function Query_AddUserInput($match)
{
global $args;
$match = $match[1];
$format = 's';
if (preg_match("/^\\d+\\D\$/", $match)) {
$format = substr($match, strlen($match) - 1, 1);
$match = substr($match, 0, strlen($match) - 1);
}
$var = $args[$match + 1];
if ($var === NULL) {
return 'NULL';
}
if ($format == 'c') {
if (empty($var)) {
return 'NULL';
}
$final = '';
foreach ($var as $v) {
$final .= '\'' . SqlEscape($v) . '\',';
}
return substr($final, 0, -1);
}
if ($format == "i") {
return (string) (int) $var;
}
if ($format == "u") {
return (string) max((int) $var, 0);
}
return '\'' . SqlEscape($var) . '\'';
}
function Query_AddUserInput($match)
{
global $args;
$match = $match[1];
$format = 's';
if (preg_match("/^\\d+\\D\$/", $match)) {
$format = substr($match, strlen($match) - 1, 1);
$match = substr($match, 0, strlen($match) - 1);
}
$var = $args[$match + 1];
if ($var === NULL) {
return 'NULL';
}
if ($format == 'c') {
$final = '';
foreach ($var as $v) {
$final .= '\'' . SqlEscape($v) . '\',';
}
return substr($final, 0, -1);
}
if ($format == "i") {
return (string) (int) $var;
}
if ($format == "u") {
return (string) max((int) $var, 0);
}
if ($format == "l") {
//This is used for storing integers using the full 32bit range.
//TODO: add code to emulate the 32bit overflow on 64bit.
return (string) (int) $var;
}
return '\'' . SqlEscape($var) . '\'';
}
function HandleUsername($field, $item)
{
global $user;
if (IsReallyEmpty($_POST[$field])) {
$_POST[$field] = $user[$field];
}
$dispCheck = FetchResult("select count(*) from {users} where id != {0} and (name = {1} or displayname = {1})", $user['id'], $_POST[$field]);
if ($dispCheck) {
return format(__("The login name you entered, \"{0}\", is already taken."), SqlEscape($_POST[$field]));
} else {
if ($_POST[$field] !== ($_POST[$field] = preg_replace('/(?! )[\\pC\\pZ]/u', '', $_POST[$field]))) {
return __("The login name you entered cannot contain control characters.");
}
}
}
