function my_strip_tags($value) { global $dont_strip; if (is_array($value)) { foreach ($value as $key => $val) { if (!in_array($key, $dont_strip)) { $ret[$key] = my_strip_tags($val); } else { $ret[$key] = $val; } } } else { $ret = trim(strip_tags($value)); } return $ret; }
protected function action_ajax_change_profile() { $formData = my_strip_tags(my_unescape($_REQUEST["formData"])); if (!$formData || !is_array($formData)) { throw new Exception("<!--[No_formdata]-->"); } if (!$formData["birth_day"] || !$formData["birth_month"] || !$formData["birth_year"]) { throw new Exception("<!--[Enter_birth_date]-->"); } if ((!$formData["fname"] || !$formData["lname"]) && !$formData["nick"]) { throw new Exception("<!--[Enter_name_or_nick]-->"); } if ($formData["nick"] && DB::f1("select * from users where nick=:nick and id!=:id", array("nick" => $formData["nick"], "id" => $this->app->getUser("id")))) { throw new Exception("<!--[This_nick_is_already_taken]-->"); } $formData["sex"] = (int) $formData["sex"]; $query = "update users set fname=:fname,lname=:lname,about=:about,contact_email=:contact_email,nick=:nick,birth=:birth,sex=:sex where id=:id"; DB::q($query, array("fname" => $formData["fname"], "lname" => $formData["lname"], "about" => $formData["about"], "contact_email" => $formData["contact_email"], "nick" => $formData["nick"], "birth" => $formData["birth_year"] . "-" . $formData["birth_month"] . "-" . $formData["birth_day"], "sex" => $formData["sex"], "id" => $this->app->getUser("id"))); $success = "<!--[Changes_saved]-->"; if ($formData["sex"] == 1 && $this->app->getUser("sex") == 2) { $success = "<!--[Oh_man_howre_you_feel]-->"; } if ($formData["sex"] == 2 && $this->app->getUser("sex") == 1) { $success = "<!--[Oh_woman_howre_you_feel]-->"; } return array("success" => $success); }
function my_strip_tags($ar) { if (is_array($ar)) { $tmp_ar = $ar; foreach ($tmp_ar as $i => $v) { $ar[$i] = my_strip_tags($v); } } else { $ar = strip_tags($ar); } return $ar; }
$different_posters = explode("||", $comments_arr[COM_USER]); foreach ($different_posters as $individual_comment) { if ($flag == 1) { $bg = "bgcolor=#F7F6F4"; $flag = 0; } else { $bg = ""; $flag = 1; } $comment_arr = explode("|", $individual_comment); $comtime = date("d/m/y h:i:s", intval($comment_arr[COM_ID])); $comm_value = stripslashes(strip_tags($comment_arr[COM_TEXT])); $comm_excerpt = word_truncate($comm_value, 75); if ($comment_arr[COM_USER]) { $comment_arr[COM_USER] = word_truncate($comment_arr[COM_USER], 25); $Comments_HTML .= proc_tpl('editnews/editnews/comment_line', array('comment_arr0' => $comment_arr[COM_ID], 'comment_arr1' => $comment_arr[COM_USER], 'comment_arr3' => $comment_arr[COM_IP], 'comm_excerpt' => my_strip_tags($comm_excerpt))); } //if not blank } $Comments_HTML .= proc_tpl('editnews/editnews/comment_actions'); break; } else { $Comments_HTML = proc_tpl('editnews/editnews/nocomments'); $found_newsid = false; } } } if ($found_newsid == false) { $Comments_HTML = proc_tpl('editnews/editnews/nocomments'); } // init x-fields