function getstr($string, $length, $in_slashes = 0, $out_slashes = 0, $bbcode = 0, $html = 0) { global $_G; $string = trim($string); $sppos = strpos($string, chr(0) . chr(0) . chr(0)); if ($sppos !== false) { $string = substr($string, 0, $sppos); } if ($in_slashes) { $string = dstripslashes($string); } $string = preg_replace("/\\[hide=?\\d*\\](.*?)\\[\\/hide\\]/is", '', $string); if ($html < 0) { $string = preg_replace("/(\\<[^\\<]*\\>|\r|\n|\\s|\\[.+?\\])/is", ' ', $string); } elseif ($html == 0) { $string = dhtmlspecialchars($string); } if ($length) { $string = cutstr($string, $length); } if ($bbcode) { require_once DISCUZ_ROOT . './source/class/class_bbcode.php'; $bb =& bbcode::instance(); $string = $bb->bbcode2html($string, $bbcode); } if ($out_slashes) { $string = daddslashes($string); } return trim($string); }
function gpc($pre) { $array = array(); $pre = str_replace(" ", '', $pre); $pre = str_replace("\t", '', $pre); if (strpos($pre, '|') !== false) { $pre_array = explode('|', $pre); } foreach ($_GET as $key => $g) { if ($pre_array) { foreach ($pre_array as $v) { $substr = ''; $substr = substr($key, 0, strlen($v)); if (strstr($substr, $v)) { $array[$key] = daddslashes(htmlspecialchars($g)); } } } else { $substr = ''; $substr = substr($key, 0, strlen($pre)); if (strstr($substr, $pre)) { $array[$key] = daddslashes(htmlspecialchars($g)); } } } return $array; }
function all($tpl = '') { global $_G; $url = URL . 'a=all'; $sql = make_sql(); $size = $_G[setting][cate_page] ? $_G[setting][cate_page] : 120; if ($_GET[tag]) { $tag = trim_html($tag, 1); $tag = daddslashes($_GET[tag]); $and .= "AND FIND_IN_SET('" . $tag . "', keywords) "; $url .= "&tag=" . urlencode_utf8($tag); $sql['and'] .= $and; $sql['url'] .= $url; } $sql['key'] = 'all_'; $rs = D($sql, array('url' => $url . $sql[url], 'size' => $size)); $title = ''; if ($_GET[tag]) { $title .= $_GET[tag]; } $title .= '全部商品'; $this->add($rs); seo($title); $this->show($tpl); }
public function fetch_all_by_search($aid, $authorid, $starttime, $endtime, $idtype, $message, $start = 0, $limit = 0, $type = 1) { $idtype = in_array($idtype, array('aid', 'topicid')) ? $idtype : 'aid'; $tablename = $idtype == 'aid' ? 'portal_article_title' : 'portal_topic'; $sql = ''; $sql .= $aid ? ' AND c.' . DB::field('id', $aid) : ''; $sql .= $authorid ? ' AND c.' . DB::field('uid', $authorid) : ''; $sql .= $starttime ? ' AND c.' . DB::field('dateline', $starttime, '>') : ''; $sql .= $endtime ? ' AND c.' . DB::field('dateline', $endtime, '<') : ''; if ($message != '') { $sqlmessage = ''; $or = ''; $message = daddslashes($message); $message = explode(',', str_replace(' ', '', $message)); for ($i = 0; $i < count($message); $i++) { if (preg_match("/\\{(\\d+)\\}/", $message[$i])) { $message[$i] = preg_replace("/\\\\{(\\d+)\\\\}/", ".{0,\\1}", preg_quote($message[$i], '/')); $sqlmessage .= " {$or} c.message REGEXP '" . $message[$i] . "'"; } else { $sqlmessage .= " {$or} c.message LIKE '%" . $message[$i] . "%'"; } $or = 'OR'; } if ($sqlmessage) { $sql .= " AND ({$sqlmessage})"; } } if ($type == 2) { return DB::result_first('SELECT count(*) FROM %t c WHERE 1 %i', array($this->_table, $sql)); } else { return DB::fetch_all('SELECT c.*, a.title FROM %t c LEFT JOIN %t a ON a.`' . $idtype . '`=c.id WHERE 1 %i ORDER BY c.dateline DESC %i', array($this->_table, $tablename, $sql, DB::limit($start, $limit))); } }
function userapp_update() { global $_G; if (!empty($_G['gp_id']) && is_numeric($_G['gp_id'])) { $applist = array(); $userapp = DB::fetch_first("SELECT appid FROM " . DB::table('home_userapp_plying') . " WHERE uid='{$_G['uid']}'"); if (!empty($userapp['appid'])) { $applist = explode(',', $userapp['appid']); if (!empty($applist)) { $applist = array_diff($applist, array('')); $key = array_search($_G['gp_id'], $applist); if ($key !== false) { unset($applist[$key]); } array_unshift($applist, $_G['gp_id']); while (count($applist) > $this->num) { array_pop($applist); } } } if (empty($applist)) { $applist = array($_G['gp_id']); } if (!empty($applist)) { $appstr = implode(',', $applist); DB::insert('home_userapp_plying', array('uid' => $_G['uid'], 'appid' => daddslashes($appstr)), false, true); } } }
function searchkey($keyword, $field, $returnsrchtxt = 0) { $srchtxt = ''; if ($field && $keyword) { if (preg_match("(AND|\\+|&|\\s)", $keyword) && !preg_match("(OR|\\|)", $keyword)) { $andor = ' AND '; $keywordsrch = '1'; $keyword = preg_replace("/( AND |&| )/is", "+", $keyword); } else { $andor = ' OR '; $keywordsrch = '0'; $keyword = preg_replace("/( OR |\\|)/is", "+", $keyword); } $keyword = str_replace('*', '%', addcslashes($keyword, '%_')); $srchtxt = $returnsrchtxt ? $keyword : ''; foreach (explode('+', $keyword) as $text) { $text = trim(daddslashes($text)); if ($text) { $keywordsrch .= $andor; $keywordsrch .= str_replace('{text}', $text, $field); } } $keyword = " AND ({$keywordsrch})"; } return $returnsrchtxt ? array($srchtxt, $keyword) : $keyword; }
public function add() { $sid = intval($_GET['sid']); $sname = daddslashes($_GET['sname']); if (!isset($_SESSION['username']) || empty($_SESSION['username'])) { $this->showmessage('请登录后操作!', "index.php?controller=user&method=login"); } if (!isset($_POST['submit'])) { VIEW::assign(array('title' => "添加" . $sname . "旅游攻略", 'sid' => $sid)); VIEW::display("addstrategy.html"); } else { $strategy = daddslashes($_POST['strategy']); $impression = daddslashes($_POST['impression']); if (empty($strategy)) { $this->showmessage("请填写您的旅游攻略!", 'index.php?controller=strategy&method=add&sid=' . $sid . '&sname=' . $sname); } $username = $_SESSION['username']; $data = array('sid' => $sid, 'username' => $username, 'strategy' => $strategy, 'dateline' => time()); if (!empty($impression) && isset($impression)) { $data['impression'] = $impression; } $strategyobj = M('strategy'); $strategyobj->addStrategy($data); $this->showmessage('添加攻略成功!', 'index.php?controller=strategy&method=detail&sid=' . $sid . "&sname=" . $sname); } }
function getstr($string, $length, $in_slashes = 0, $out_slashes = 0, $censor = 0, $bbcode = 0, $html = 0) { global $_G; $string = trim($string); if ($in_slashes) { $string = dstripslashes($string); } if ($html < 0) { $string = preg_replace("/(\\<[^\\<]*\\>|\r|\n|\\s|\\[.+?\\])/is", ' ', $string); } elseif ($html == 0) { $string = dhtmlspecialchars($string); } if ($censor) { if (!class_exists('discuz_censor')) { include libfile('class/censor'); } $censor = discuz_censor::instance(); $censor->check($string); if ($censor->modbanned() || $censor->modmoderated()) { showmessage('word_banned'); } } if ($length) { $string = cutstr($string, $length); } if ($bbcode) { require_once DISCUZ_ROOT . './source/class/class_bbcode.php'; $bb =& bbcode::instance(); $string = $bb->bbcode2html($string, $bbcode); } if ($out_slashes) { $string = daddslashes($string); } return trim($string); }
function usesubmit() { global $_G; if (empty($_G['gp_pid'])) { showmessage(lang('magic/namepost', 'namepost_info_nonexistence')); } $_G['tid'] = $_G['gp_ptid']; $post = getpostinfo($_G['gp_pid'], 'pid', array('p.first', 'p.tid', 'p.fid', 'p.authorid', 'p.dateline', 'p.anonymous')); $this->_check($post); $query = DB::query("SELECT username FROM " . DB::table('common_member') . " WHERE uid='{$post['authorid']}'"); $author = daddslashes(DB::result($query, 0), 1); $thread = getpostinfo($post['tid'], 'tid', array('tid', 'subject', 'author', 'replies', 'lastposter')); $posttable = getposttablebytid($post['tid']); if ($post['first']) { $lastposter = $thread['replies'] > 0 ? $thread['lastposter'] : $author; DB::query("UPDATE " . DB::table($posttable) . " SET anonymous='0' WHERE tid='{$post['tid']}' AND first='1'"); } else { $lastposter = $author; $author = $thread['author']; DB::query("UPDATE " . DB::table($posttable) . " SET anonymous='0' WHERE pid='{$_G['gp_pid']}'"); } $forum['lastpost'] = explode("\t", DB::result_first("SELECT lastpost FROM " . DB::table('forum_forum') . " WHERE fid='{$post['fid']}'")); if ($thread['subject'] == $forum['lastpost'][1] && ($forum['lastpost'][3] == '' && $post['anonymous'])) { $lastpost = "{$thread['tid']}\t{$thread['subject']}\t{$_G['timestamp']}\t{$lastposter}"; DB::query("UPDATE " . DB::table('forum_forum') . " SET lastpost='{$lastpost}' WHERE fid='{$post['fid']}'", 'UNBUFFERED'); } DB::query("UPDATE " . DB::table('forum_thread') . " SET author='{$author}', lastposter='{$lastposter}' WHERE tid='{$post['tid']}'"); usemagic($this->magic['magicid'], $this->magic['num']); updatemagiclog($this->magic['magicid'], '2', '1', '0', 0, 'tid', $_G['gp_tid']); if ($post['authorid'] != $_G['uid']) { notification_add($post['authorid'], 'magic', lang('magic/namepost', 'namepost_notification'), array('pid' => $_G['gp_pid'], 'tid' => $_G['gp_tid'], 'subject' => $thread['subject'], 'magicname' => $this->magic['name'])); } showmessage(lang('magic/namepost', 'namepost_succeed'), dreferer(), array(), array('showdialog' => 1, 'locationtime' => true)); }
public function cronAction() { $day = daddslashes(trim($this->reqVar('day', ''))); $time_stamp = time(); if (!empty($day)) { $time_stamp = strtotime($day); } $ctime = date("Y-m-d", $time_stamp - 60 * 60 * 24 * 2); // 2天注册的用户 android $this->stat($ctime, 0); $ctime = date("Y-m-d", $time_stamp - 60 * 60 * 24 * 4); // 4天注册的用户 $this->stat($ctime, 1); $ctime = date("Y-m-d", $time_stamp - 60 * 60 * 24 * 8); // 8天注册的用户 $this->stat($ctime, 2); $ctime = date("Y-m-d", $time_stamp - 60 * 60 * 24 * 2); // 2天注册的用户 ios $this->stat($ctime, 3); $ctime = date("Y-m-d", $time_stamp - 60 * 60 * 24 * 4); // 4天注册的用户 $this->stat($ctime, 4); $ctime = date("Y-m-d", $time_stamp - 60 * 60 * 24 * 8); // 8天注册的用户 $this->stat($ctime, 5); }
function usesubmit() { global $_G; $id = intval($_GET['id']); if (empty($id)) { showmessage(lang('magic/namepost', 'namepost_info_nonexistence')); } $idtype = !empty($_GET['idtype']) ? dhtmlspecialchars($_GET['idtype']) : ''; if (!in_array($idtype, array('pid', 'cid'))) { showmessage(lang('magic/namepost', 'namepost_use_error')); } if ($idtype == 'pid') { $_G['tid'] = intval($_GET['ptid']); $post = getpostinfo($id, 'pid', array('p.first', 'p.tid', 'p.fid', 'p.authorid', 'p.dateline', 'p.anonymous')); $this->_check($post); $authorid = $post['authorid']; $author = $post['anonymous'] ? '' : 1; } elseif ($idtype == 'cid') { $comment = C::t('home_comment')->fetch($id); $authorid = $comment['authorid']; $author = $comment['author']; } if ($author) { showmessage('magicuse_bad_object'); } $member = getuserbyuid($authorid); if (!checkmagicperm($this->parameters['targetgroups'], $member['groupid'])) { showmessage(lang('magic/namepost', 'namepost_info_user_noperm')); } $author = daddslashes($member['username']); usemagic($this->magic['magicid'], $this->magic['num']); updatemagiclog($this->magic['magicid'], '2', '1', '0', 0, $idtype, $id); showmessage(lang('magic/namepost', 'magic_namepost_succeed'), 'javascript:;', array('uid' => $authorid, 'username' => $author, 'avatar' => 1), array('alert' => 'right')); }
public function tjAction() { $password = $this->reqVar('passwd', ''); $startDate = daddslashes($this->reqVar('start_date', '')); $whereStr = ''; if ($password == $this->password && !empty($startDate)) { $startDateWhere = date("Y-m-d 00:00:00", strtotime($startDate)); $endDateWhere = date("Y-m-d 23:59:59", strtotime($startDate)); $whereStr = " ctime>='{$startDateWhere}' AND ctime<='{$endDateWhere}' AND ad_id='share_random'"; $startTime = time(); $cNum = $uNum = $ssNum = 0; for ($i = 0; $i < 100; $i++) { if (strlen($i) == 1) { $tableStr = '0' . $i; } else { $tableStr = $i; } $scoreRe = $this->scoreModel->query("SELECT COUNT(*) as c_num, COUNT(DISTINCT uid) as u_num, SUM(score) as ss_num\n FROM z_score_log_{$tableStr}\n WHERE {$whereStr} LIMIT 1"); if ($scoreRe) { foreach ($scoreRe as $key => $val) { $cNum = $val['c_num'] + $cNum; $uNum = $val['u_num'] + $uNum; $ssNum = $val['ss_num'] + $ssNum; } } } echo '中奖数:' . $cNum . '--中奖用户数:' . $uNum . '--中奖金额:' . $ssNum / 100; $runTime = time() - $startTime; echo "<br/>运行时间为(秒)" . $runTime; } else { echo "参数错误!"; } }
function userlogin($username, $password, $questionid, $answer, $loginfield = 'username') { $return = array(); if ($loginfield == 'uid') { $isuid = 1; } elseif ($loginfield == 'email') { $isuid = 2; } elseif ($loginfield == 'auto') { $isuid = 3; } else { $isuid = 0; } if (!function_exists('uc_user_login')) { loaducenter(); } if ($isuid == 3) { if (preg_match('/^[1-9]\\d*$/', $username)) { $return['ucresult'] = uc_user_login($username, $password, 1, 1, $questionid, $answer); } elseif (isemail($username)) { $return['ucresult'] = uc_user_login($username, $password, 2, 1, $questionid, $answer); } if ($return['ucresult'][0] <= 0) { $return['ucresult'] = uc_user_login($username, $password, 0, 1, $questionid, $answer); } } else { $return['ucresult'] = uc_user_login($username, $password, $isuid, 1, $questionid, $answer); } $tmp = array(); $duplicate = ''; list($tmp['uid'], $tmp['username'], $tmp['password'], $tmp['email'], $duplicate) = daddslashes($return['ucresult'], 1); $return['ucresult'] = $tmp; if ($duplicate && $return['ucresult']['uid'] > 0) { if ($olduid = DB::result_first("SELECT uid FROM " . DB::table('common_member') . " WHERE username='******'ucresult']['username']) . "'")) { require_once libfile('function/membermerge'); if ($olduid != $return['ucresult']['uid']) { membermerge($olduid, $return['ucresult']['uid']); } uc_user_merge_remove($return['ucresult']['username']); } else { $return['status'] = 0; return $return; } } if ($return['ucresult']['uid'] <= 0) { $return['status'] = 0; return $return; } $member = DB::fetch_first("SELECT * FROM " . DB::table('common_member') . " WHERE uid='" . $return['ucresult']['uid'] . "'"); if (!$member) { $return['status'] = -1; return $return; } $return['member'] = $member; $return['status'] = 1; if (addslashes($member['email']) != $return['ucresult']['email']) { DB::query("UPDATE " . DB::table('common_member') . " SET email='" . $return['ucresult']['email'] . "' WHERE uid='" . $return['ucresult']['uid'] . "'"); } return $return; }
function insert_new_reply() { global $_G; $tid = intval($_POST['tid']); $post = array('tid' => $tid, 'author' => $_G['username'], 'authorid' => $_G['uid'], 'audio' => '', 'message' => $_POST['content'], 'fname' => '', 'first' => 0, 'dateline' => time()); C::t("#smart_video#video")->increase_by_where('smart_video_thread', 'reply', "tid={$tid}"); smart_record(1); return C::t("#smart_video#video")->insert_new("smart_video_post", daddslashes($post), true); }
public function raffleAction() { $ajax = daddslashes($this->reqVar('ajax', '')); if ($ajax == 'tid') { $tid = (int) $this->reqVar('tid', 0); if ($tid > 0) { $isThread = $this->siteThreadModel->query("SELECT 'X' FROM zs_forum_post WHERE tid='{$tid}' LIMIT 1"); if ($isThread) { exit("1"); } } exit("0"); } else { $dosubmit = daddslashes($this->postVar('dosubmit', '')); $raffleAdd['tid'] = (int) $this->postVar('tid', 0); $raffleAdd['num'] = (int) $this->postVar('num', 0); $raffleAdd['is_images'] = (int) $this->postVar('is_images', 0); $raffleAdd['creater'] = UNAME; if (!empty($dosubmit)) { if (empty($raffleAdd['tid'])) { $this->redirect('请填写帖子ID!', '', 3); die; } if (empty($raffleAdd['num'])) { $this->redirect('请填写中奖人数!', '', 3); die; } $whereStr = ""; if ($raffleAdd['is_images']) { $whereStr = " AND attachment>0"; } $sqlCountStr = "SELECT count(distinct(authorid)) as num FROM zs_forum_post WHERE tid='{$raffleAdd['tid']}' AND first=0 {$whereStr} LIMIT 1"; $fPostCountRe = $this->siteThreadModel->query($sqlCountStr); if (empty($fPostCountRe[0]['num']) || $fPostCountRe[0]['num'] <= $raffleAdd['num']) { $this->redirect('中奖人数超出回帖数了!', '', 3); die; } $rid = $this->raffleModel->addRaffle($raffleAdd); if ($rid > 0) { $sqlStr = "SELECT pid FROM zs_forum_post WHERE tid='{$raffleAdd['tid']}' AND first=0 {$whereStr} group by authorid LIMIT 5000"; $fPostRe = $this->siteThreadModel->query($sqlStr); if (!empty($fPostRe[0]['pid'])) { //抽奖操作 $winnersSet = $raffleAdd; $winnersSet['rid'] = $rid; $winnersSet['post'] = $fPostRe; $this->raffle($winnersSet); $this->redirect('抽奖成功!', '/admin/thread_raffle/winners/?rid=' . $rid, 3); die; } } } $this->getViewer()->needLayout(false); $this->render('thread_raffle'); } }
function daddslashes($string) { if (!is_array($string)) { return addslashes($string); } foreach ($string as $key => $val) { $string[$key] = daddslashes($val); } return $string; }
function userlogin() { global $db, $tablepre, $_DCACHE, $ucresult, $username, $password, $questionid, $answer, $loginfield; require_once DISCUZ_ROOT . './uc_client/client.php'; if ($loginfield == 'uid') { $isuid = 1; } elseif ($loginfield == 'email') { $isuid = 2; } else { $isuid = 0; } $ucresult = uc_user_login($username, $password, $isuid, 1, $questionid, $answer); list($tmp['uid'], $tmp['username'], $tmp['password'], $tmp['email'], $duplicate) = daddslashes($ucresult, 1); $ucresult = $tmp; if ($duplicate && $ucresult['uid'] > 0) { if ($olduid = $db->result_first("SELECT uid FROM {$tablepre}members WHERE username='******'username']) . "'")) { require_once DISCUZ_ROOT . './include/membermerge.func.php'; membermerge($olduid, $ucresult['uid']); uc_user_merge_remove($ucresult['username']); } else { return 0; } } if ($ucresult['uid'] <= 0) { return 0; } $member = $db->fetch_first("SELECT m.uid AS discuz_uid, m.username AS discuz_user, m.password AS discuz_pw, m.secques AS discuz_secques,\r\n\t\tm.email, m.adminid, m.groupid, m.styleid, m.lastvisit, m.lastpost, u.allowinvisible\r\n\t\tFROM {$tablepre}members m LEFT JOIN {$tablepre}usergroups u USING (groupid)\r\n\t\tWHERE m.uid='{$ucresult['uid']}'"); if (!$member) { return -1; } $member['discuz_userss'] = $member['discuz_user']; $member['discuz_user'] = addslashes($member['discuz_user']); foreach ($member as $var => $value) { $GLOBALS[$var] = $value; } if (addslashes($member['email']) != $ucresult['email']) { $db->query("UPDATE {$tablepre}members SET email='{$ucresult['email']}' WHERE uid='{$ucresult['uid']}'"); } if ($questionid > 0 && empty($member['discuz_secques'])) { $GLOBALS['discuz_secques'] = random(8); $db->query("UPDATE {$tablepre}members SET secques='{$GLOBALS['discuz_secques']}' WHERE uid='{$ucresult['uid']}'"); } $GLOBALS['styleid'] = $member['styleid'] ? $member['styleid'] : $_DCACHE['settings']['styleid']; $cookietime = intval(isset($_POST['cookietime']) ? $_POST['cookietime'] : 0); dsetcookie('cookietime', $cookietime, 31536000); dsetcookie('auth', authcode("{$member['discuz_pw']}\t{$member['discuz_secques']}\t{$member['discuz_uid']}", 'ENCODE'), $cookietime, 1, true); dsetcookie('loginuser'); dsetcookie('activationauth'); dsetcookie('pmnum'); $GLOBALS['sessionexists'] = 0; if ($_DCACHE['settings']['frameon'] && $_DCOOKIE['frameon'] == 'yes') { $GLOBALS['extrahead'] .= '<script>if(top != self) {parent.leftmenu.location.reload();}</script>'; } return 1; }
public function indexAction() { $keyword = daddslashes($this->reqVar('keyword', '')); $startTime = daddslashes($this->reqVar('start_time', '')); $endTime = daddslashes($this->reqVar('end_time', '')); $page = (int) $this->reqVar('page', 1); $pageUrl = "/admin/operate/"; if (!empty($keyword)) { $opertaeSet['operat'] = $keyword; $pageUrl .= "?keyword={$keyword}"; } if (!empty($startTime)) { $opertaeSet['start_time'] = $startTime; $pageUrl .= !empty($keyword) ? "&" : "?"; $pageUrl .= "&start_time={$startTime}"; } if (!empty($endTime)) { $opertaeSet['end_time'] = $endTime; if (!empty($keyword) || !empty($startTime)) { $pageUrl .= "&end_time={$endTime}"; } else { $pageUrl .= "?end_time={$endTime}"; } } $operateList = $this->operateModel->getOpLogList($opertaeSet, $page, 20); if ($operateList) { foreach ($operateList as $key => $val) { $contentStr = ''; $content = json_decode($val['content'], true); // die(); if (is_array($content)) { foreach ($content as $ckey => $cval) { $contentStr .= $ckey . "/" . $cval . ","; } $contentStr = trim($contentStr, ","); $contentSub = cn_substr($contentStr, 20); $operateList[$key]['content'] = $contentStr; $operateList[$key]['content_sub'] = $contentSub; } else { $operateList[$key]['content'] = $operateList[$key]['content_sub'] = $content; } // $operateList[$key]['content_sub'] = $val['content']; } } $operateCount = $this->operateModel->getOpLogCount($opertaeSet); $operatePages = pages($operateCount, $page, 20, $pageUrl, array()); $this->assign('keyword', $keyword); $this->assign('startTime', $startTime); $this->assign('endTime', $endTime); $this->assign('operateList', $operateList); $this->assign('operatePages', $operatePages); $this->assign("page", $page); $this->getViewer()->needLayout(false); $this->render('operate_list'); }
function daddslashes($string) { if (is_array($string)) { foreach ($string as $key => $val) { $string[$key] = daddslashes($val); } } else { $string = addslashes($string); } return $string; }
static function filter($str) { if (is_array($str)) { foreach ($str as $key => $val) { $str[$key] = daddslashes($val, $force); } } else { $str = addslashes($str); } return $str; }
/** * 获取表结构 */ public function getCacheAction() { $key = daddslashes($this->getVar('key')); //键名是:数据库名_表名 if (empty($key)) { return false; } $memcache = Leb_Dao_Memcache::getInstance(); $result = $memcache->get($key); var_dump($result); }
public function ajaxchannelAction() { $channel = daddslashes($this->getVar('channel', '')); if (!empty($channel)) { $channelSetRe = $this->channelSetModel->getChannelSet(array("channel" => $channel)); if ($channelSetRe) { exit("0"); } } exit("1"); }
function daddslashes($string, $force = 1) { if (is_array($string)) { foreach ($string as $key => $val) { unset($string[$key]); $string[addslashes($key)] = daddslashes($val, $force); } } else { $string = addslashes($string); } return $string; }
public function pak_ppjoyAction() { $channel = daddslashes(trim($this->reqVar('channel', ''))); $invite = (int) $this->reqVar('invite', 0); $c = daddslashes(trim($this->reqVar('c', ''))); $pakRe = $this->pakIos($channel, $invite, $c); if (1 == $pakRe['status']) { echo "itms-services://?action=download-manifest&url=" . $pakRe["url"]; } else { echo "error"; } }
function daddslashes($string, $force = 0) { if (!$GLOBALS["magic_quotes_gpc"] || $force) { if (is_array($string)) { foreach ($string as $key => $val) { $string[$key] = daddslashes($val, $force); } } else { $string = addslashes($string); } } return $string; }
function daddslashes($string, $force = 0, $strip = FALSE) { if (!MAGIC_QUOTES_GPC || $force) { if (is_array($string)) { foreach ($string as $key => $val) { $string[$key] = daddslashes($val, $force, $strip); } } else { $string = addslashes($strip ? stripslashes($string) : $string); } } return $string; }
public static function manyoulog($logtype, $uids, $action, $fid = '') { global $_G; if ($_G['setting']['my_app_status'] && $logtype == 'user') { $action = daddslashes($action); $values = array(); $uids = is_array($uids) ? $uids : array($uids); foreach ($uids as $uid) { $uid = intval($uid); C::t('common_member_log')->insert(array('uid' => $uid, 'action' => $action, 'dateline' => TIMESTAMP), false, true); } } }
public function insert_by_bid($bid, $data) { if ($bid && $data && is_array($data)) { $data = daddslashes($data); $str = array(); foreach ($data as $value) { $str[] = "('{$value['bid']}', '{$value['pic']}', '{$value['picflag']}', '{$value['type']}')"; } if ($str) { DB::query('INSERT INTO ' . DB::table($this->_table) . ' (bid, pic, picflag, `type`) VALUES ' . implode(',', $str)); } } }
public function fetch_all_search($searchctrl, $useip, $uid, $timestamp, $searchstring, $srchmod = '') { if (!$searchctrl || !$timestamp) { return null; } $timestamp = dintval($timestamp); $uid = dintval($uid); $srchmod = dintval($srchmod); $useip = daddslashes($useip); $searchctrl = dintval($searchctrl); $searchstring = daddslashes($searchstring); return DB::fetch_all("SELECT searchid, dateline,\n\t\t\t('" . $searchctrl . "'<>'0' AND " . (empty($uid) ? "useip='{$useip}'" : "uid='{$uid}'") . " AND {$timestamp}-dateline<'" . $searchctrl . "') AS flood,\n\t\t\t(searchstring='{$searchstring}' AND expiration>'{$timestamp}') AS indexvalid\n\t\t\tFROM " . DB::table($this->_table) . "\n\t\t\tWHERE " . ($srchmod ? "srchmod='{$srchmod}' AND " : '') . "('" . $searchctrl . "'<>'0' AND " . (empty($uid) ? "useip='{$useip}'" : "uid='{$uid}'") . " AND {$timestamp}-dateline<" . $searchctrl . ") OR (searchstring='{$searchstring}' AND expiration>'{$timestamp}')\n\t\t\tORDER BY flood"); }
public function delete_by_session($session, $onlinehold, $guestspan) { if (!empty($session) && is_array($session)) { $onlinehold = time() - $onlinehold; $guestspan = time() - $guestspan; $session = daddslashes($session); $condition = " sid='{$session[sid]}' "; $condition .= " OR lastactivity<{$onlinehold} "; $condition .= " OR (uid='0' AND ip1='{$session['ip1']}' AND ip2='{$session['ip2']}' AND ip3='{$session['ip3']}' AND ip4='{$session['ip4']}' AND lastactivity>{$guestspan}) "; $condition .= $session['uid'] ? " OR (uid='{$session['uid']}') " : ''; DB::delete('common_session', $condition); } }