public static function cleanData ($data, $type = 'standard') { $magicquotes = (get_magic_quotes_gpc() == 1 ? true : false); if (is_array($data)) { foreach ($data as $k => $v) { $data[$k] = janitor::cleanData($v, $type); } } else { # Actual processing switch ($type) { case "standard": $data = ($magicquotes ? $data : addslashes($data)); break; case "sql": $data = ($magicquotes ? database::escape(stripslashes($data)) : database::escape($data)); break; case "html": $data = htmlentities( ($magicquotes ? database::escape(stripslashes($data)) : database::escape($data))); break; case "integer": $data = intval($data); break; } } return $data; }
/** * quickbox::__construct() * * @param array $init Initialization configuration * * Constructor which basically creates quickbox * and readies it for doing things. */ public function __construct ($init) { # We need to include initialize the config class because it allows us to get and # set configuration variables without using a global require $init['quickbox/path'] . '/classes/core/config.class.php'; config::init($init); define(DEBUG, config::get('debug')); # Start a database connection $this->db = new database(); try { $this->db->init(); } catch (Exception $e) { trigger_error(text::get('system/fatalError',$e->getMessage()), E_USER_ERROR); } require $init['quickbox/path'] . '/classes/core/metaclass.class.php'; metaclass::init($this->db); # Put the post and get variables into a private for later use. $_POST = $_POST; $this->qbGet = $_GET; # Start the session, giving it the database connection. $this->qbSession = new session($this->db); if ($this->qbGet['page'] == 'logout') { $this->qbSession->logout(); } $this->qbSession->checkCookie(); if (strlen($_POST['user']) > 0 && $_POST['login'] == 1) { $this->qbErrors['login'] = $this->qbSession->login($_POST['user'], $_POST['password']); } $this->qbPage = ($_GET['page'] ? janitor::cleanData($_GET['page']) : 'home'); }
public function checkCookie ($cookie) { $user = janitor::cleanData($cookie['user'], 'sql'); $query = new query(); $query->select()->from('userUsers')->joinLeft('userGroups', 'userUsers.group', 'id')->where('username', $user)->limit( '1'); $result = $this->sDb->query($query); if ($this->sDb->numRows($result) > 0) { $data = $this->sDb->assoc($result); if ($cookie['hash'] == md5(md5($data['email']) . $data['email'])) { $query = new query(); $this->user = $user; $this->userData = $data; $this->setCookie($user, $_SESSION['userdata']['email']); $this->setSession(); } } }
function output () { # Make GET and POST safe for the template if there are no magicquotes $safePost = janitor::cleanData($_POST); $safeGet = janitor::cleanData($_GET); include $this->dInclude; # Standard page data include $this->dispatcherPath("standardPage"); $this->dOutput['debug'] = config::get('quickbox/debug'); $this->dOutput['pageName'] = $this->dPageName; $this->dOutput['path'] = $this->dPage['path']; $this->dOutput['hostpage'] = $this->dPage['hostpage']; $this->dOutput['title'] = $this->dPage['title']; $this->dOutput['sCssId'] = $this->dPage['sCssId']; $this->dOutput['sName'] = $this->dPage['sName']; $this->dOutput['sTitle'] = $this->dPage['sTitle']; $this->dOutput['pageTitle'] = ($this->dOutput['pageTitle'] ? $this->dOutput['pageTitle'] : $this->dPage['pageTitle']); $this->dOutput['pagePrefix'] = config::get('site/pagePrefix'); $this->dOutput['htmlRoot'] = config::get('site/htmlRoot'); $this->dOutput['pageVars'] = $this->dPage['pageVars']; $this->dOutput['isDefaultPage'] = ($this->dPage['sDefaultPage'] == $this->dPageName ? true : false); return $this->dOutput; }
public function makeTable ($fields = false) { if (! $fields) { $fields[] = 'id'; foreach ($this->definitions as $k => $v) { if ($v['ontable']) { $fields[] = $k; } if ($v['linkfield']) { $linkfield = $k; } } } $fields2['id'] = "ID"; foreach ($fields as $v) { $fields2[$v] = $this->definitions[$v]['title']; } $fields2['delete'] = ""; $table = new table($fields2, array ( 'class' => 'span-16' )); $fieldsList = metaclass::getItems($this->table, $fields, $this->keyField); foreach ($fieldsList as $k => $v) { $v['delete'] = text::get('form/delete'); $table->addRow($v, array ( $linkfield => array ( 'type' => 'link' , 'href' => $this->urlbase . '?id=' . $v['id'] ) , 'delete' => array ( 'type' => 'link' , 'href' => 'javascript:deleteitem(\'' . $v['id'] . '\',\'' . janitor::cleanData( $v['title']) . '\',\'' . $this->urlbase . '\')' ) )); } return $table->output(); }
/** * Saves an instantiated object to its respective table as a record. * * @return boolean Whether or not object could be saved. */ public function saveObject () { try { # Validation bit $validate = new validate(metaclass::$db); $validate->exec($this); if (! $validate->valid) { $this->invalid = $validate->invalid; return false; } else { if (! metaclass::checkTable($this)) { metaclass::createTable($this->table, $this->definitions); } if (janitor::notNull($this->id)) { # Updating existing row, editing object. foreach ($this->definitions as $k => $v) { $queryStatements[$k] = janitor::cleanData($this->properties[$k], 'sql'); } $query = new query(); $query->update($this->table)->set($queryStatements)->where('id', janitor::cleanData($this->id)); if (! metaclass::$db->query($query)) { return false; } } else { # Inserting new row, creating object. foreach ($this->properties as $k => $v) { $queryFields[] = $k; $queryData[] = janitor::cleanData($v, 'sql'); } $query = new query(); $query->insert($this->table, $queryFields)->values($queryData); if (! metaclass::$db->query($query)) { return false; } } return true; } } catch (Exception $e) { trigger_error($e->getMessage(), E_USER_ERROR); } }