function send_email_reply_to_ad($data) { $to = $data['user_id']; $subject = $data['subject']; // $subject=mb_convert_encoding($subject, CONF_ENC,"AUTO"); $subject = mb_encode_mimeheader($subject, 'utf-8'); $data['text'] = utf8_urldecode($data['text']); $semi_rand = md5(time()); $mime_boundary = "==MULTIPART_BOUNDARY_{$semi_rand}"; $mime_boundary_header = chr(34) . $mime_boundary . chr(34); $headers = 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type:multipart/alternative; ' . "\n" . ' boundary=' . $mime_boundary_header . "\r\n"; // $headers .= "Content-Transfer-Encoding: 8bit\r\n"; $headers .= 'From: ' . mb_encode_mimeheader(LANG_LOGO, 'utf-8') . ' <' . MONSTER_EMAIL . '>' . "\r\n"; // $headers.= 'From: '.mb_encode_mimeheader(mb_convert_encoding(LANG_LOGO, CONF_ENC,"AUTO"),'utf-8').' <'.MONSTER_EMAIL.'>' . "\r\n"; if (!empty($data['email'])) { $headers .= 'Reply-To: ' . mb_encode_mimeheader($data['email'], 'utf-8') . "\r\n"; $to_text = $data['email'] . "\r\n"; $to_html = '<a href="mailto:' . $data['email'] . '">' . $data['email'] . '</a><br/>'; } else { $to_text = ''; $to_html = ''; } $headers .= 'Bcc: ' . LOG_EMAIL . "\r\n"; $notice_text = "This is a multi-part message in MIME format."; $plain_text = $data['text'] . "\r\n\r\n" . LANG_AVOID_SPAM_TEXT . ' ' . $to_text . "\r\n\r\n" . LANG_AVOID_SPAM_TEXT2 . SITE_URL . 'ads/' . $data['ad_id'] . '.html'; $html_text = '<html><body>' . '<p>' . $data['text'] . '</p><br/><br/>' . LANG_AVOID_SPAM_HTML . ' ' . $to_html . '<br/><br/>' . LANG_AVOID_SPAM_HTML2 . '<a href="' . SITE_URL . 'ads/' . $data['ad_id'] . '.html' . '">' . SITE_URL . 'ads/' . $data['ad_id'] . '.html</a>' . '</body></html>'; $body = "{$notice_text}\r\n\r\n--{$mime_boundary}\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Transfer-Encoding: 8bit\r\n\r\n{$plain_text}\r\n\r\n--{$mime_boundary}\r\nContent-Type: text/html; charset=utf-8\r\nContent-Transfer-Encoding: 8bit\r\n\r\n{$html_text}\r\n\r\n--{$mime_boundary}--"; $body = wordwrap($body, 70); $result = mail($to, $subject, $body, $headers); return $result; //return true; }
/** * Execute the console command. * * @return mixed */ public function fire() { $topic = Topic::findOrFail($this->argument('topic_id')); $users = User::where('email_news', 1)->chunk(200, function ($users) use($topic) { $data = ['title' => $topic->title, 'body' => $topic->body]; foreach ($users as $user) { Mail::queue('emails.news', $data, function ($message) use($user, $topic) { $message->to($user->email)->subject('Maze Naujienos: ' . utf8_urldecode($topic->title)); }); } }); }
/** * Handle the event. * * @param NewsWasPosted $event * @return void */ public function handle(NewsWasPosted $event) { $topic = $event->topic; $users = User::where('email_news', 1)->chunk(200, function ($users) use($topic) { $data = ['title' => $topic->title, 'body' => $topic->body]; foreach ($users as $user) { Mail::queue('emails.news', $data, function ($message) use($user, $topic) { $message->to($user->email)->subject('Maze Naujienos: ' . utf8_urldecode($topic->title)); }); } }); }
/** * 初始化DBH */ public function __construct() { $this->dbh = $GLOBALS['pmx_dbh']; $this->ip = get_ip(); $this->time = get_time(); $this->location = isset($_REQUEST["location"]) ? $_REQUEST["location"] : ""; $this->HTTP_ACCEPT = isset($_SERVER["HTTP_ACCEPT"]) ? $_SERVER["HTTP_ACCEPT"] : ""; $this->HTTP_REFERER = isset($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : ""; $this->HTTP_USER_AGENT = isset($_SERVER["HTTP_USER_AGENT"]) ? $_SERVER["HTTP_USER_AGENT"] : ""; $this->flash = isset($_GET['flash']) ? $_GET['flash'] : ""; $this->java = isset($_GET['java']) ? $_GET['java'] : ""; $this->screen = isset($_GET['screen']) ? $_GET['screen'] : ""; $this->title = isset($_GET['title']) ? utf8_urldecode($_GET['title']) : ""; }
/** * Handle the event. * * @param UserWasNotified $event * @return void */ public function handle(UserWasNotified $event) { $user = $event->user; //TODO: pakeisti i universalesni sprendima. if ($event->object instanceof Reply) { $reply = $event->object; if ($user->id != $reply->topic->user_id) { $last_reply = $reply->topic->replies()->where('user_id', '<>', $user->id)->orderBy('created_at', 'desc')->first(); if (!$last_reply || $last_reply && $last_reply->created_at->diffInHours() > 1 && $reply->topic->user->email_replies) { $data = ['user' => $reply->topic->user->username, 'title' => $reply->topic->title, 'content' => $reply->body, 'slug' => $reply->topic->slug, 'id' => $reply->topic->id]; $topic = $reply->topic; $topic_user = $reply->topic->user; Mail::queue('emails.reply', $data, function ($message) use($topic_user, $topic, $user) { $user->last_reply_emailed = Carbon::now(); $user->save(); $message->to($topic_user->email)->subject('Naujas pranešimas temoje ' . utf8_urldecode($topic->title)); }); } } } }
header('Content-type: text/html; charset=utf-8'); include 'connect_to_mysql.php'; if (isset($_SESSION['id'])) { $userid = $_SESSION['id']; // assign SESSION 'id' value to $userid. } else { $userid = 0; } $ip = $_SESSION['ip']; function utf8_urldecode($str) { $str = htmlspecialchars($str, ENT_QUOTES); $str = mysql_real_escape_string($str); return $str; } $timesubmit = time(); $pmsgid = $_GET['pmsgid']; $touserid = $_GET['otheruserid']; $touserip = $_GET['otheruserip']; $content = utf8_urldecode($_GET['content']); $sql_insert = mysql_query("INSERT INTO duitasuopmsgreply (touserid,touserip,userid,userip,content,timesubmit,readit,pmsgid) VALUES('{$touserid}','{$touserip}','{$userid}','{$ip}','{$content}','{$timesubmit}','0','{$pmsgid}')") or die(mysql_error()); $result = mysql_query("SELECT * FROM duitasuopmsgreply WHERE touserid='{$touserid}' AND touserip='{$touserip}' AND userid='{$userid}' AND userip='{$ip}' AND timesubmit='{$timesubmit}'") or die; $row = mysql_fetch_array($result); $content_reply = $row['content']; $duitasuo_pmsg_reply_fromuser = mysql_query("SELECT * FROM users WHERE id='{$userid}' ORDER BY id ASC;") or die(mysql_query()); $row_pmsg_reply_fromuser = mysql_fetch_assoc($duitasuo_pmsg_reply_fromuser); $fromusername = $row_pmsg_reply_fromuser['username']; $replypmsgtime = date('Y-m-d g:ia', strtotime("-4 hour", $timesubmit)); echo "<div class='pmsgs'>\n <h6 onselectstart='return false'>" . $fromusername . " 发于 " . $replypmsgtime . ":</h6>\n <p>" . $content_reply . "</p>\n </div>"; ?>
<?php include "../include/functions.php"; include "../include/db.php"; ?> <?php include "../include/params.php"; include "../include/dictionary2.php"; set_time_limit(0); opendb(); $directionname = nnull(utf8_urldecode(getQUERY('directionname')), ""); $startgoogleaddress = nnull(utf8_urldecode(getQUERY('startgoogleaddress')), ""); $startgeocodeaddress = nnull(utf8_urldecode(getQUERY('startgeocodeaddress')), ""); $startlongitude = getQUERY("startlongitude"); $startlatitude = getQUERY("startlatitude"); $endgoogleaddress = nnull(utf8_urldecode(getQUERY('endgoogleaddress')), ""); $endgeocodeaddress = nnull(utf8_urldecode(getQUERY('endgeocodeaddress')), ""); $endlongitude = getQUERY("endlongitude"); $endlatitude = getQUERY("endlatitude"); $shortlineid = getQUERY('shortlineid'); $fastlineid = getQUERY('fastlineid'); $sqlAddDirection = "insert into directions (userid, clientid, directionname, startgoogleaddress, startgeocodeaddress, \r\n startlongitude, startlatitude, endgoogleaddress, endgeocodeaddress, \r\n endlongitude, endlatitude, shortlineid, fastlineid) values"; $sqlAddDirection .= "(" . session("user_id") . ", " . session("client_id") . ", '" . $directionname . "'"; $sqlAddDirection .= ",'" . $startgoogleaddress . "', '" . $startgeocodeaddress . "', " . $startlongitude; $sqlAddDirection .= "," . $startlatitude . ", '" . $endgoogleaddress . "', '" . $endgeocodeaddress . "'"; $sqlAddDirection .= "," . $endlongitude . ", " . $endlatitude . ", " . $shortlineid . ", " . $fastlineid . ")"; //echo $sqlAddDirection; $retID = RunSQL($sqlAddDirection); echo $retID; closedb(); exit;
$userid = $_SESSION['id']; // assign SESSION 'id' value to $userid. } else { $userid = 0; } $userchatid = $_SESSION['chatid']; function utf8_urldecode($str) { $str = htmlspecialchars($str, ENT_QUOTES); $str = mysql_real_escape_string($str); return $str; } $msg = $_GET['msg']; $touserid = $_GET['otherid']; $touserchatid = $_GET['otherchatid']; $msg = utf8_urldecode($msg); $sendtime = date('Y-m-d H:i:s', time()); $sendtimeinsecond = time(); $sql_insert = mysql_query("INSERT INTO chat (userid,userchatid,touserid,touserchatid,message,sendtime,sendtimeinsecond,recd,confirm) VALUES('{$userid}','{$userchatid}','{$touserid}','{$touserchatid}','{$msg}','{$sendtime}','{$sendtimeinsecond}',0,0)") or die(mysql_error()); $chatwith_result = mysql_query("SELECT * FROM chatname WHERE userid='{$userid}' AND userchatid='{$userchatid}'"); $chatwith_row = mysql_fetch_array($chatwith_result); $sendername = $chatwith_row['username']; $msg = str_replace("(谄笑)", "<img src='smileys/1.gif' style='border:0;' />", $msg); $msg = str_replace("(吃饭)", "<img src='smileys/2.gif' style='border:0;' />", $msg); $msg = str_replace("(调皮)", "<img src='smileys/3.gif' style='border:0;' />", $msg); $msg = str_replace("(尴尬)", "<img src='smileys/4.gif' style='border:0;' />", $msg); $msg = str_replace("(汗)", "<img src='smileys/5.gif' style='border:0;' />", $msg); $msg = str_replace("(惊恐)", "<img src='smileys/6.gif' style='border:0;' />", $msg); $msg = str_replace("(囧)", "<img src='smileys/7.gif' style='border:0;' />", $msg); $msg = str_replace("(可爱)", "<img src='smileys/8.gif' style='border:0;' />", $msg); $msg = str_replace("(酷)", "<img src='smileys/9.gif' style='border:0;' />", $msg);
<?php header('Content-type: text/html; charset=utf-8'); include 'connect_to_mysql.php'; function utf8_urldecode($str) { $str = htmlspecialchars($str, ENT_QUOTES); $str = mysql_real_escape_string($str); return $str; } $title = $_GET['title']; $descr = utf8_urldecode($_GET['descr']); $la = $_GET['la']; $lo = $_GET['lo']; $priority = $_GET['priority']; $time = time(); $sql_insert = mysql_query("INSERT INTO words (userid,title,descr,latitude,longitude,priority,time) VALUES('0','{$title}','{$descr}','{$la}','{$lo}','{$priority}','{$time}')") or die(mysql_error()); echo "good";
} //time format include_once KUNENA_PATH_LIB . DS . 'kunena.timeformat.class.php'; $systime = time() + $fbConfig->board_ofset * KUNENA_SECONDS_IN_HOUR; // Retrieve current cookie data for session handling $settings = !empty($_COOKIE['fboard_settings']) ? $_COOKIE['fboard_settings'] : ''; $board_title = $fbConfig->board_title; $fromBot = 0; $prefview = $fbConfig->default_view; // JOOMLA STYLE CHECK if ($fbConfig->joomlastyle < 1) { $boardclass = "fb_"; } // Include preview here before inclusion of other files if ($func == "getpreview") { $message = utf8_urldecode(utf8_decode(stripslashes($msgpreview))); $smileyList = smile::getEmoticons(1); $msgbody = smile::smileReplace($message, 0, $fbConfig->disemoticons, $smileyList); $msgbody = nl2br($msgbody); $msgbody = str_replace("__FBTAB__", "\t", $msgbody); $msgbody = CKunenaTools::prepareContent($msgbody); // $msgbody = ereg_replace('%u0([[:alnum:]]{3})', '',$msgbody); $msgbody = smile::htmlwrap($msgbody, $fbConfig->wrap); header("Content-Type: text/html; charset=utf-8"); echo $msgbody; $app->close(); } if ($no_html == 0) { $document =& JFactory::getDocument(); // inline jscript with image location $document->addScriptDeclaration('jr_expandImg_url = "' . KUNENA_URLIMAGESPATH . '";');
for ($i = 0; $i < count($filearr) - 1; $i++) { $loadFile .= $filearr[$i] . '.'; $tplDir .= $filearr[$i]; } $loadFile .= 'config.php'; $tplDir .= '/'; } $loadFile = FEPATH . $tplDir . $loadFile; if (file_exists($loadFile)) { include_once $loadFile; foreach ($_POST as $key => $value) { if ($key != 'fixedFromEmail' && $key != 'fixedFromName') { $key = strtolower($key); } $value = str_replace("\n", "<br />", $value); ${$key} = trim(utf8_urldecode($value)); } } } $loadDefault = ''; $loadFile = ''; $imgProcessing = ''; if (file_exists('_src/processing.gif')) { $imgProcessing = '<img id="feprocessing" border="0" src="_src/processing.gif" width="200" height="84"><br />'; } //check connect through proxy or not $proxydescription = ""; $remoteaddr = $_SERVER['REMOTE_ADDR']; $http_via = getenv('HTTP_VIA'); $http_forwarded = getenv('HTTP_X_FORWARDED_FOR'); $remoteport = getenv('REMOTE_PORT');
<?php header('Content-type: text/html; charset=UTF-8'); include 'connect_to_mysql.php'; $schoolname = $_GET['schoolname']; function utf8_urldecode($str) { $str = nl2br($str); $str = str_replace("'", "\\'", $str); $str = str_replace("<", "<", $str); $str = preg_replace("/%u([0-9a-f]{3,4})/i", "&#x\\1;", urldecode($str)); return html_entity_decode($str, null, 'gb2312'); } $schoolname = utf8_urldecode($schoolname); $schoolname_result = mysql_query("SELECT * FROM schools WHERE schoolname = '{$schoolname}' ORDER BY id ASC;") or die(mysql_error()); $schoolname_num = mysql_num_rows($schoolname_result); if ($schoolname_num > 0) { echo "数据库中已有此学校名字"; } else { $sql_insert = mysql_query("INSERT INTO schools (schoolname,likes) VALUES('{$schoolname}','0')") or die(mysql_error()); echo "成功插入数据库:" . $schoolname; } /* $schoolname_result = mysql_query("SELECT * FROM schools ORDER BY id ASC;") or die(mysql_error()); while ($row = mysql_fetch_assoc($schoolname_result)){ if ($row['id'] > 60){ $id = $row['id']; mysql_query ("DELETE FROM schools WHERE id='$id'") or die(mysql_error()); echo "删除数据库:".$row['schoolname']."<br>"; } }
break; case 'update_block_place': $id = (int) $_GET['id']; $new_place = (int) $_GET['new_place']; $db->update('blocks', 'place', $new_place, 'id', $id); break; case 'notes_new': $db->insert('cp_notes', array('pos_x', 'pos_y', 'width', 'height', 'jq_id', 'time'), array($_GET['pos_x'], $_GET['post_y'], $_GET['width'], $_GET['height'], $_GET['jq_id'], time())); break; case 'notes_edit': function utf8_urldecode($str) { $str = preg_replace("/%u([0-9a-f]{3,4})/i", "&#x\\1;", urldecode($str)); return html_entity_decode($str, null, 'UTF-8'); } $text = utf8_urldecode($_GET['text']); $db->update('cp_notes', array('text', 'pos_x', 'pos_y', 'width', 'height', 'time'), array($text, $_GET['pos_x'], $_GET['pos_y'], $_GET['width'], $_GET['height'], time()), 'jq_id', $_GET['jq_id']); break; case 'notes_delete': $db->delete('cp_notes', 'jq_id', $_GET['jq_id']); break; case 'autocomplete': $table = $_GET['table']; $field = $_GET['field']; $q = $_GET['term']; $results = $db->fetch($table, "[%]{$field}", $q); $return_array = array(); foreach ($results as $result) { $add['value'] = $result[$field]; $add['id'] = $result['id']; array_push($return_array, $add);
<?php header('Content-type: text/html; charset=utf-8'); include 'connect_to_mysql.php'; function utf8_urldecode($str) { $str = htmlspecialchars($str, ENT_QUOTES); $str = mysql_real_escape_string($str); return $str; } $signup_username = utf8_urldecode($_GET['signup_username']); $signup_email = utf8_urldecode($_GET['signup_email']); //get form data $username = addslashes(strip_tags($signup_username)); $password = addslashes(strip_tags($_GET['signup_password'])); $email = addslashes(strip_tags($signup_email)); if (!$username || !$password || !$email) { echo "请输入所有的信息。"; } else { //check if username already taken $check = mysql_query("SELECT * FROM users WHERE email='{$email}'"); if (mysql_num_rows($check) >= 1) { echo "邮箱地址已经被注册。"; } else { //generate random code $code = rand(11111111, 99999999); $subject = "谢谢注册 duitasuo.com"; $body = "你好 {$signup_username},\n\n谢谢注册 duitasuo.com! 为了激活您的账号,请点击下面的链接或者把它复制到您的浏览器地址栏里:\n\nhttp://www.duitasuo.com/index_activate.php?code=" . $code . "\n\n谢谢注册,祝你早日找到你的ta.\n\n\nKoollo Kingdom Inc."; $from = "*****@*****.**"; $host = "smtp.gmail.com"; $username_smtp = "*****@*****.**"; $password_smtp = "wjywjy218";
/** * Fonction de conversion des éléments d'un tableau en UTF-8 * Encodage appliqué sur les clés et les valeurs * Fonction récursive * @param array $array Le tableau à encoder * @return array Tableau identiques avec données en UTF-8 */ function arrayConvertUTF8($array, $encode = true, $special_caracters = false) { $tmp = array(); if (is_array($array)) { foreach ($array as $k => $v) { if (is_array($v) || is_object($v)) { if ($encode) { $tmp[utf8_encode($k)] = arrayConvertUTF8($v, $encode); } else { $tmp[utf8_urldecode($k)] = arrayConvertUTF8($v, $encode); } } else { if ($encode) { $tmp[utf8_encode($k)] = utf8_encode($v); } else { $tmp[utf8_urldecode($k)] = utf8_decode($v); } } } } else { if ($encode) { $tmp = utf8_encode($array); } else { $tmp = utf8_decode($array); } } return $tmp; }
$str = str_replace("<", "<", $str); $str = preg_replace("/%u([0-9a-f]{3,4})/i", "&#x\\1;", urldecode($str)); return html_entity_decode($str, null, 'gb2312'); } $h = 0; $result = mysql_query("SELECT * FROM schools ORDER BY likes DESC;") or die; $number = mysql_num_rows($result); if ($number > 0) { while ($row = mysql_fetch_array($result)) { $schoolname[$h] = $row['schoolname']; $schoolid[$h] = $row['id']; $schoollike[$h] = $row['likes']; $h++; } } $name = utf8_urldecode($_GET["name"]); //lookup all hints from array if length of name > 0 if (strlen($name) > 0) { $totalnum = 0; for ($i = 0; $i < count($schoolname); $i++) { if (preg_match("/" . $name . "/i", $schoolname[$i])) { $totalnum++; } } $hint = ""; $totalnum_break = 0; for ($i = 0; $i < count($schoolname); $i++) { if (preg_match("/" . $name . "/i", $schoolname[$i])) { if ($hint == "") { $hint = "<div class='choose_school' onmouseover=this.className='choose_school_onmouseover' onmouseout=this.className='choose_school'><a href='home.php?schoolid=" . $schoolid[$i] . "'><div class='choose_school_name'>" . $schoolname[$i] . "</div><div class='choose_school_likes'>" . $schoollike[$i] . "个通告</div></a></div>"; } else {
<?php include "../include/functions.php"; include "../include/db.php"; ?> <?php include "../include/params.php"; include "../include/dictionary2.php"; set_time_limit(0); opendb(); $vehid = getQUERY("vehid"); $_name = nnull(utf8_urldecode(getQUERY('name')), ""); $garminid = dlookup("select coalesce((select messageid from quickmessage where vehicleid=" . $vehid . " order by messageid desc limit 1), 0)"); $garminid = $garminid + 1; $sqlAddPoi = "insert into quickmessage (vehicleid, messageid, body) values"; $sqlAddPoi .= "(" . $vehid . ", " . $garminid . ", '" . $_name . "')"; $ret = RunSQL($sqlAddPoi); echo $garminid; closedb();
$ip = $_SESSION['ip']; /* function utf8_urldecode($str) { $str = nl2br($str); $str = str_replace("'","\'",$str); $str = str_replace("<","<",$str); $str = preg_replace("/%u([0-9a-f]{3,4})/i","&#x\\1;",urldecode($str)); return html_entity_decode($str,null,'gb2312');; } */ function utf8_urldecode($str) { $str = htmlspecialchars($str, ENT_QUOTES); $str = mysql_real_escape_string($str); return $str; } $timesubmit = time(); $schoolid = $_GET['schoolid']; $gender = utf8_urldecode($_GET['gender']); $time = utf8_urldecode($_GET['time']); $place = utf8_urldecode($_GET['place']); $descr = utf8_urldecode($_GET['descr']); $words = utf8_urldecode($_GET['words']); if ($place != "" && $descr != "" && $words != "") { $sql_insert = mysql_query("INSERT INTO duitasuomsg (gender,time,place,descr,words,timesubmit,likes,userid,schoolid,ip) VALUES('{$gender}','{$time}','{$place}','{$descr}','{$words}','{$timesubmit}','0','{$userid}','{$schoolid}','{$ip}')") or die(mysql_error()); } $schoollikes = mysql_query("SELECT * FROM schools WHERE id='{$schoolid}'") or die(mysql_query()); $row = mysql_fetch_assoc($schoollikes); $likes = $row['likes']; $likes++; mysql_query("UPDATE schools SET likes = '{$likes}' WHERE id='{$schoolid}'") or die(mysql_error());
<?php include "../include/functions.php"; include "../include/db.php"; ?> <?php include "../include/params.php"; include "../include/dictionary2.php"; set_time_limit(0); opendb(); $vehid = getQUERY("vehid"); $lon = getQUERY('lon'); $lat = getQUERY('lat'); $_name = nnull(utf8_urldecode(getQUERY('name')), ""); $_description = nnull(utf8_urldecode(getQUERY('description')), ""); $garminid = dlookup("select coalesce((select garminid from stopstatus where toid=" . $vehid . " order by datetime desc limit 1), 0)"); $garminid = $garminid + 1; $sqlAddPoi = "insert into stopstatus (fromid, toid, clientid, userid, datetime, text, garminid, latitude, longitude, location) values"; $sqlAddPoi .= "(" . session("user_id") . ", " . $vehid . ", " . session("client_id") . ", " . session("user_id") . ", now(),"; $sqlAddPoi .= "'" . $_name . "', " . $garminid . ", " . $lat . ", " . $lon . ", '" . $_description . "')"; $ret = RunSQL($sqlAddPoi); echo $garminid; closedb();
<?php include '../connect_to_mysql.php'; if (isset($_SESSION['id'])) { $userid = $_SESSION['id']; // assign SESSION 'id' value to $userid. } else { $userid = 0; } $userchatid = $_SESSION['chatid']; $schoolid = $_SESSION['schoolid']; $anonymous = $_GET['anonymous']; function utf8_urldecode($str) { $str = htmlspecialchars($str, ENT_QUOTES); $str = mysql_real_escape_string($str); return $str; } $place = utf8_urldecode($_GET['place']); $result_chatname = mysql_query("SELECT * FROM chatname WHERE userchatid='{$userchatid}' AND userid='{$userid}' AND schoolid='{$schoolid}' ORDER BY id ASC;") or die; $chatname_row = mysql_fetch_array($result_chatname); $chatnameid = $chatname_row['id']; if ($anonymous == 1) { $num = rand(1, 1000); $username = "******" . $num; mysql_query("UPDATE chatname SET username='******', loginas=1, place='{$place}' WHERE id='{$chatnameid}'") or die(mysql_error()); } else { mysql_query("UPDATE chatname SET loginas=2, place='{$place}' WHERE id='{$chatnameid}'") or die(mysql_error()); }
} $toobject = nnull(getQUERY("toobj"), ""); $flag = '0'; $delivery = ""; $deliverycoll = ""; if ($action == 'user') { $fromid = session("user_id"); if ($toobject == 'vehicle') { $toid = nnull(getQUERY("toid"), ""); $toid = dlookup("select id from vehicles where gsmnumber='" . $toid . "'"); } else { $flag = '1'; $toid = nnull(getQUERY("toid"), ""); $delivery = ", now()"; $deliverycoll = ", dtdelivery"; } $garminid = dlookup("select coalesce((select garminid from messages where toid=" . $toid . " order by datetime desc limit 1), 0)"); $garminid = $garminid + 1; } $clientid = session("client_id"); $userid = session("user_id"); $datetime = nnull(getQUERY("dt"), now()); //$datetime = now(); $subject = nnull(getQUERY("subject"), ""); $body = nnull(utf8_urldecode(getQUERY("body")), ""); $checked = '0'; RunSQL("INSERT INTO messages (fromid, toobject, toid, clientid, userid, datetime, subject, body, checked, garminid, flag" . $deliverycoll . ") \r\n\t VALUES (" . $fromid . ", '" . $toobject . "', " . $toid . ", " . $clientid . ", " . $userid . ", \r\n\t '" . $datetime . "', '" . $subject . "', '" . $body . "', " . $checked . ", " . $garminid . ", '" . $flag . "'" . $delivery . ")"); closedb(); echo $garminid; //echo 54336; exit;
<?php include 'connect_to_mysql.php'; $id = $_GET['id']; $descr = $_GET['descr']; $words = $_GET['words']; function utf8_urldecode($str) { $str = htmlspecialchars($str, ENT_QUOTES); $str = mysql_real_escape_string($str); return $str; } $descr = utf8_urldecode($descr); $words = utf8_urldecode($words); mysql_query("UPDATE duitasuomsg SET descr='{$descr}', words='{$words}' WHERE id='{$id}'") or die(mysql_error()); $result = mysql_query("SELECT * FROM duitasuomsg WHERE id='{$id}'") or die; $row = mysql_fetch_array($result); $descr_edit = $row['descr']; $words_edit = $row['words']; echo $descr_edit . "|" . $words_edit;
opendb(); $city = nnull(utf8_urldecode(getQUERY('city')), ""); $country = getQUERY("country"); $elevation = nnull(utf8_urldecode(getQUERY('elevation')), ""); $fullname = nnull(utf8_urldecode(getQUERY('fullname')), ""); $lon = getQUERY("lon"); $lat = getQUERY("lat"); $otime = getQUERY("otime"); $temp = getQUERY("temp"); $feelslike = getQUERY("feelslike"); $wind = getQUERY("wind"); $visibility = getQUERY("visibility"); $weather = nnull(utf8_urldecode(getQUERY("weather")), ""); $humidity = getQUERY("humidity"); $icon = nnull(utf8_urldecode(getQUERY("icon")), ""); $iconurl = nnull(utf8_urldecode(getQUERY("iconurl")), ""); $cntW = dlookup("select count(*) from weatherstations where city='" . $city . "'"); if ($cntW > 0) { $sqlAddW = "UPDATE weatherstations set observationtime='" . $otime . "', temerature=" . $temp; $sqlAddW .= ", feelslike=" . $feelslike . ", weather='" . $weather . "', humidity='" . $humidity; $sqlAddW .= "', visibility=" . $visibility . ", wind=" . $wind . ", icon='" . $icon . "', iconurl='" . $iconurl . "'"; $sqlAddW .= " where city='" . $city . "'"; RunSQL($sqlAddW); echo "update"; } else { $sqlAddW = "INSERT INTO weatherstations (city, country, elevation, fullname, latitude, longitude, observationtime, temerature, feelslike, weather, humidity, visibility, wind, icon, iconurl) VALUES "; $sqlAddW .= "('" . $city . "', '" . $country . "', '" . $elevation . "', '" . $fullname . "', " . $lat . ", " . $lon . ", '" . $otime . "', " . $temp . ", " . $feelslike . ", '" . $weather . "', '" . $humidity . "', " . $visibility . ", " . $wind . ", '" . $icon . "', '" . $iconurl . "')"; RunSQL($sqlAddW); echo "insert"; } closedb();
/** * build a search url based on form submission, handles both basic and advanced search forms */ function sopac_search_catalog_submit($form, &$form_state) { $locum = sopac_get_locum('locum'); $locum_cfg = $locum->locum_config; $search_query = trim($form_state['values']['search_query']); if (!$search_query) { $search_query = '*'; } if (strstr($search_query, '+')) { $search_query = urlencode($search_query); } $search_type = $form_state['values']['search_type']; $search_type_arr = explode('_', $search_type); if ($search_type_arr[0] == 'cat') { $search_type = $search_type_arr[1]; $search_fmt = $search_type_arr[2]; // Material / Format types if ($search_fmt) { if ($search_fmt != 'all') { $uris['search_format'] = $locum->csv_parser($locum_cfg['format_groups'][$search_fmt], '|'); } } elseif ($form_state['values']['search_format']) { if (is_array($form_state['values']['search_format'])) { $uris['search_format'] = trim(implode('|', $form_state['values']['search_format'])); } else { $uris['search_format'] = $form_state['values']['search_format']; } } // Location selections overrule collection selections and act as // a filter if they are in a selection colection. if ($form_state['values']['collection']) { $locations = array(); $uris['collection'] = trim(implode('|', $form_state['values']['collection'])); foreach ($form_state['values']['collection'] as $collection) { $collection_arr = $locum->csv_parser($locum_cfg['collections'][$collection]); if ($form_state['values']['location']) { $valid_locs = array_intersect($form_state['values']['location'], $collection_arr); if (count($valid_locs)) { $locations = array_merge($locations, $valid_locs); } else { $locations = array_merge($locations, $collection_arr); } } else { $locations = array_merge($locations, $collection_arr); } } if ($form_state['values']['location']) { $locations = array_merge($locations, array_diff($form_state['values']['location'], $locations)); } } elseif ($form_state['values']['location']) { $locations = $form_state['values']['location']; } if (count($locations)) { $uris['location'] = trim(implode('|', $locations)); } // Sort variable if ($form_state['values']['sort']) { $uris['sort'] = $form_state['values']['sort']; } // Age Group variable if ($form_state['values']['age_group']) { $uris['age'] = $form_state['values']['age_group']; } // Limit to Available if ($form_state['values']['limit_avail']) { $uris['limit_avail'] = $form_state['values']['limit_avail']; } /* if ($form_state['values']['limit_avail'] || $form_state['values']['limit']) { if (variable_get('sopac_multi_branch_enable', 0)) { if ($form_state['values']['limit_avail'] && $form_state['values']['limit']) { $uris['limit_avail'] = $form_state['values']['limit_avail']; } } else { $uris['limit_avail'] = 'any'; } } */ // Publisher Search if ($form_state['values']['publisher']) { //$uris['pub'] = trim($form_state['values']['publisher']); $search_query .= " @publisher " . trim($form_state['values']['publisher']); } // Publication date ranges if ($form_state['values']['pub_year_start'] || $form_state['values']['pub_year_end']) { $uris['facet_year'] = trim($form_state['values']['pub_year_start']) . '-' . trim($form_state['values']['pub_year_end']); } $search_url = variable_get('sopac_url_prefix', 'cat/seek') . '/search/' . $search_type . '/' . $search_query; } elseif ($search_type_arr[0] == 'web') { switch ($search_type_arr[1]) { case 'local': $search_url = 'search/node/' . utf8_urldecode($search_query); break; case 'google': $search_url = 'http://www.google.com/search?hl=en&q=' . utf8_urldecode($search_query); break; } } drupal_goto($search_url, $uris); }
if (isset($_SESSION['id'])) { $userid = $_SESSION['id']; // assign SESSION 'id' value to $userid. } else { $userid = 0; } $ip = $_SESSION['ip']; function utf8_urldecode($str) { $str = htmlspecialchars($str, ENT_QUOTES); $str = mysql_real_escape_string($str); return $str; } $timesubmit = time(); $id = $_GET['id']; $comment = utf8_urldecode($_GET['comment']); $sql_insert = mysql_query("INSERT INTO duitasuocomment (msgid,userid,comment,timesubmit,likes,ip,unread) VALUES('{$id}','{$userid}','{$comment}','{$timesubmit}','0','{$ip}','0')") or die(mysql_error()); $duitasuo_comment = mysql_query("SELECT * FROM duitasuocomment WHERE msgid='{$id}' AND comment='{$comment}' AND userid='{$userid}' AND ip='{$ip}' ORDER BY timesubmit DESC;") or die(mysql_query()); while ($row_comment = mysql_fetch_assoc($duitasuo_comment)) { $comment_userid = $row_comment['userid']; $comment_comment = $row_comment['comment']; $comment_id = $row_comment['id']; $timeago_comment = $timesubmit - $row_comment['timesubmit']; if ($timeago_comment < 60) { $timesubmit_comment = "刚刚更新"; } else { if ($timeago_comment < 3600) { $timesubmit_comment = (int) ($timeago_comment / 60); $timesubmit_comment = $timesubmit_comment . "分钟之前"; } else { if ($timeago_comment < 86400) {
function stripslashes_deep($value) { $value = is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value); return $value; } $_POST = array_map('stripslashes_deep', $_POST); } if (isset($_POST['qin'])) { //From http://uk2.php.net/manual/en/function.urldecode.php#79595 //Assuming this function is in the 'public domain'. function utf8_urldecode($str) { $str = preg_replace("/%u([0-9a-f]{3,4})/i", "&#x\\1;", urldecode($str)); return trim(html_entity_decode($str, null, 'UTF-8')); } $qin = utf8_urldecode($_POST['qin']); } if ($qin) { //find the first space and break that word off as the command, the rest is the thing to pass. if (strpos($qin, " ") != false) { $command = strtolower(substr($qin, 0, strpos($qin, " "))); $args = substr($qin, strpos($qin, " ") + 1); //Use $args = explode(" ", $args); to get this into an array. } else { $command = strtolower($qin); } switch ($command) { case 'help': echo 'toQonsole("Sorry, we\'re closed!");'; break; case 'about':