function get_narrative_content($content_id, $connection) { // Takes a content ID number and returns an array containing the content from that row. if (!is_null($content_id)) { // Define the query template $query = "select narrative.*, source.title as source_title, source.template, source.logo from narrative, source where narrative.id={$content_id} and narrative.source_id=source.id"; } else { die("\nNo Content id."); } // Run the query if (!($rs0 = $connection->execute($query))) { die("Failed to get Narrative Content id {$content_id}: <b>{$query}</b>"); } $resultset = $rs0->GetAssoc(1); // Now fixup any items from that recordset that need to be fixed: $fixuplist = array(body => 1); // Special Values $final_result["keywords"] = find_keywords($resultset[$content_id]["body"]); $final_result["english_date_updated"] = ts_2_english($resultset[$content_id]["date_updated"]); foreach ($resultset[$content_id] as $item => $value) { if ($fixuplist[$item] == 1) { $final_result[$item] = fixup($value); } else { $final_result[$item] = $value; } } return $final_result; }
function check_aurl($val) { $arr = array(); foreach ($val as $value) { $value = fixup($value); if (!empty($value)) { $arr[] = $value; } } return $arr; }
function check_injection() { global $webRoot; foreach ($_GET as $name => $value) { $_GET[$name] = fixup($value); //if (fixup($value) == true) { // header("Location: $webRoot/error.php?message=A script/sql injection attempt has been detected, system has logged all of your data!!!"); //} } foreach ($_POST as $name => $value) { $_POST[$name] = fixup($value); //if (fixup($value) == true) { // header("Location: $webRoot/error.php?message=A script/sql injection attempt has been detected, system has logged all of your data!!!"); //} } foreach ($_REQUEST as $name => $value) { $_REQUEST[$name] = fixup($value); //if (fixup($value) == true) { // header("Location: $webRoot/error.php?message=A script/sql injection attempt has been detected, system has logged all of your data!!!"); //} } }