function action() { if (isset($_POST['action']['save'])) { $fields = $_POST['fields']; $permissions = $fields['permissions']; $name = trim($fields['name']); $page_access = $fields['page_access']; if (strlen($name) == 0) { $this->_errors['name'] = 'This is a required field'; return; } elseif ($this->_driver->roleExists($name)) { $this->_errors['name'] = 'A role with the name <code>' . $name . '</code> already exists.'; return; } $sql = "INSERT INTO `tbl_members_roles` VALUES (NULL, \n\t\t\t\t\t\t\t\t\t\t\t\t'{$name}', \n\t\t\t\t\t\t\t\t\t\t\t\t" . (strlen(trim($fields['email_subject'])) > 0 ? "'" . addslashes($fields['email_subject']) . "'" : 'NULL') . ", \n\t\t\t\t\t\t\t\t\t\t\t\t" . (strlen(trim($fields['email_body'])) > 0 ? "'" . addslashes($fields['email_body']) . "'" : 'NULL') . ")"; $this->_Parent->Database->query($sql); $role_id = $this->_Parent->Database->getInsertID(); if (is_array($page_access) && !empty($page_access)) { foreach ($page_access as $page_id) { $this->_Parent->Database->query("INSERT INTO `tbl_members_roles_page_permissions` VALUES (NULL, {$role_id}, {$page_id}, 'yes')"); } } if (is_array($permissions) && !empty($permissions)) { $sql = "INSERT INTO `tbl_members_roles_event_permissions` VALUES "; foreach ($permissions as $event_handle => $p) { foreach ($p as $action => $allow) { $sql .= "(NULL, {$role_id}, '{$event_handle}', '{$action}', '{$allow}'),"; } } $this->_Parent->Database->query(trim($sql, ',')); } redirect(extension_members::baseURL() . 'edit/' . $role_id . '/created/'); } }
/** * @return array */ public function toOptionArray() { $fields = []; $fields[] = ['value' => '0', 'label' => '-- Please Select --']; $apiEnabled = $this->helper->isEnabled($this->helper->getWebsite()); if ($apiEnabled) { $savedCampaigns = $this->registry->registry('campaigns'); if (is_array($savedCampaigns)) { $campaigns = $savedCampaigns; } else { //grab the datafields request and save to register $client = $this->helper->getWebsiteApiClient(); $campaigns = $client->getCampaigns(); $this->registry->register('campaigns', $campaigns); } //set the api error message for the first option if (isset($campaigns->message)) { //message $fields[] = ['value' => 0, 'label' => $campaigns->message]; } elseif (!empty($campaigns)) { //loop for all campaing options foreach ($campaigns as $campaign) { if (isset($campaign->name)) { //@codingStandardsIgnoreStart $fields[] = ['value' => $campaign->id, 'label' => addslashes($campaign->name)]; //@codingStandardsIgnoreEnd } } } } return $fields; }
public function onAfterBackendUsersList( $listId, &$rows, &$pageNav, &$search, &$lists, $option, $selectTagAttribs ) { global $_CB_framework; $plugin = cbgjClass::getPlugin(); $_CB_framework->document->addHeadStyleSheet( $plugin->livePath . '/admin.' . $plugin->element . '.css' ); $url = cbgjClass::getPluginURL( array( 'users', 'edit' ), null, false ); $toolbar = '<a href="#" id="gjaddgroup" class="cbtoolbar cbtoolbaraction">' . '<span class="cbicon-32-gjplugin" title="' . htmlspecialchars( CBTxt::T( 'Join GJ Group' ) ) . '"></span>' . CBTxt::T( 'Join GJ Group' ) . '</a>' . '<span class="cbtoolbarspacer" style="width:20px;"> </span>'; $js = "$( '.cbtoolbaractions' ).delegate( '#gjaddgroup', 'click', function() {" . "var usersChecked = new Array();" . "$( '#cbshowusersform input[name=\"cid[]\"]:checked' ).each( function() {" . "usersChecked.push( $( this ).val() );" . "});" . "if ( ! usersChecked.length ) {" . "alert( '" . addslashes( CBTxt::T( 'Please select a user from the list to add a CB GroupJive Group to.' ) ) . "' );" . "} else {" . "window.location = '" . addslashes( $url ) . "&users=' + usersChecked.join( '|*|' );" . "}" . "});" . "$( '.cbtoolbaractions' ).prepend( '" . addslashes( $toolbar ) . "' );"; $_CB_framework->outputCbJQuery( $js ); }
function updateBilling($Billing) { global $adb; global $table_prefix; $firstname = addslashes($Billing->firstname); $lastname = addslashes($Billing->lastname); $address = addslashes($Billing->address); $address1 = addslashes($Billing->address1); $city = addslashes($Billing->city); $query="UPDATE ".$table_prefix."_tblBilling SET ". "fldBillingLastname='$lastname',". "fldBillingFirstName='$firstname',". "fldBillingEmail='$Billing->email',". "fldBillingAddress='$address',". "fldBillingAddress1='$address1',". "fldBillingCity='$Billing->city',". "fldBillingState='$Billing->state',". "fldBillingCountry='$Billing->country',". "fldBillingZip='$Billing->zip',". "fldBillingPhoneNo='$Billing->phone'". " WHERE fldBillingID=$Billing->Id"; $adb->query($query); return true; }
/** * @return string */ private function getFromTables() { $return = ""; foreach ($this->tables as $table) { if (is_array($table)) { $table = $table[0]; } $result = $this->pdo->prepare('SELECT * FROM ' . $table); $result->execute(); $num_fields = $result->columnCount(); $return .= 'DROP TABLE IF EXISTS ' . $table . ';'; $result2 = $this->pdo->prepare('SHOW CREATE TABLE ' . $table); $result2->execute(); $row2 = $result2->fetch(); $return .= "\n\n" . $row2[1] . ";\n\n"; foreach ($result as $row) { $return .= 'INSERT INTO ' . $table . ' VALUES('; for ($j = 0; $j < $num_fields; $j++) { $row[$j] = addslashes($row[$j]); // $row[$j] = preg_replace("\n", "\\n", $row[$j]); if (isset($row[$j])) { $return .= '"' . $row[$j] . '"'; } else { $return .= '""'; } if ($j < $num_fields - 1) { $return .= ','; } } $return .= ");\n"; } $return .= "\n\n\n"; } return $return; }
static function send($destinataire) { $expediteur = CBdd::select_one("SELECT email FROM user WHERE type = 2", "email"); $id_texte = CConfiguration::get_valeur('WELCOME_TEXT_ID'); $sql_texte_select = "SELECT * FROM texte WHERE id = " . $id_texte; $texte = CBdd::select_row($sql_texte_select); $sql_user = "******" . $destinataire . "'"; $user = CBdd::select_row($sql_user); $message = str_replace('$NOM', $user['nom'], $texte['text']); $message = str_replace('$PRENOM', $user['prenom'], $message); //echo $message; $sujet = $texte['nom']; $sql_unicite_message = "SELECT id FROM email WHERE destinataire = '" . addslashes($destinataire) . "' AND nom = '" . addslashes($sujet) . "'"; // echo $sql_unicite_message; if(CBdd::select_one($sql_unicite_message, 'id')) { return 1; } $sql_email_insert = "INSERT INTO email(expediteur, destinataire, nom, text, etat) VALUES ('" . addslashes($expediteur) . "', '" . addslashes($destinataire) . "', '" . addslashes($sujet) . "', '" . addslashes($message) . "', '2')"; CBdd::insert($sql_email_insert); return CMail::send_mail($destinataire, CFonction::force_stripslashes($sujet), CFonction::force_stripslashes($message), $expediteur, array(), 'Bcc: ' . $expediteur); }
function on_submit() { $email_list = Url::get('email_list'); $count = 0; if ($email_list) { $arr = explode("\n", $email_list); $arr_tmp = array(); $email_list = ''; if ($arr) { foreach ($arr as $email) { $email = str_replace(array(chr(13), chr(10)), '', stripslashes($email)); if (eregi("^[A-Z0-9._%-]+@[A-Z0-9._%-]+\\.[A-Z]{2,6}\$", $email) && !isset($arr_tmp[$email])) { $email_list .= ($email_list ? "\n" : '') . $email; $arr_tmp[$email] = 1; $count++; } } } } $this->email_list = array('email_list' => addslashes($email_list), 'time' => TIME_NOW, 'time_modify' => TIME_NOW); $this->checkFormInput('Danh sách email', 'email_list', $email_list, 'str', true, '', 1); if ($count > 50) { $this->setFormError('', "Bạn đã nhập vào {$count} email, số mail nhập vào phải <=50!"); } if (!$this->errNum) { $id = DB::insert('spam_mail', $this->email_list); if ($id) { Url::redirect_current(array('cmd' => 'email_list')); } else { $this->setFormError('', 'Không cập nhật được CSDL!'); } } }
function update($new_instance, $old_instance) { $instance = $old_instance; $instance['title'] = sanitize_text_field($new_instance['title']); $instance['adsenseCode'] = wp_filter_post_kses(addslashes($new_instance['adsenseCode'])); return $instance; }
function EditUserjs($add, $userid, $username) { global $empire, $dbtbpre; $jsid = (int) $add['jsid']; $jstempid = (int) $add['jstempid']; if (!$jsid || !$add[jsname] || !$jstempid || !$add[jssql] || !$add[jsfilename]) { printerror("EmptyUserJsname", "history.go(-1)"); } $query_first = substr($add['jssql'], 0, 7); if (!($query_first == "select " || $query_first == "SELECT ")) { printerror("JsSqlError", "history.go(-1)"); } //验证权限 CheckLevel($userid, $username, $classid, "userjs"); //删除旧js文件 if ($add['oldjsfilename'] != $add['jsfilename']) { DelFiletext($add['oldjsfilename']); } $add[jssql] = ClearAddsData($add[jssql]); $sql = $empire->query("update {$dbtbpre}enewsuserjs set jsname='{$add['jsname']}',jssql='" . addslashes($add[jssql]) . "',jstempid={$jstempid},jsfilename='{$add['jsfilename']}' where jsid={$jsid}"); //刷新js $add[jssql] = addslashes($add[jssql]); ReUserjs($add, "../"); if ($sql) { //操作日志 insert_dolog("jsid={$jsid}&jsname={$add['jsname']}"); printerror("EditUserjsSuccess", "ListUserjs.php"); } else { printerror("DbError", "history.go(-1)"); } }
function save() { // Check for request forgeries JRequest::checkToken() or die('COM_JOOMLEAGUE_GLOBAL_INVALID_TOKEN'); $cid = JRequest::getInt("cid", 0); $post = JRequest::get('post'); if ($cid > 0) { $club =& JTable::getInstance("Club", "Table"); $club->load($cid); $club->bind($post); $params =& JComponentHelper::getParams('com_joomleague'); if ($club->store() && $params->get('cfg_edit_club_info_update_notify') == "1") { $db = JFactory::getDBO(); $user = JFactory::getUser(); $query = "SELECT email\n FROM #__users \n WHERE usertype = 'Super Administrator' \n OR usertype = 'Administrator'"; $db->setQuery($query); $to = $db->loadResultArray(); $subject = addslashes(sprintf(JText::_("COM_JOOMLEAGUE_ADMIN_EDIT_CLUB_INFO_SUBJECT"), $club->name)); $message = addslashes(sprintf(JText::_("COM_JOOMLEAGUE_ADMIN_EDIT_CLUB_INFO_MESSAGE"), $user->name, $club->name)); $message .= $this->_getShowClubInfoLink(); JUtility::sendMail('', '', $to, $subject, $message); } } $this->setRedirect($this->_getShowClubInfoLink()); }
function backslash(&$arr, $escape) { $magic_on = get_magic_quotes_gpc(); if ($escape && !$magic_on) { foreach ($arr as $k => $v) { switch (gettype($v)) { case 'string': $arr[$k] = addslashes($v); break; case 'array': backslash($arr[$k], true); } } } if (!$escape && $magic_on) { foreach ($arr as $k => $v) { switch (gettype($v)) { case 'string': $arr[$k] = stripslashes($v); break; case 'array': backslash($arr[$k], false); } } } }
function content_53ae6fd99a3c76_13439061($_smarty_tpl) { ?> <script type="text/javascript"> var favorite_products_url_add = '<?php echo addslashes($_smarty_tpl->tpl_vars['link']->value->getModuleLink('favoriteproducts', 'actions', array('process' => 'add'), false)); ?> '; var favorite_products_url_remove = '<?php echo addslashes($_smarty_tpl->tpl_vars['link']->value->getModuleLink('favoriteproducts', 'actions', array('process' => 'remove'), false)); ?> '; <?php if (isset($_GET['id_product'])) { ?> var favorite_products_id_product = '<?php echo intval($_GET['id_product']); ?> '; <?php } ?> </script> <?php }
function update($new_instance, $old_instance) { $instance = $old_instance; $instance['title'] = sanitize_text_field($new_instance['title']); $instance['adsenseCode'] = current_user_can('unfiltered_html') ? $new_instance['adsenseCode'] : stripslashes(wp_filter_post_kses(addslashes($new_instance['adsenseCode']))); return $instance; }
private function tag_options($options, $prefix = "") { $attributes = array(); $html_content = array(); if (is_array($options)) { foreach ($options as $option_key => $option_value) { if (is_array($option_value)) { if ($option_key == "data") { $attributes[] = $this->tag_options($option_value, $option_key . "-"); } else { $html_content[] = $prefix . $option_key . "=" . "\"" . addslashes(json_encode($option_value)) . "\""; } } else { if (is_null($option_value) || empty($option_value) || $option_value == $option_key) { $html_content[] = $prefix . $option_key; } elseif (is_bool($option_value) && $option_value == true) { $html_content[] = $prefix . $option_key . "=" . "\"" . $prefix . $option_key . "\""; } else { $html_content[] = $prefix . $option_key . "=" . "\"" . $option_value . "\""; } } } } else { //We have only a simple string and not an array $html_content[] = $options; } return join(" ", $html_content); }
function listFlags($params) { $sql = "SELECT content.migtitle,content.id FROM content WHERE content.templateid='4'"; $resultList = array(); if ($result = queryDatabase($sql)) { while ($row = $result->fetch(PDO::FETCH_OBJ)) { array_push($resultList, $row); //print_r(mixed expression [, bool return]) } } $names = array(); foreach ($resultList as $row) { $sql = "SELECT media.id,media.name FROM media WHERE media.name LIKE '%" . strtolower(addslashes($row->migtitle)) . "%'"; //echo $sql; if ($result = queryDatabase($sql)) { while ($row2 = $result->fetch(PDO::FETCH_OBJ)) { $r = array(); $r["name"] = $row->migtitle; $r["contentid"] = $row->id; $r["mediaid"] = $row2->id; $r["file"] = $row2->name; array_push($names, $r); } } } /* header("Content-type: application/json; charset=UTF-8"); echo json_encode($names); */ $sql = "INSERT INTO content_media (contentid,mediaid,statusid) VALUES "; foreach ($names as $r) { $sql .= "(" . $r["contentid"] . "," . $r["mediaid"] . ",4),"; } echo $sql; }
function updateInfo($percent, $infoText, $debug = true) { global $command_line; if ($debug) { Debug::message($infoText, Debug::WARNING); } $percentageText = ($percent == 1)? '100': sprintf('%2.0f', $percent * 100); if (isset($command_line) and $command_line) { if ($percent < 0) { $percentageText = ' * '; } else { $percentageText .= '%'; } echo $percentageText, ' ', $infoText, "\n"; } else { echo '<script>'; if ($percent >= 0) { echo 'document.getElementById("progress-bar").style="width:' . ($percent * 100) . '%;";', "\n", 'document.getElementById("progress-bar").innerHTML ="' . $percentageText . '%";', "\n"; } if ($percent == 1) { echo 'document.getElementById("progress-bar").className = "progress-bar progress-bar-striped";'; } echo 'document.getElementById("progressbar-info").innerHTML="' . addslashes($infoText) . '";</script>'; } // This is for the buffer achieve the minimum size in order to flush data // echo str_repeat(' ', 1024 * 64); // Send output to browser immediately flush(); }
function process_login() { $username = addslashes($_POST["admin_email"]); $password = addslashes($_POST["admin_password"]); $rememberme = isset($_POST["rememberme"]) ? 1 : 0; if ($password == "") { $password = "******"; } $row = array("admin_email" => $username, "admin_password" => $password, "rememberme" => $rememberme); /*if ($this->ldapLogin($username, $password)) { $row["admin_ldap"] = 1; }*/ //login pakai row credential Auth::login($row); //kalau sukses if (Auth::isLogged()) { //load school setting // $ss = new Schoolsetting(); // $ss->loadToSession(); //redirect //Account::setRedirection (); Hook::processHook($this->login_hook); Redirect::firstPage(); } else { Redirect::loginFailed(); } }
function connexion() { try { //si le login et le mdp existent if (isset($_POST["login"]) && isset($_POST["mdp"])) { // récupération sécurisée du mdp et du login dans des variables $login = htmlspecialchars(addslashes(trim(strtoupper($_POST['login'])))); $password = htmlspecialchars(addslashes(trim(md5($_POST['mdp'])))); $_SESSION['login'] = $login; $query = "SELECT COL_NO, TAU_NO, COL_NOM, COL_PRENOM, COL_MNEMONIC FROM COLLABORATEUR WHERE COL_MNEMONIC='" . $login . "' AND (COL_PASSWORD='******' OR COL_PASS_ALL='" . $password . "')"; $result = $GLOBALS['connexion']->query($query); if (mysqli_num_rows($result) == 1) { $connection = true; $row = $result->fetch_assoc(); $_SESSION['col_id'] = $row['COL_NO']; $_SESSION['accreditation'] = $row['TAU_NO']; $_SESSION['nom'] = $row['COL_NOM']; $_SESSION['prenom'] = $row['COL_PRENOM']; $_SESSION['mnemonic'] = $row['COL_MNEMONIC']; header("Location: accueil.php"); //header ("Location: accueil_bloque.php"); } else { $_SESSION = array(); session_destroy(); return '<script>alert("Identifiant et/ou mot de passe incorrect");</script>'; } } else { $connection = false; } } catch (Exception $e) { // message en cas d'erreur die('Erreur : ' . $e->getMessage()); } return ''; }
function printResultPages(&$loc, $currPage, $pageCount, $sort) { if ($pageCount <= 1) { return false; } echo $loc->getText("biblioSearchResultPages") . ": "; $maxPg = OBIB_SEARCH_MAXPAGES + 1; if ($currPage > 1) { echo "<a href=\"javascript:changePage(" . H(addslashes($currPage - 1)) . ",'" . H(addslashes($sort)) . "')\">«" . $loc->getText("biblioSearchPrev") . "</a> "; } for ($i = 1; $i <= $pageCount; $i++) { if ($i < $maxPg) { if ($i == $currPage) { echo "<b>" . H($i) . "</b> "; } else { echo "<a href=\"javascript:changePage(" . H(addslashes($i)) . ",'" . H(addslashes($sort)) . "')\">" . H($i) . "</a> "; } } elseif ($i == $maxPg) { echo "... "; } } if ($currPage < $pageCount) { echo "<a href=\"javascript:changePage(" . ($currPage + 1) . ",'" . $sort . "')\">" . $loc->getText("biblioSearchNext") . "»</a> "; } }
public function loginAction() { if (!is_null($this->session->getCurrentUser())) { $this->redirect('/'); } if (is_null($this->request->getPost('user')) || is_null($this->request->getPost('password'))) { throw new LoginException('Неверные данные формы авторизации.'); } $user = addslashes(trim(strip_tags($this->request->getPost('user')))); $password = addslashes(trim(strip_tags($this->request->getPost('password')))); $usersModel = new Users(); try { $currentUser = $usersModel->getUsersDataByLogPass($user, $password); } catch (\Exception $e) { throw new LoginException($e->getMessage()); } if ($currentUser['roles_id'] == self::BANNED) { throw new LoginException('Доступ временно запрещен. Обратитесь к администратору.'); } unset($currentUser['password']); $userObj = new User(); $userObj->fillData($currentUser); $this->session->setCurrentUser($userObj); echo json_encode(array('location' => '/')); exit; }
function getGraphImg($title, $graph_start, $graph_end) { if (empty($graph_end)) { $graph_end = 'now'; } $initial_params = array('--start=' . $graph_start, '--end=' . $graph_end, '--title="' . $title . ' - ' . self::$name . '"'); $defs = array('DEF:a="' . $this->getFilepath() . '":input:AVERAGE', 'DEF:b="' . $this->getFilepath() . '":output:AVERAGE', 'CDEF:cdefa=a,8,*', 'CDEF:cdefb=b,8,*'); $comments = array(); $start_date_string = $end_date_string = ''; if (is_numeric($graph_start)) { $start_date_string = date('d/m/Y H:i', $graph_start); $start_date_string = str_replace(':', '\\:', $start_date_string); } if (is_numeric($graph_end)) { $end_date_string = date('d/m/Y H:i', $graph_end); $end_date_string = str_replace(':', '\\:', $end_date_string); } if ($start_date_string && $end_date_string) { $comments = array('COMMENT:"From ' . $start_date_string . ' To ' . addslashes($end_date_string) . '\\c"', 'COMMENT:" \\n"'); } $style = array('--vertical-label="bytes per second"', 'AREA:a#EACC00FF:"Inbound"', 'GPRINT:cdefa:LAST:" Current\\:%8.2lf %sbps"', 'GPRINT:cdefa:AVERAGE:"Average\\:%8.2lf %sbps"', 'GPRINT:cdefa:MAX:"Maximum\\:%8.2lf %sbps\\n"', 'LINE1:b#002A97FF:"Outbound"', 'GPRINT:cdefb:LAST:"Current\\:%8.2lf %sbps"', 'GPRINT:cdefb:AVERAGE:"Average\\:%8.2lf %sbps"', 'GPRINT:cdefb:MAX:"Maximum\\:%8.2lf %sbps\\n"'); $opts = array('--start=-1h', '--vertical-label="Bytes second"', 'DEF:inoctets="' . $this->getFilepath() . '":input:AVERAGE', 'DEF:outoctets="' . $this->getFilepath() . '":output:AVERAGE', 'AREA:inoctets#00FF00:"In traffic"', 'LINE1:outoctets#0000FF:"Out traffic"', 'CDEF:inbits=inoctets,8,*', 'CDEF:outbits=outoctets', 'COMMENT:" \\n"', 'GPRINT:inbits:AVERAGE:"Avg In traffic\\: %6.2lf %sbps"', 'COMMENT:" \\n"', 'GPRINT:inbits:MAX:"Max In traffic\\: %6.2lf %sbps"', 'GPRINT:outbits:AVERAGE:"Avg Out traffic\\: %6.2lf %sbps"', 'COMMENT:" \\n"', 'GPRINT:outbits:MAX:"Max Out traffic\\: %6.2lf %sbps"'); // // AREA:a#00CF00FF:"Inbound" \ //GPRINT:a:LAST:" Current\:%8.2lf %s" \ //GPRINT:a:AVERAGE:"Average\:%8.2lf %s" \ //GPRINT:a:MAX:"Maximum\:%8.2lf %s\n" \ //LINE1:b#002A97FF:"Outbound" \ //GPRINT:b:LAST:"Current\:%8.2lf %s" \ //GPRINT:b:AVERAGE:"Average\:%8.2lf %s" \ //GPRINT:b:MAX:"Maximum\:%8.2lf %s\n" $default_opts = parent::getDefault_graph_opts(); $params = array_merge($initial_params, $default_opts, $defs, $comments, $style); return $this->build_graph($params); }
/** * Smarty unescape modifier plugin * Type: modifier<br> * Name: unescape<br> * Purpose: unescape html entities * * @author Rodney Rehm * * @param array $params parameters * * @return string with compiled code */ function smarty_modifiercompiler_unescape($params) { if (!isset($params[1])) { $params[1] = 'html'; } if (!isset($params[2])) { $params[2] = '\'' . addslashes(Smarty::$_CHARSET) . '\''; } else { $params[2] = "'" . $params[2] . "'"; } switch (trim($params[1], '"\'')) { case 'entity': case 'htmlall': if (Smarty::$_MBSTRING) { return 'mb_convert_encoding(' . $params[0] . ', ' . $params[2] . ', \'HTML-ENTITIES\')'; } return 'html_entity_decode(' . $params[0] . ', ENT_NOQUOTES, ' . $params[2] . ')'; case 'html': return 'htmlspecialchars_decode(' . $params[0] . ', ENT_QUOTES)'; case 'url': return 'rawurldecode(' . $params[0] . ')'; default: return $params[0]; } }
function post_location_request($url, $data) { /* $data_str = urlencode(http_build_query($data)); header("Host: $host\r\n"); header("POST $path HTTP/1.1\r\n"); header("Content-type: application/x-www-form-urlencoded\r\n"); header("Content-length: " . strlen($data_str) . "\r\n"); header("Connection: close\r\n\r\n"); header($data_str); exit();*/ $CI =& get_instance(); $params = explode("&", urldecode(http_build_query($data))); $retHTML = ''; if (!$CI->is_pjax) { $retHTML .= "<html>\n<body onLoad=\"document.send_form.submit();\">\n"; } $retHTML .= '<form method="post" name="send_form" id="send_form" action="' . $url . '">'; foreach ($params as $string) { list($key, $value) = explode("=", $string); $retHTML .= "<input type=\"hidden\" name=\"" . $key . "\" value=\"" . addslashes($value) . "\">\n"; } if ($CI->is_pjax) { $retHTML .= '</form><script>document.getElementById("send_form").submit();</script>'; } else { $retHTML .= "</form>\n</body>\n</html>"; } print $retHTML; exit; }
function postparse($verify = false, $subval = false) { if ($subval) { $var = $_POST[$subval]; } else { $var = $_POST; } reset($var); $sql = ""; $keys = ""; $vals = ""; $i = 0; while (list($key, $val) = each($var)) { if ($verify === false || isset($verify[$key])) { if (is_array($val)) { $val = addslashes(serialize($val)); } $sql .= ($i > 0 ? "," : "") . "{$key}='{$val}'"; $keys .= ($i > 0 ? "," : "") . "{$key}"; $vals .= ($i > 0 ? "," : "") . "'{$val}'"; $i++; } } return array($sql, $keys, $vals); }
function add($operation, $getdata = '', $postdata = '', $appids = array(), $pri = 0) { $extra = $varextra = ''; $appadd = $varadd = array(); foreach ((array) $this->apps as $appid => $app) { $appid = $app['appid']; if ($appid == intval($appid)) { if ($appids && !in_array($appid, $appids)) { $appadd[] = 'app' . $appid . "='1'"; } else { $varadd[] = "('noteexists{$appid}', '1')"; } } } if ($appadd) { $extra = implode(',', $appadd); $extra = $extra ? ', ' . $extra : ''; } if ($varadd) { $varextra = implode(', ', $varadd); $varextra = $varextra ? ', ' . $varextra : ''; } $getdata = addslashes($getdata); $postdata = addslashes($postdata); $this->db->query("INSERT INTO " . UC_DBTABLEPRE . "notelist SET getdata='{$getdata}', operation='{$operation}', pri='{$pri}', postdata='{$postdata}'{$extra}"); $insert_id = $this->db->insert_id(); $insert_id && $this->db->query("REPLACE INTO " . UC_DBTABLEPRE . "vars (name, value) VALUES ('noteexists', '1'){$varextra}"); return $insert_id; }
function escape($string) { return addslashes( $string ); // Disable rest for now, causing problems if( !$this->dbh || version_compare( phpversion(), '4.3.0' ) == '-1' ) return mysql_escape_string( $string ); else return mysql_real_escape_string( $string, $this->dbh ); }
function stripStr($str) { if (get_magic_quotes_gpc()) { $str = stripslashes($str); } return addslashes(htmlspecialchars($str, ENT_QUOTES, 'UTF-8')); }
/** * @param string $value */ public function render($value = null) { if ($value == null) { $value = $this->renderChildren(); } return addslashes($value); }
function installLanguage2($f, $l, $m) { global $php; $patt = '/^([A-Z0-9_]+)[\\s]{0,}=[\\s]{0,}[\'"](.*)[\'"];$/'; foreach (file($f) as $item) { $item = trim($item); if ($item != '') { if (preg_match($patt, $item, $match)) { if (isset($php[$match[1]])) { $php[$match[1]][$l] = addslashes($match[2]); } else { $save = array(); if (preg_match('/^[0-9]+$/', $value)) { $save['type'] = 'int'; } else { $save['type'] = 'text'; } $save['key'] = $match[1]; $save['owner'] = $m; $save[$l] = addslashes($match[2]); $save['js'] = 1; $php[$match[1]] = $save; } } } } }
function fetchDisplay() { global $visionneuse_path; //le document $this->driver->cleanCache(); if (!$this->driver->isInCache($this->doc->id)) { $this->driver->setInCache($this->doc->id, $this->driver->openCurrentDoc()); } $ebook = new epubData($this->driver->get_cached_filename($this->doc->id)); //le titre $this->toDisplay["titre"] = $this->doc->titre; //la visionneuse $this->toDisplay["doc"] = "\n \t<div id='divEpub' style='display:block;margin:auto'>\n \t\t<div id='ePubFrameTocViewer' style='height:100%;width:25%;border:1px solid #000000;float:left;text-align:left;overflow:auto'>\n \t\t"; $identPrecedent = -1; foreach ($ebook->toc as $tocItem) { if ($tocItem["level"] == 0 && $identPrecedent >= 0) { $this->toDisplay["doc"] .= "<br>"; } $this->toDisplay["doc"] .= "<div style='text-indent:" . $tocItem["level"] * 10 . "px'>\n \t\t\t\t\t\t\t\t\t\t<a onclick='goPageToc(\"" . addslashes($tocItem["content"]) . "\");return false;' href='#'>\n \t\t\t\t\t\t\t\t\t\t\t" . $tocItem["text"] . "\n \t\t\t\t\t\t\t\t\t\t</a>\n \t\t\t\t\t\t\t\t\t</div>"; $identPrecedent = $tocItem["level"]; } $this->toDisplay["doc"] .= "\n \t\t</div>\n \t\t<iframe id='ePubFrameViewer' name='ePubFrameViewer' style='height:100%;width:70%'></iframe> \n \t\t<div style='text-align:center'>\n \t\t\t<img src='" . $visionneuse_path . "/images/zoom_plus.gif' alt='zoom_plus' border='0' onClick='zoomIn();return false;' style='display:inline;'/>\n \t\t\t \n\t\t\t\t<img src='" . $visionneuse_path . "/images/zoom_moins.gif' alt='zoom_moins' border='0' onClick='zoomOut();return false;' style='display:inline;'/>\n \t\t\t \n \t\t\t<img src='" . $visionneuse_path . "/images/first.gif' alt='first' border='0' onClick=\"pageCours=0;goPage(pages[pageCours]['href']);return false;\" style='display:inline;'/>\n \t\t\t \n\t \t<img src='" . $visionneuse_path . "/images/prev.gif' alt='previous' border='0' onClick=\"changePage('-');\" style='display:inline;'/>\n\t \t \n\t \tpage <input type='text' id='pageNum' name='pageNum' value='0' size='1'/ onChange='appelPage();'> / " . count($ebook->pages) . "\n\t\t\t\t \n \t\t\t<img src='" . $visionneuse_path . "/images/next.gif' alt='next' border='0' onClick=\"changePage('+');\" style='display:inline;'/>\n \t\t\t \n \t\t\t<img src='" . $visionneuse_path . "/images/last.gif' alt='last' border='0' onClick=\"pageCours=" . (count($ebook->pages) - 1) . ";goPage(pages[pageCours]['href']);return false;\" style='display:inline;'/>\n \t\t</div>\t\t\n \t</div> \n \t<div class='row'></div> \t\n \t<script type='text/javascript'>\n \t\tvar pages = " . json_encode($ebook->pages) . ";\n \t\tvar pageCours = 0;\n \t\tvar idiv= document.getElementById('divEpub');\n \t\tvar iframe= document.getElementById('ePubFrameViewer');\n \t\tvar pageNumText = document.getElementById('pageNum');\n \t\tvar fontSize = 1;\n \t\tvar fichierActuel = ''; \t\t\n\n \t\tfunction changePage(sens) {\n\t\t\t\tvar ok = true;\n\t\t\t\tif (sens == '+') {\n\t\t\t\t\tif (pages[pageCours+1]) {\n\t\t\t\t\t\tpageCours++;\n\t\t\t\t\t} else {\n\t\t\t\t\t\tok = false;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tif (sens == '-') {\n\t\t\t\t\tif (pages[pageCours-1]) {\n\t\t\t\t\t\tpageCours--;\n\t\t\t\t\t} else {\n\t\t\t\t\t\tok = false;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tif (ok) {\n\t\t\t\t\tgoPage(pages[pageCours]['href']);\n\t\t\t\t}\n\t\t\t}\n\t\t\t\n\t\t\tfunction goPage(page) {\n\t\t\t\t//On charge la page\n\t\t\t\tiframe.src='visionneuse.php/" . $this->driver->driver_name . "/" . $this->doc->id . "/'+page;\n\t\t\t}\n\t\t\t\t\t\t\n\t\t\tfunction appelPage() {\n\t\t\t\tvar maPage = pageNumText.value;\n\t\t\t\tmaPage = parseInt(maPage);\n\t\t\t\tif (isNaN(maPage)) {\n\t\t\t\t\talert('Numéro de page non valide');\n\t\t\t\t} else {\n\t\t\t\t\tmaPage--; //Le tableau commence à l'indice 0\n\t\t\t\t\tif (pages[maPage]) {\n\t\t\t\t\t\tpageCours = maPage;\n\t\t\t\t\t\tgoPage(pages[pageCours]['href']);\n\t\t\t\t\t} else {\n\t\t\t\t\t\talert('Numéro de page non valide');\n\t\t\t\t\t}\t\t\t\t\t\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tfunction goPageToc(page) {\n\t\t\t\tfor (var i= 0; i < pages.length; i++) {\n\t\t\t\t if (page == pages[i]['href']) {\n\t\t\t\t \tpageCours = i;\n\t\t\t\t \tbreak;\n\t\t\t\t }\n\t\t\t\t}\n\t\t\t\tgoPage(page);\n\t\t\t}\n\t\t\t\n\t\t\tfunction resizeDivConteneur () {\n\t\t\t\tidiv.style.width = '" . $this->parameters["size_x"] . "%';\n\t\t\t\tidiv.style.height = ((getFrameHeight()-40-80)*" . $this->parameters["size_y"] / 100 . ")+'px';\n\t\t\t}\n\t\t\t\n\t\t\tfunction zoomIn() {\n\t\t\t\tfontSize += 0.1;\n\t\t\t\tiframe.contentDocument.body.style.fontSize = fontSize + 'em';\n\t\t\t}\n\t\t\t\n\t\t\tfunction zoomOut() {\n\t\t\t\tif (fontSize > 0.11) {\n\t\t\t\t\tfontSize -= 0.1;\n\t\t\t\t\tiframe.contentDocument.body.style.fontSize = fontSize + 'em';\n\t\t\t\t}\n\t\t\t}\n\t\t\t\n\t\t\tfunction trouvePageNum() {\n\t\t\t\tvar ancre = new Array();\n\t\t\t\tnb_key = 0;\n\t\t\t\tfor (var i in pages) {\n\t\t\t\t\tpg = pages[i]['href'].split('#');\n\t\t\t\t\tif (pg[0] == fichierActuel) {\n\t\t\t\t\t\tvar ancreTmp = new Array();\n\t\t\t\t\t\tancreTmp['numPage'] = i;\n\t\t\t\t\t\tancreTmp['ancre'] = pg[1];\n\t\t\t\t\t\tancre.push(ancreTmp);\n\t\t\t\t\t\tnb_key++;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tif (nb_key == 1) {\n\t\t\t\t\tpageCours = parseInt(ancre[0]['numPage']);\n\t\t\t\t} else {\n\t\t\t\t\tvar doc = iframe.contentDocument;\t\t\t\t\t\n\t\t\t\t\tvar scroll = doc.documentElement.scrollTop;\n\t\t\t\t\tif (typeof(iframe.innerHeight) == 'number') {\n\t\t\t\t\t\tvar hauteurFrame = iframe.innerHeight;\n\t\t\t\t\t} else if(doc.documentElement && doc.documentElement.clientHeight) {\n\t\t\t\t\t\tvar hauteurFrame = doc.documentElement.clientHeight;\n\t\t\t\t\t}\n\t\t\t\t\tfor (var i=0; i<ancre.length; i++) {\t\t\t\t\t\t\n\t\t\t\t\t\tif (doc.getElementById(ancre[i]['ancre'])) {\n\t\t\t\t\t\t\tvar y = doc.getElementById(ancre[i]['ancre']).offsetTop - scroll;\n\t\t\t\t\t\t\tif (y >= 0 && y < (hauteurFrame/10)) {\n\t\t\t\t\t\t\t\tpageCours = parseInt(ancre[i]['numPage']);\n\t\t\t\t\t\t\t\tbreak;\n\t\t\t\t\t\t\t} else if (y >= 0 && y > (hauteurFrame/10)) {\n\t\t\t\t\t\t\t\tpageCours = parseInt(ancre[i]['numPage'])-1;\n\t\t\t\t\t\t\t\tbreak;\n\t\t\t\t\t\t\t} else if(i==(ancre.length-1)) {\n\t\t\t\t\t\t\t\t//on est sur la dernière ancre, rien de détecté : elle est au dessus\n\t\t\t\t\t\t\t\tpageCours = parseInt(ancre[i]['numPage']);\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tpageNumText.value = pageCours+1;\t\t\t\t\n\t\t\t}\n\t\t\t\n\t\t\tfunction monInit() {\n\t\t\t\t//div conteneur\n\t\t\t\tresizeDivConteneur();\n\t\t\t\t//docnum\n\t\t\t\tgoPage(pages[pageCours]['href']);\n\t\t\t}\n \t\t\n\t\t\tfunction pageChargee() {\n\t\t\t\t//Fichier actuel\n\t\t\t\tvar tmpFrameSrc = frames['ePubFrameViewer'].location.href.split('/');\n\t\t\t\tvar frameSrc = tmpFrameSrc[(tmpFrameSrc.length-1)];\n\t\t\t\ttmpFrameSrc = frameSrc.split('#');\n\t\t\t\tfichierActuel = tmpFrameSrc[0];\n\n\t\t\t\t//Numéro de page en cours\n\t\t\t\ttrouvePageNum();\n\t\t\t\t\n\t\t\t\t//On reprend le dernier niveau de zoom\n\t\t\t\ttry {\n\t\t\t\t\tiframe.contentWindow.body.style.fontSize = fontSize + 'em';\n\t\t\t\t}catch(err){\n\t\t\t\t\tiframe.contentDocument.body.style.fontSize = fontSize + 'em';\n\t\t\t\t}\n\t\t\t\t\n\t\t\t\t//on met à jour sur scroll\n\t \t\ttry {\n\t\t\t\t\tiframe.contentWindow.onscroll=function(){\n\t\t \t\t\ttrouvePageNum();\n\t\t \t\t}\n\t\t\t\t}catch(err){\n\t\t\t\t\tiframe.contentDocument.onscroll=function(){\n\t\t \t\t\ttrouvePageNum();\n\t\t \t\t}\n\t\t\t\t}\t \t\t\n\t\t\t}\n\n \t\tif (window.attachEvent) {\n \t\t\twindow.attachEvent('onload', monInit);\n \t\t} else {\n \t\t\twindow.addEventListener('load', monInit, false);\n \t\t}\n \t\t\n \t\tif (iframe.attachEvent) {\n \t\t\tiframe.attachEvent('onload', pageChargee);\n \t\t} else {\n \t\t\tiframe.addEventListener('load', pageChargee, false);\n \t\t}\n \t\t\n \t</script>\n \t"; //la description $this->toDisplay["desc"] = $this->doc->desc; return $this->toDisplay; }