function xmlencode($str) { $str = str_replace("&", "&", $str); $str = str_replace("<", "<", $str); $str = str_replace(">", ">", $str); $str = str_replace("'", "'", $str); return escapeEntities($str); }
function LoadSelectedReport($report) { $connection = getWebreportConnection(); // #9875 $strSQL = "SELECT " . $connection->addFieldWrappers("rpt_content") . " FROM " . $connection->addTableWrappers("webreports") . " WHERE " . $connection->addFieldWrappers("rpt_name") . "=" . $connection->prepareString($report) . " and " . $connection->addFieldWrappers("rpt_type") . "='report'"; $rptContent = $connection->query($strSQL)->fetchNumeric(); return escapeEntities($rptContent[0]); }
function LoadSelectedReport($report) { global $conn; $strSQL = "SELECT ".AddFieldWrappers("rpt_content")." FROM ".AddTableWrappers("webreports")." WHERE ".AddFieldWrappers("rpt_name")."=".db_prepare_string($report)." and ".AddFieldWrappers("rpt_type")."='report'"; $rsReport = db_query($strSQL,$conn); $rptContent = db_fetch_numarray($rsReport); return escapeEntities($rptContent[0]); }