$no_alias_value]; } //utf8 or not? $value_of_field = data_encode_utf8($value_of_field); $col[$i] = $key; if ($protectedPost['sens_' . $table_name] == "ASC") { $sens = "DESC"; } else { $sens = "ASC"; } $affich = 'OK'; //on n'affiche pas de lien sur les colonnes non présentes dans la requete if (isset($tab_options['NO_TRI'][$key])) { $lien = 'KO'; } else { $lien = 'OK'; } if (isset($tab_options['REPLACE_VALUE_ALL_TIME'][$key])) { if (isset($tab_options['FIELD_REPLACE_VALUE_ALL_TIME'])) { $value_of_field = $tab_options['REPLACE_VALUE_ALL_TIME'][$key][$donnees[$tab_options['FIELD_REPLACE_VALUE_ALL_TIME']]]; } else { $value_of_field = $tab_options['REPLACE_VALUE_ALL_TIME'][$key][$donnees['ID']]; } } if (isset($tab_options['REPLACE_VALUE'][$key])) { //if multi value, $temp_val[1] isset $temp_val = explode('&&&', $value_of_field); $multi_value = 0; $temp_value_of_field = ""; while (isset($temp_val[$multi_value])) { $temp_value_of_field .= $tab_options['REPLACE_VALUE'][$key][$temp_val[$multi_value]] . "<br>"; $multi_value++; } $temp_value_of_field = substr($temp_value_of_field, 0, -4); $value_of_field = $temp_value_of_field; } if (isset($tab_options['REPLACE_WITH_CONDITION'][$key][$value_of_field])) { if (!is_array($tab_options['REPLACE_WITH_CONDITION'][$key][$value_of_field])) { $value_of_field = $tab_options['REPLACE_WITH_CONDITION'][$key][$value_of_field]; } else { foreach ($tab_options['REPLACE_WITH_CONDITION'][$key][$value_of_field] as $condition => $condition_value) { if ($donnees[$condition] == '' or is_null($donnees[$condition])) { $value_of_field = $condition_value; } } } } if (isset($tab_options['REPLACE_WITH_LIMIT']['UP'][$key])) { if ($value_of_field > $tab_options['REPLACE_WITH_LIMIT']['UP'][$key]) { $value_of_field = $tab_options['REPLACE_WITH_LIMIT']['UPVALUE'][$key]; } } if (isset($tab_options['REPLACE_WITH_LIMIT']['DOWN'][$key])) { if ($value_of_field < $tab_options['REPLACE_WITH_LIMIT']['DOWN'][$key]) { $value_of_field = $tab_options['REPLACE_WITH_LIMIT']['DOWNVALUE'][$key]; } } unset($key2); if (isset($tab_condition[$key])) { if (!$tab_condition[$key][$donnees[$tab_options['FIELD'][$key]]] and !$tab_options['EXIST'][$key] or $tab_condition[$key][$donnees[$tab_options['FIELD'][$key]]] and $tab_options['EXIST'][$key]) { if ($key == "STAT" or $key == "SUP" or $key == "CHECK") { $key2 = "NULL"; } else { $data[$i][$num_col] = $value_of_field; $affich = "KO"; } } } //if (!isset($entete[$num_col])){ if (!isset($tab_options['LBL'][$key])) { $entete[$num_col] = $key; } else { $entete[$num_col] = $tab_options['LBL'][$key]; } //} if (isset($tab_options['NO_LIEN_CHAMP']['SQL'][$key])) { $exit = false; foreach ($tab_options['NO_LIEN_CHAMP']['SQL'][$key] as $id => $sql_rest) { $sql = $sql_rest; if (isset($tab_options['NO_LIEN_CHAMP']['ARG'][$id][$key])) { $arg = $donnees[$tab_options['NO_LIEN_CHAMP']['ARG'][$id][$key]]; } else { $arg = ""; } $result_lien = mysql2_query_secure($sql, $_SESSION['OCS']["readServer"], $arg); if ($item = mysqli_fetch_object($result_lien)) { $data[$i][$num_col] = "<a href='" . $tab_options['LIEN_LBL'][$key][$id] . $donnees[$tab_options['LIEN_CHAMP'][$key][$id]] . "' target='_blank'>" . $value_of_field . "</a>"; // $exit=true; break; } else { echo 'toto'; } } } //si un lien doit être mis sur le champ //l'option $tab_options['NO_LIEN_CHAMP'] empêche de mettre un lien sur certaines //valeurs du champs //exemple, si vous ne voulez pas mettre un lien si le champ est 0, //$tab_options['NO_LIEN_CHAMP'][$key] = array(0); if (isset($tab_options['LIEN_LBL'][$key]) and !is_array($tab_options['LIEN_LBL'][$key]) and (!isset($tab_options['NO_LIEN_CHAMP'][$key]) or !in_array($value_of_field, $tab_options['NO_LIEN_CHAMP'][$key]))) { $affich = "KO"; if (!isset($tab_options['LIEN_TYPE'][$key])) { $data[$i][$num_col] = "<a href='" . $tab_options['LIEN_LBL'][$key] . $donnees[$tab_options['LIEN_CHAMP'][$key]] . "' target='_blank'>" . $value_of_field . "</a>"; } else { if (!isset($tab_options['POPUP_SIZE'][$key])) { $size = "width=550,height=350"; } else { $size = $tab_options['POPUP_SIZE'][$key]; } $data[$i][$num_col] = "<a href=\"" . $tab_options['LIEN_LBL'][$key] . $donnees[$tab_options['LIEN_CHAMP'][$key]] . "\")>" . $value_of_field . "</a>"; } } if (isset($tab_options['JAVA']['CHECK'])) { $javascript = "OnClick='confirme(\"" . htmlspecialchars($donnees[$tab_options['JAVA']['CHECK']['NAME']], ENT_QUOTES) . "\"," . $value_of_field . ",\"" . $form_name . "\",\"CONFIRM_CHECK\",\"" . htmlspecialchars($tab_options['JAVA']['CHECK']['QUESTION'], ENT_QUOTES) . " \")'"; } else { $javascript = ""; } //si on a demander un affichage que sur certaine ID if (is_array($tab_options) and !$tab_options['SHOW_ONLY'][$key][$value_of_field] and $tab_options['SHOW_ONLY'][$key]) { $key = "NULL"; } if (isset($tab_options['COLOR'][$key])) { $value_of_field = "<font color=" . $tab_options['COLOR'][$key] . ">" . $value_of_field . "</font>"; $htmlentities = false; } if ($affich == 'OK') { $lbl_column = array("SUP" => $l->g(122), "MODIF" => $l->g(115), "CHECK" => $l->g(1119) . "<input type='checkbox' name='ALL' id='ALL' Onclick='checkall();'>"); if (!isset($tab_options['NO_NAME']['NAME'])) { $lbl_column["NAME"] = $l->g(23); } //modify lbl of column if (!isset($entete[$num_col]) or $entete[$num_col] == $key and !isset($tab_options['LBL'][$key])) { if (array_key_exists($key, $lbl_column)) { $entete[$num_col] = $lbl_column[$key]; } else { $entete[$num_col] = $truelabel; } } if ($key == "NULL" or isset($key2)) { $data[$i][$num_col] = " "; $lien = 'KO'; } elseif ($key == "GROUP_NAME") { $data[$i][$num_col] = "<a href='index.php?" . PAG_INDEX . "=" . $pages_refs['ms_group_show'] . "&head=1&systemid=" . $donnees['ID'] . "' target='_blank'>" . $value_of_field . "</a>"; } elseif ($key == "SUP" and $value_of_field != ' ') { if (isset($tab_options['LBL_POPUP'][$key])) { if (isset($donnees[$tab_options['LBL_POPUP'][$key]])) { $lbl_msg = $l->g(640) . " " . $donnees[$tab_options['LBL_POPUP'][$key]]; } else { $lbl_msg = $tab_options['LBL_POPUP'][$key]; } } else { $lbl_msg = $l->g(640) . " " . $value_of_field; } $data[$i][$num_col] = "<a href=# OnClick='confirme(\"\",\"" . htmlspecialchars($value_of_field, ENT_QUOTES) . "\",\"" . $form_name . "\",\"SUP_PROF\",\"" . htmlspecialchars($lbl_msg, ENT_QUOTES) . "\");'><img src=image/delete-small.png></a>"; $lien = 'KO'; } elseif ($key == "MODIF") { if (!isset($tab_options['MODIF']['IMG'])) { $image = "image/modif_tab.png"; } else { $image = $tab_options['MODIF']['IMG']; } $data[$i][$num_col] = "<a href=# OnClick='pag(\"" . htmlspecialchars($value_of_field, ENT_QUOTES) . "\",\"MODIF\",\"" . $form_name . "\");'><img src=" . $image . "></a>"; $lien = 'KO'; } elseif ($key == "SELECT") { $data[$i][$num_col] = "<a href=# OnClick='confirme(\"\",\"" . htmlspecialchars($value_of_field, ENT_QUOTES) . "\",\"" . $form_name . "\",\"SELECT\",\"" . htmlspecialchars($tab_options['QUESTION']['SELECT'], ENT_QUOTES) . "\");'><img src=image/prec16.png></a>"; $lien = 'KO'; } elseif ($key == "OTHER") { $data[$i][$num_col] = "<a href=# OnClick='pag(\"" . htmlspecialchars($value_of_field, ENT_QUOTES) . "\",\"OTHER\",\"" . $form_name . "\");'><img src=image/red.png></a>"; $lien = 'KO'; } elseif ($key == "ZIP") { $data[$i][$num_col] = "<a href=\"index.php?" . PAG_INDEX . "=" . $pages_refs['ms_tele_compress'] . "&no_header=1×tamp=" . $value_of_field . "&type=" . $tab_options['TYPE']['ZIP'] . "\"><img src=image/archives.png></a>"; $lien = 'KO'; } elseif ($key == "STAT") { $data[$i][$num_col] = "<a href=\"index.php?" . PAG_INDEX . "=" . $pages_refs['ms_tele_stats'] . "&head=1&stat=" . $value_of_field . "\"><img src='image/stat.png'></a>"; $lien = 'KO'; } elseif ($key == "ACTIVE") { $data[$i][$num_col] = "<a href=\"index.php?" . PAG_INDEX . "=" . $pages_refs['ms_tele_popup_active'] . "&head=1&active=" . $value_of_field . "\"><img src='image/activer.png' ></a>"; $lien = 'KO'; } elseif ($key == "SHOWACTIVE") { $data[$i][$num_col] = "<a href='index.php?" . PAG_INDEX . "=" . $pages_refs['ms_tele_actives'] . "&head=1×tamp=" . $donnees['FILEID'] . "' target=_blank>" . $value_of_field . "</a>"; } elseif ($key == "CHECK" and $value_of_field != ' ') { $data[$i][$num_col] = "<input type='checkbox' name='check" . $value_of_field . "' id='check" . $value_of_field . "' " . $javascript . " " . (isset($protectedPost['check' . $value_of_field]) ? " checked " : "") . ">"; $lien = 'KO'; } elseif ($key == "NAME" and !isset($tab_options['NO_NAME']['NAME'])) { $link_computer = "index.php?" . PAG_INDEX . "=" . $pages_refs['ms_computer'] . "&head=1"; if ($donnees['ID']) { $link_computer .= "&systemid=" . $donnees['ID']; } if ($donnees['MD5_DEVICEID']) { $link_computer .= "&crypt=" . $donnees['MD5_DEVICEID']; } $data[$i][$num_col] = "<a href='" . $link_computer . "' target='_blank'>" . $value_of_field . "</a>"; } elseif ($key == "MAC") { //echo substr($value_of_field,0,8); //echo $_SESSION['OCS']["mac"][substr($value_of_field,0,8)]; if (isset($_SESSION['OCS']["mac"][mb_strtoupper(substr($value_of_field, 0, 8))])) { $constr = $_SESSION['OCS']["mac"][mb_strtoupper(substr($value_of_field, 0, 8))]; } else { $constr = "<font color=red>" . $l->g(885) . "</font>"; } //echo "=>".$constr."<br>"; $data[$i][$num_col] = $value_of_field . " (<small>" . $constr . "</small>)"; } elseif (substr($key, 0, 11) == "PERCENT_BAR") { require_once "function_graphic.php"; $data[$i][$num_col] = "<CENTER>" . percent_bar($value_of_field) . "</CENTER>"; //$lien = 'KO'; } else { if (isset($tab_options['OTHER'][$key][$value_of_field])) { $end = "<a href=# OnClick='pag(\"" . htmlspecialchars($value_of_field, ENT_QUOTES) . "\",\"OTHER\",\"" . $form_name . "\");'><img src=" . $tab_options['OTHER']['IMG'] . "></a>"; } elseif (isset($tab_options['OTHER_BIS'][$key][$value_of_field])) { $end = "<a href=# OnClick='pag(\"" . htmlspecialchars($value_of_field, ENT_QUOTES) . "\",\"OTHER_BIS\",\"" . $form_name . "\");'><img src=" . $tab_options['OTHER_BIS']['IMG'] . "></a>"; } elseif (isset($tab_options['OTHER_TER'][$key][$value_of_field])) { $end = "<a href=# OnClick='pag(\"" . htmlspecialchars($value_of_field, ENT_QUOTES) . "\",\"OTHER_TER\",\"" . $form_name . "\");'><img src=" . $tab_options['OTHER_TER']['IMG'] . "></a>"; } else { $end = ""; } if ($htmlentities) { //$value_of_field=htmlentities($value_of_field,ENT_COMPAT,'UTF-8'); $value_of_field = strip_tags_array($value_of_field); } $data[$i][$num_col] = $value_of_field . $end; } } if ($lien == 'OK') { $deb = "<a onclick='return tri(\"" . $value . "\",\"tri_" . $table_name . "\",\"" . $sens . "\",\"sens_" . $table_name . "\",\"" . $form_name . "\");' >"; $fin = "</a>"; $entete[$num_col] = $deb . $entete[$num_col] . $fin; if ($protectedPost['tri_' . $table_name] == $value) { if ($protectedPost['sens_' . $table_name] == 'ASC') { $img = "<img src='image/down.png'>"; } else { $img = "<img src='image/up.png'>"; } $entete[$num_col] = $img . $entete[$num_col]; } } } } if ($tab_options['UP']) { $i = 0; while ($data[$i]) { foreach ($tab_options['UP'] as $key => $value) { if ($data[$i][$key] == $value) { $value_temp = $data[$i]; unset($data[$i]); } } $i++; } array_unshift($data, $value_temp); } // echo $protectedPost['tri_'.$table_name]; // echo "<br><hr>"; //p($tab_options['REPLACE_VALUE']); if (isset($tab_options['REPLACE_VALUE'][$protectedPost['tri_' . $table_name]])) { //p($data); //echo "<br><hr><br>"; if ($protectedPost['sens_repart_tag'] == 'ASC') { asort($data); } else { arsort($data); } // p($data); } return array('ENTETE' => $entete, 'DATA' => $data, 'correct_list_fields' => $correct_list_fields, 'correct_list_col_cant_del' => $correct_list_col_cant_del); } else { return false; } }
function strip_tags_array($var, $exempt = array()) { if (is_array($var)) { foreach ($var as $k => $v) { if (!in_array($k, $exempt)) { $var[$k] = strip_tags_array($v); } } } else { $var = strip_tags($var); $var = str_replace(array('&', '<', '>', '"', "'", '/'), array('&', '<', '>', '"', ''', ' /'), $var); } return $var; }