PHP sanitizer::cleanData示例

示例#1

文件： server.php 项目： hostellerie/nexpro

     } elseif ($cid == 0) {
         $data['retcode'] = 200;
         $data['cid'] = $cid;
         $data['displayhtml'] = nexdocsrv_generateFileListing($cid, $reportmode);
         $data['activefolder'] = nexdoc_displayActiveFolder($cid, $reportmode);
         $data['moreactions'] = nexdocsrv_getMoreActions($reportmode);
         $data['header'] = nexdoc_formatHeader($cid, $reportmode);
     } else {
         $data['retcode'] = 401;
         $data['error'] = 'Error: No Access to Folder';
     }
     $retval = json_encode($data);
     firelogmsg("Completed generating AJAX return data");
     break;
 case 'getmorefiledata':
     $filter->cleanData('int', array('cid' => $_POST['cid'], 'level' => $_POST['level']));
     $filter->cleanData('char', array('foldernumber' => $_POST['foldernumber']));
     $_CLEAN = $filter->normalize($filter->getDbData());
     $lastRenderedFolder = $_CLEAN['cid'];
     if ($_CLEAN['foldernumber'] == 'null') {
         $_CLEAN['foldernumber'] = '';
     }
     $retval = '<result>';
     $retval .= '<retcode>200</retcode>';
     $tpl = new Template($_CONF['path_layout'] . 'nexfile');
     $tpl->set_file(array('filelisting_rec' => 'filelisting_record.thtml', 'loadfolder_msg' => 'load_folder_message.thtml', 'tag_link' => 'taglink_record.thtml', 'tag_rec' => 'tagdesc_record.thtml', 'upload_action' => 'upload_link.thtml', 'download_action' => 'download_link.thtml', 'download_disabled' => 'download_disabled_link.thtml', 'editfile_action' => 'editfile_link.thtml'));
     $tpl->set_var('site_url', $_CONF['site_url']);
     $tpl->set_var('layout_url', $_CONF['layout_url']);
     $tpl->set_var('imgset', "{$_CONF['layout_url']}/nexfile/images");
     $retval .= '<displayhtml>' . htmlspecialchars(nexdoc_displayFileListing($tpl, $_CLEAN['cid'], 'getmoredata', $_CLEAN['level'], "{$_CLEAN['foldernumber']}"), ENT_QUOTES, $charset) . '</displayhtml>';
     $retval .= '</result>';

示例#2

文件： index.php 项目： hostellerie/nexpro

// | GNU General Public License for more details.                              |
// |                                                                           |
// | You should have received a copy of the GNU General Public License         |
// | along with this program; if not, write to the Free Software Foundation,   |
// | Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.           |
// |                                                                           |
// +---------------------------------------------------------------------------+
//
include '../lib-common.php';
include 'library.php';
if (!SEC_inGroup($_FMCONF['access_mode'])) {
    echo COM_refresh($_CONF['site_url']);
    exit;
}
$filter = new sanitizer();
$filter->cleanData('int', array('cid' => $_REQUEST['cid'], 'fid' => $_GET['fid']));
$filter->cleanData('char', array('op' => $_REQUEST['op']));
$_CLEAN = $filter->getCleanData();
$cid = $_CLEAN['int']['cid'];
$fid = $_CLEAN['int']['fid'];
if ($fid > 0 and empty($cid)) {
    $cid = DB_getItem($_TABLES['nxfile_files'], 'cid', "fid={$fid} AND status=1");
    $pid = DB_getItem($_TABLES['nxfile_categories'], 'pid', "cid={$cid}");
    if (empty($cid) or !fm_getPermission($cid, 'view') or $pid > 0 and !fm_getPermission($pid, 'view')) {
        $fid = 0;
        $cid = 0;
    }
} elseif ($cid > 0) {
    if (!fm_getPermission($cid, 'view')) {
        $cid = 0;
    }