function check_if_empty($itemName, $errorMessage) { global $errorArray; if (!empty($_POST[$itemName])) { $item = clean_data($_POST[$itemName]); return $item; } else { $errorArray[$itemName] = "<span class=\"form-error\">{$errorMessage}</span>"; return ''; } }
function output_json($data, $status_code) { global $_GET; header("HTTP/1.0 {$status_code}"); $data = clean_data($data); if (isset($_GET['callback'])) { // JSONP header("Content-Type: application/javascript"); echo "{$_GET['callback']}(" . json_encode($data) . ");"; } else { header("Content-Type: application/json"); echo json_encode($data); } }
<?php require_once './core_files/excel_file_extractor.php'; require_once './core_files/attendance_processor.php'; include_once './core_files/acessories.php'; $excelfile = 'tmpdir/file.xlsx'; echo "Data You Are about to submit" . '<br/>' . '<br/>'; $raw_data = extract_to_array($excelfile); //extracts the excel file into an array $clean_data = clean_data($raw_data); //removes all unnecessory spacess at the end of rows print_review($clean_data); if (isset($_GET['cancel'])) { header('Location: home.php'); } if (isset($_GET['submit'])) { insert_students($clean_data); insert_section($clean_data); insert_attendance($clean_data); echo "<script>setTimeout(\"location.href = 'home.php';\",7000);</script>"; //header('Location: index.php'); } ?> <a href='confirm.php?cancel=true'>Cancel</a> <a href='confirm.php?submit=true'>Submit</a>
/** * edit zef entry * * @param integer $id ID of record * @global array $kga kimai-global-array * @param integer $data array with new record data * @author th */ function zef_edit_record($id, $data) { global $kga, $conn; logfile(serialize($data)); $data = clean_data($data); $original_array = zef_get_data($id); $new_array = array(); foreach ($original_array as $key => $value) { if (isset($data[$key]) == true) { $new_array[$key] = $data[$key]; } else { $new_array[$key] = $original_array[$key]; } } logfile(serialize($new_array)); $values['zef_comment'] = MySQL::SQLValue($new_array['zef_comment']); $values['zef_location'] = MySQL::SQLValue($new_array['zef_location']); if ($new_array['zef_trackingnr'] == '') { $values['zef_trackingnr'] = 'NULL'; } else { $values['zef_trackingnr'] = MySQL::SQLValue($new_array['zef_trackingnr']); } $values['zef_pctID'] = MySQL::SQLValue($new_array['zef_pctID'], MySQL::SQLVALUE_NUMBER); $values['zef_evtID'] = MySQL::SQLValue($new_array['zef_evtID'], MySQL::SQLVALUE_NUMBER); $values['zef_comment_type'] = MySQL::SQLValue($new_array['zef_comment_type'], MySQL::SQLVALUE_NUMBER); $values['zef_in'] = MySQL::SQLValue($new_array['zef_in'], MySQL::SQLVALUE_NUMBER); $values['zef_out'] = MySQL::SQLValue($new_array['zef_out'], MySQL::SQLVALUE_NUMBER); $values['zef_time'] = MySQL::SQLValue($new_array['zef_time'], MySQL::SQLVALUE_NUMBER); $values['zef_rate'] = MySQL::SQLValue($new_array['zef_rate'], MySQL::SQLVALUE_NUMBER); $values['zef_cleared'] = MySQL::SQLValue($new_array['zef_cleared'] ? 1 : 0, MySQL::SQLVALUE_NUMBER); $filter['zef_ID'] = MySQL::SQLValue($id, MySQL::SQLVALUE_NUMBER); $table = $kga['server_prefix'] . "zef"; $query = MySQL::BuildSQLUpdate($table, $values, $filter); $success = true; if (!$conn->Query($query)) { $success = false; } if ($success) { if (!$conn->TransactionEnd()) { $conn->Kill(); } } else { if (!$conn->TransactionRollback()) { $conn->Kill(); } } return $success; // $data['pct_ID'] // $data['evt_ID'] // $data['comment'] // $data['comment_type'] // $data['erase'] // $data['in'] // $data['out'] // $data['diff'] // if wrong time values have been entered in the edit window // the following 3 variables arrive as zeros - like so: // $data['in'] = 0; // $data['out'] = 0; // $data['diff'] = 0; // in this case the record has to be edited WITHOUT setting new time values // @oleg: ein zef-eintrag muss auch ohne die zeiten aktualisierbar sein weil die ggf. bei der prüfung durchfallen. }
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $emailErr = "Invalid email format!"; } } if (empty($_POST['password'])) { echo 'password is required' . '<br />'; } else { $password = clean_data($_POST['password']); if (!preg_match("/^[a-zA-Z ]*\$/", $password)) { $passErr = "Only letters and white space allowed!"; } } if (empty($_POST['password2'])) { echo 'password retype is required' . '<br />'; } else { $password2 = clean_data($_POST['password2']); if (!preg_match("/^[a-zA-Z ]*\$/", $password2)) { $pass2Err = "Only letters and white space allowed!"; } } if ($password == $password2) { $password = sha1($password); $q = "INSERT INTO users (username, password, email)\n\t\tVALUES ('{$username}', '{$password}', '{$email}')\n\t\t"; if ($conn->query($q) == TRUE) { $msg = 'added success now please..'; } else { echo "Error: " . $q . "<br>" . $conn->error; } } else { echo 'passwords must match'; }
$tiiconfigfield->value = $value; if (!$DB->update_record('config_plugins', $tiiconfigfield)) { error("errorupdating"); } } else { $tiiconfigfield = new stdClass(); $tiiconfigfield->value = $value; $tiiconfigfield->plugin = 'plagiarism'; $tiiconfigfield->name = $field; if (!$DB->insert_record('config_plugins', $tiiconfigfield)) { error("errorinserting"); } } } if ($field == 'delall' && $value == true) { clean_data(); } if ($field == 'testglobal' && $value == true) { test_global_search(); } if ($field == 'registration' && $value == true) { echo $OUTPUT->box("<b><a href=\"https://spreadsheets.google.com/viewform?formkey=dFRPVTRiSkNzSzI1cTVManUwNWVKZXc6MQ\" target=\"_new\">Please follow this link to register!</a></b>"); } } notify(get_string('savedconfigsuccess', 'plagiarism_crot'), 'notifysuccess'); } $plagiarismsettings = (array) get_config('plagiarism'); $mform->set_data($plagiarismsettings); function clean_data() { global $DB;
<?php session_start(); require_once './inc/functions.php'; require_once './inc/db_connect.php'; if ($_POST) { $username = clean_data($_POST['username']); $password = clean_data($_POST['password']); $query = 'SELECT * FROM gallery_admins WHERE username =:username AND password=:password'; $preparedStatement = $bdd->prepare($query); $preparedStatement->bindParam(':username', $username); $preparedStatement->bindParam(':password', $password); $preparedStatement->execute(); $posts = $preparedStatement->fetchAll(PDO::FETCH_ASSOC); if (count($posts) > 0) { $_SESSION['username'] = $posts[0]['username']; header('Location:index.php'); exit; } } ?> <!DOCTYPE html> <html lang="en"> <head> <title>Connection | The Mashup project</title> <meta charset="UTF-8" /> <meta name="viewport" content="user-scalable=no, width=device-width, initial-scale=1.0" /> <link rel="icon" type="image/png" href="img/favicon.png" /> <link rel="stylesheet" type="text/css" href="style.css" /> </head> <body>
if (!is_numeric($_POST["phone"])) { $phoneErr = "numbers only please!"; } } if (empty($_POST['pass'])) { echo 'password is required'; } else { $pass = clean_data($_POST['pass']); if (!preg_match("/^[a-zA-Z ]*\$/", $pass)) { $passErr = "Only letters and white space allowed!"; } } if (empty($_POST['pass_2'])) { echo 'password retype is required'; } else { $pass_2 = clean_data($_POST['pass_2']); if (!preg_match("/^[a-zA-Z ]*\$/", $pass_2)) { $pass2Err = "Only letters and white space allowed!"; } } if ($pass == $pass_2) { $pass = sha1($pass); $q = "INSERT INTO users (name, password, email, phone)\n VALUES ('{$name}', '{$pass}', '{$email}', '{$phone}')\n "; if ($conn->query($q) == TRUE) { $msg = 'added success now please..'; } else { echo "Error: " . $q . "<br>" . $conn->error; } } else { echo 'passwords must match'; }
if (isset($_REQUEST["param"])) { switch ($_REQUEST["param"]) { case "wp_cleanup": if (wp_verify_nonce($_REQUEST["_wpnonce"], "clear_wp_data")) { $type = $_REQUEST["typeClean"]; clean_data($type); die; } break; case "bulk_delete_action": if (wp_verify_nonce($_REQUEST["_wpnonce"], "bulk_clear_wp_data")) { $val = ""; $types = $_REQUEST["ux_chk_cleanup"]; print_r($types); for ($flag = 0; $flag < count($types); $flag++) { clean_data($types[$flag]); } die; } break; case "bulk_selected_action": if (wp_verify_nonce($_REQUEST["_wpnonce"], "bulk_action_table")) { $types = $_REQUEST["ux_ddl_bulk_action_db_optimzier"]; $chk_value = $_REQUEST["ux_chk_cleanup_arr_db"]; $test = array(); if (is_multisite()) { for ($flag1 = 0; $flag1 < count($chk_value); $flag1++) { if ((strstr($chk_value[$flag1], $wpdb->terms) || strstr($chk_value[$flag1], $wpdb->term_taxonomy) || strstr($chk_value[$flag1], $wpdb->term_relationships) || strstr($chk_value[$flag1], $wpdb->commentmeta) || strstr($chk_value[$flag1], $wpdb->comments) || strstr($chk_value[$flag1], $wpdb->links) || strstr($chk_value[$flag1], $wpdb->options) || strstr($chk_value[$flag1], $wpdb->postmeta) || strstr($chk_value[$flag1], $wpdb->posts) || strstr($chk_value[$flag1], $wpdb->users) || strstr($chk_value[$flag1], $wpdb->usermeta) || strstr($chk_value[$flag1], $wpdb->prefix . "cleanup_optimizer_wp_scheduler") || strstr($chk_value[$flag1], $wpdb->prefix . "cleanup_optimizer_db_scheduler") || strstr($chk_value[$flag1], $wpdb->prefix . "cleanup_optimizer_login_log") || strstr($chk_value[$flag1], $wpdb->prefix . "cleanup_optimizer_plugin_settings") || strstr($chk_value[$flag1], $wpdb->prefix . "cleanup_optimizer_licensing") || strstr($chk_value[$flag1], $wpdb->prefix . "cleanup_optimizer_block_single_ip") || strstr($chk_value[$flag1], $wpdb->prefix . "cleanup_optimizer_block_range_ip") || strstr($chk_value[$flag1], $wpdb->signups) || strstr($chk_value[$flag1], $wpdb->sitemeta) || strstr($chk_value[$flag1], $wpdb->site) || strstr($chk_value[$flag1], $wpdb->registration_log) || strstr($chk_value[$flag1], $wpdb->blogs) || strstr($chk_value[$flag1], $wpdb->blog_versions)) == true) { } else { switch ($types) { case 1:
//optional fields; therefore, they are allowed to be empty. $addContactAddressLine2 = empty($_POST['addContactAddressLine2']) ? '' : $_POST['addContactAddressLine2']; $addContactDepartmentWebsite = empty($_POST['addContactDepartmentWebsite']) ? '' : $_POST['addContactDepartmentWebsite']; $addContactIndividualWebsite = empty($_POST['addContactIndividualWebsite']) ? '' : $_POST['addContactIndividualWebsite']; $addContactCampus = empty($_POST['addContactCampus']) ? '' : $_POST['addContactCampus']; //check to make sure State data is in the array of valid states. if not, show an error. if (empty($errorArray['addContactState'])) { if (!in_array($addContactState, $listOfStates)) { $errorArray['addContactState'] = '<span class="form-error">You must select a State from the dropdown list!</span>'; } } //clean optional fields, as they were not checked using check_if_empty (and therefore were not cleaned). $addContactAddressLine2 = clean_data($addContactAddressLine2); $addContactDepartmentWebsite = clean_data($addContactDepartmentWebsite); $addContactIndividualWebsite = clean_data($addContactIndividualWebsite); $addContactCampus = clean_data($addContactCampus); //if everything is valid, add instructor contact data to database and redirect to table page. if (empty($errorArray)) { //get database connection named $geologyDBConnection require '../secure-includes/db-connection.php'; //escape data for mySQL database $addContactFName = mysqli_real_escape_string($geologyDBConnection, $addContactFName); $addContactLName = mysqli_real_escape_string($geologyDBConnection, $addContactLName); $addContactEmailAddress = mysqli_real_escape_string($geologyDBConnection, $addContactEmailAddress); $addContactPhoneNumber = mysqli_real_escape_string($geologyDBConnection, $addContactPhoneNumber); $addContactState = mysqli_real_escape_string($geologyDBConnection, $addContactState); $addContactCity = mysqli_real_escape_string($geologyDBConnection, $addContactCity); $addContactZIP = mysqli_real_escape_string($geologyDBConnection, $addContactZIP); $addContactAddressLine1 = mysqli_real_escape_string($geologyDBConnection, $addContactAddressLine1); $addContactInstitution = mysqli_real_escape_string($geologyDBConnection, $addContactInstitution); $addContactDepartment = mysqli_real_escape_string($geologyDBConnection, $addContactDepartment);
//optional fields; therefore, they are allowed to be empty. $updateContactAddressLine2 = empty($_POST['updateContactAddressLine2']) ? '' : $_POST['updateContactAddressLine2']; $updateContactDepartmentWebsite = empty($_POST['updateContactDepartmentWebsite']) ? '' : $_POST['updateContactDepartmentWebsite']; $updateContactIndividualWebsite = empty($_POST['updateContactIndividualWebsite']) ? '' : $_POST['updateContactIndividualWebsite']; $updateContactCampus = empty($_POST['updateContactCampus']) ? '' : $_POST['updateContactCampus']; //check to make sure State data is in the array of valid states. if not, show an error. if (empty($errorArray['updateContactState'])) { if (!in_array($updateContactState, $listOfStates)) { $errorArray['updateContactState'] = '<span class="form-error">You must select a State from the dropdown list!</span>'; } } //clean optional fields, as they were not checked using check_if_empty (and therefore were not cleaned). $updateContactAddressLine2 = clean_data($updateContactAddressLine2); $updateContactDepartmentWebsite = clean_data($updateContactDepartmentWebsite); $updateContactIndividualWebsite = clean_data($updateContactIndividualWebsite); $updateContactCampus = clean_data($updateContactCampus); //if everything is valid, add instructor contact data to database and redirect to table page. if (empty($errorArray)) { //get database connection named $geologyDBConnection require '../secure-includes/db-connection.php'; //escape data for mySQL database $updateContactFName = mysqli_real_escape_string($geologyDBConnection, $updateContactFName); $updateContactLName = mysqli_real_escape_string($geologyDBConnection, $updateContactLName); $updateContactEmailAddress = mysqli_real_escape_string($geologyDBConnection, $updateContactEmailAddress); $updateContactPhoneNumber = mysqli_real_escape_string($geologyDBConnection, $updateContactPhoneNumber); $updateContactState = mysqli_real_escape_string($geologyDBConnection, $updateContactState); $updateContactCity = mysqli_real_escape_string($geologyDBConnection, $updateContactCity); $updateContactZIP = mysqli_real_escape_string($geologyDBConnection, $updateContactZIP); $updateContactAddressLine1 = mysqli_real_escape_string($geologyDBConnection, $updateContactAddressLine1); $updateContactInstitution = mysqli_real_escape_string($geologyDBConnection, $updateContactInstitution); $updateContactDepartment = mysqli_real_escape_string($geologyDBConnection, $updateContactDepartment);
<?php session_start(); require_once './inc/functions.php'; require_once './inc/db_connect.php'; if (isset($_SESSION['username'])) { if ($_GET) { $id = clean_data($_GET['id']); $query = 'DELETE FROM gallery_posts WHERE id=:id'; $preparedStatement = $bdd->prepare($query); $preparedStatement->bindParam(':id', $id); $preparedStatement->execute(); header('Location:index.php'); exit; } else { header('Location:index.php'); exit; } } else { header('Location:index.php'); exit; }
function copy_upsell($oldid, $newid) { global $dbh; $query = "SELECT * FROM item_upselling WHERE item_id='{$oldid}'"; if (!($res = $dbh->query($query))) { return false; } if (DEBUG >= 3) { print "Processing " . $res->num_rows . " item_upselling for {$oldid}...\n"; } while ($row = $res->fetch_assoc()) { $row['item_id'] = $newid; $row['old_child'] = $row['child_item_id']; unset($row['id']); $row = clean_data($row); $query = "INSERT INTO item_upselling (" . implode(',', array_keys($row)) . ") VALUES ('" . implode("','", array_values($row)) . "')"; if (!$dbh->query($query)) { return false; } } return true; }
include_once '../connection.php'; if (isset($_POST)) { if (!empty($_POST['name']) && !empty($_POST['pass'])) { $name = $_POST['name']; $pass = $_POST['pass']; $keep = $_POST['keep']; function clean_data($data) { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); return $data; } $name = clean_data($name); $pass = clean_data($pass); $pass = sha1($pass); $q = "SELECT * FROM users WHERE name = '{$name}' AND password = '******'"; $result = $conn->query($q); if ($result->num_rows == 1) { $row = mysqli_fetch_object($result); if ($row->type == 'user') { echo 'succesfully logged in'; session_start(); $info = array('username' => $name, 'loggedin' => TRUE, 'loginDate' => time(), 'lastlogged' => time(), 'ip' => $_SERVER['REMOTE_ADDR'], 'via' => 'form', 'keepLoggedIn' => $keep, 'type' => 'user'); $_SESSION['LOGIN'] = $info; echo '<pre>'; print_r($_SESSION['LOGIN']); if ($keep == 1) { $cookie = setcookie('logindata', '1' . base64_encode(serialize($info)), time() + 2592000, '/'); print_r($_COOKIE);
} else { if (strlen($data['password']) > 30) { $errors['password'] = '******'; } } } if ($data['password'] != $data['password_repeat']) { $errors['password'] = '******'; } return $errors; } if (isset($_SESSION['auth']) && $_SESSION['auth'] == true) { header('Location:index.php'); } else { if (!empty($_POST['form_inscription'])) { $data = clean_data($_POST); $errors = check_data($data); require_once 'config.php'; $req = $pdo->prepare('SELECT * FROM users WHERE pseudo = ?'); $req->execute(array($data['pseudo'])); $nb_rows = $req->rowCount(); if ($nb_rows > 0) { $errors['pseudo_used'] = 'Erreur : Pseudo déjà utilisé.'; } if (empty($errors)) { $password = sha1($data['password']); $pseudo = $data['pseudo']; $sexe = $data['sexe']; $color = $data['color']; $req = 'INSERT INTO users (login,password,sexe, color, role) VALUES (:login, :password, :sexe, :color, :role)'; $insert = $pdo->prepare($req);
<td class='fSmall'><input type="text" name="server_name" maxlength="255" size="35" value="<?php echo clean_data($_POST['server_name']); ?> " /></td> </tr> <tr valign="bottom" class="head"> <td class='fSmall'>Rcon Password</td> <td class='fSmall'><input type="text" name="server_rcon" maxlength="128" size="15" value="<?php echo clean_data($_POST['server_rcon']); ?> " /></td> </tr> <tr valign="bottom" class="head"> <td class='fSmall'>Public Address</td> <td class='fSmall'><input type="text" name="public_address" maxlength="128" size="15" value="<?php echo clean_data($_POST['public_address']); ?> " /></td> </tr> <tr valign="bottom" class="head"> <td class='fSmall'>Admin Mod</td> <td class='fSmall'> <select name="game_mod"> <option value="PLEASESELECT">PLEASE SELECT</option> <?php $db->query("SELECT code, name FROM `hlstats_Mods_Supported`"); while ($row = $db->fetch_array()) { echo '<option value="' . $row['code'] . '">' . $row['name'] . '</option>'; } ?> </select>
function fix_session($incoming) { $result = str_replace('-', '_', $incoming); return $result; } //------------------------------------------------------------------------------------- debug("Run start"); // pre clean ... $data = $_POST; if (empty($_POST) == true) { debug('Processing POST data ..'); $data = $HTTP_RAW_POST_DATA; } debug("Processing RAW Post data ..."); if (empty($data) == true) { debug('ERROR: Unable to extract data from POST message!'); return; } // take out the payload and fix any malformed xml ... array_push($pure, clean_data($data)); // Process the pure xml payload ... foreach ($pure as $value) { $decoded = urldecode($value[1]); debug("Decoded: " . $decoded); $xml = new SimpleXMLElement($value[0]); $session_id = fix_session($xml['session_id']); fwrite($logFile, "[[ENVELOPE]][s:" . $session_id . "] -- " . $value[0] . "\n"); fwrite($logFile, "[[CONTENT ]][s:" . $session_id . "] -- " . $decoded . "\n"); } echo 'MESSAGE RECEIVED'; debug("Run end");
/** * edit exp entry * * @param integer $id ID of record * @global array $kga kimai-global-array * @param integer $data array with new record data * @author th */ function exp_edit_record($id, $data) { global $kga, $conn; $data = clean_data($data); $original_array = exp_get_data($id); $new_array = array(); foreach ($original_array as $key => $value) { if (isset($data[$key]) == true) { $new_array[$key] = $data[$key]; } else { $new_array[$key] = $original_array[$key]; } } $values['exp_pctID'] = MySQL::SQLValue($new_array['exp_pctID'], MySQL::SQLVALUE_NUMBER); $values['exp_designation'] = MySQL::SQLValue($new_array['exp_designation']); $values['exp_comment'] = MySQL::SQLValue($new_array['exp_comment']); $values['exp_comment_type'] = MySQL::SQLValue($new_array['exp_comment_type'], MySQL::SQLVALUE_NUMBER); $values['exp_timestamp'] = MySQL::SQLValue($new_array['exp_timestamp'], MySQL::SQLVALUE_NUMBER); $values['exp_multiplier'] = MySQL::SQLValue($new_array['exp_multiplier'], MySQL::SQLVALUE_NUMBER); $values['exp_value'] = MySQL::SQLValue($new_array['exp_value'], MySQL::SQLVALUE_NUMBER); $values['exp_refundable'] = MySQL::SQLValue($new_array['exp_refundable'], MySQL::SQLVALUE_NUMBER); $filter['exp_ID'] = MySQL::SQLValue($id, MySQL::SQLVALUE_NUMBER); $table = $kga['server_prefix'] . "exp"; $query = MySQL::BuildSQLUpdate($table, $values, $filter); $success = true; if (!$conn->Query($query)) { $success = false; } if ($success) { if (!$conn->TransactionEnd()) { $conn->Kill(); } } else { if (!$conn->TransactionRollback()) { $conn->Kill(); } } return $success; $original_array = exp_get_data($id); $new_array = array(); foreach ($original_array as $key => $value) { if (isset($data[$key]) == true) { $new_array[$key] = $data[$key]; } else { $new_array[$key] = $original_array[$key]; } } }
</li> <?php } $query = 'SELECT COUNT(*) FROM gallery_posts ORDER BY id DESC'; $preparedStatement = $bdd->prepare($query); $preparedStatement->bindParam(':offset', $offset); $preparedStatement->execute(); $count = $preparedStatement->fetchAll(PDO::FETCH_ASSOC); if ($count[0]['COUNT(*)'] > 10) { ?> <a href="index.php?posts=2">Next page</a> <?php } } else { $id = clean_data($_GET['posts']); $offset = intval(clean_data($_GET['posts'])) * 10 - 1; $query = 'SELECT * FROM gallery_posts ORDER BY id DESC LIMIT 10 OFFSET :offset'; $preparedStatement = $bdd->prepare($query); $preparedStatement->bindParam(':offset', $offset); $preparedStatement->execute(); $posts = $preparedStatement->fetchAll(PDO::FETCH_ASSOC); foreach ($posts as $keys => $p) { ?> <li> <figure class="img-controller"> <img src="<?php echo $p['source']; ?> " alt="<?php echo $p['title']; ?>
/** * Edits a configuration variables by replacing the data by the new array * * @param array $data variables array * @global array $kga kimai-global-array * @return boolean true on success, false on failure * @author ob */ function var_edit($data) { global $kga, $pdo_conn; $p = $kga['server_prefix']; $data = clean_data($data); $pdo_conn->beginTransaction(); $statement = $pdo_conn->prepare("UPDATE {$p}var SET value = ? WHERE var = ?"); foreach ($data as $key => $value) { $statement->bindValue(1, $value); $statement->bindValue(2, $key); if (!$statement->execute()) { return false; } } if ($pdo_conn->commit() == false) { return false; } return true; }