本文整理汇总了PHP中pg_escape_string函数的典型用法代码示例。如果您正苦于以下问题:PHP pg_escape_string函数的具体用法?PHP pg_escape_string怎么用?PHP pg_escape_string使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了pg_escape_string函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的PHP代码示例。
示例1: upload
function upload($database, $userlogin, $file, $maxsize, $extensions)
{
if (isset($_FILES[$file]) && $_FILES[$file]['error'] == 0) {
$upload = false;
$upload_dest = '../Users/Images/' . $_SESSION['login'] . '.jpg';
if ($_FILES[$file]['size'] <= $maxsize) {
$infosfichier = pathinfo($_FILES[$file]['name']);
$extension_upload = $infosfichier['extension'];
if (in_array($extension_upload, $extensions)) {
$upload = move_uploaded_file($_FILES[$file]['tmp_name'], $upload_dest);
}
} else {
$msg = "<span class=\"red\">Photo volumineuse</span>";
}
if ($upload == true) {
$photo = pg_escape_string($upload_dest);
$query_photo = pg_query($database, "UPDATE users SET photo='{$photo}' WHERE login='{$userlogin}'") or die('Échec requête : ' . pg_last_error());
if ($query_photo != false) {
$msg = "Envoi du fichier \"" . $_FILES[$file]['name'] . "\" réussi";
} else {
$msg = "Photo envoyée mais non ajouté à la base";
}
pg_free_result($query_photo);
} else {
$msg = "<span class=\"red\">Envoi du fichier \"" . $_FILES[$file]['name'] . "\" échoué</span>";
}
} else {
$msg = "Photo de profil supprimée";
}
return $msg;
}
开发者ID:sasd13,项目名称:website-original,代码行数:31,代码来源:editphoto.php
示例2: Q
function Q($sql, $str = false)
{
if ($str == false && !is_integer($sql)) {
$value = -1;
}
return pg_escape_string($sql);
}
开发者ID:shaman33,项目名称:pwsm2,代码行数:7,代码来源:db.inc.php
示例3: check_str
function check_str($string, $trim = true)
{
global $db_type, $db;
//when code in db is urlencoded the ' does not need to be modified
if ($db_type == "sqlite") {
if (function_exists('sqlite_escape_string')) {
$string = sqlite_escape_string($string);
} else {
$string = str_replace("'", "''", $string);
}
}
if ($db_type == "pgsql") {
$string = pg_escape_string($string);
}
if ($db_type == "mysql") {
if (function_exists('mysql_real_escape_string')) {
$tmp_str = mysql_real_escape_string($string);
} else {
$tmp_str = mysqli_real_escape_string($db, $string);
}
if (strlen($tmp_str)) {
$string = $tmp_str;
} else {
$search = array("", "\n", "\r", "\\", "'", "\"", "");
$replace = array("\\x00", "\\n", "\\r", "\\\\", "\\'", "\\\"", "\\");
$string = str_replace($search, $replace, $string);
}
}
$string = $trim ? trim($string) : $string;
return $string;
}
开发者ID:rdissauer,项目名称:fusionpbx,代码行数:31,代码来源:functions.php
示例4: fnSanitizePost
function fnSanitizePost($data, $sdb = "PG")
{
//escapes,strips and trims all members of the post array
if (is_array($data)) {
$areturn = array();
foreach ($data as $skey => $svalue) {
$areturn[$skey] = fnSanitizePost($svalue);
}
return $areturn;
} else {
if (!is_numeric($data)) {
//with magic quotes on, the input gets escaped twice, we want to avoid this.
if (get_magic_quotes_gpc()) {
$data = stripslashes($data);
}
//escapes a string for insertion into the database
switch ($sdb) {
case "MySQL":
$data = mysql_real_escape_string($data);
break;
case "PG":
$data = pg_escape_string($data);
break;
}
$data = strip_tags($data);
//strips HTML and PHP tags from a string
}
$data = trim($data);
//trims whitespace from beginning and end of a string
return $data;
}
}
开发者ID:niczak,项目名称:PHP-Sanitize-Post,代码行数:32,代码来源:sanitize.php
示例5: escape_string
function escape_string($s, $strip_tags = true)
{
if ($strip_tags) {
$s = strip_tags($s);
}
return pg_escape_string($s);
}
开发者ID:wangroot,项目名称:ssh,代码行数:7,代码来源:pgsql.php
示例6: processValid
protected function processValid()
{
global $cfg;
$db = Database::getInstance($cfg['DPS']['dsn']);
if (is_numeric($this->fieldData['resultCount'])) {
if ($this->fieldData['submit'] == 'Clear List') {
for ($i = 0; $i < $this->fieldData['resultCount']; $i++) {
$cb = 'checkbox_' . $i;
$id = 'trackID_' . $i;
if (is_numeric(pg_escape_string($this->fieldData[$id])) && pg_escape_string($this->fieldData[$id] != "")) {
$trUpdate['censor'] = 'f';
$trUpdate['flagged'] = 'f';
$trWhere = "id = " . pg_escape_string($this->fieldData[$id]);
$db->update('audio', $trUpdate, $trWhere, true);
}
}
} else {
for ($i = 0; $i < $this->fieldData['resultCount']; $i++) {
$cb = 'checkbox_' . $i;
$id = 'trackID_' . $i;
if ($this->fieldData[$cb] == "on" && is_numeric(pg_escape_string($this->fieldData[$id])) && pg_escape_string($this->fieldData[$id] != "")) {
$trUpdate['censor'] = 't';
$trUpdate['flagged'] = 'f';
$trWhere = "id = " . pg_escape_string($this->fieldData[$id]);
$db->update('audio', $trUpdate, $trWhere, true);
}
}
}
}
}
开发者ID:radiowarwick,项目名称:digiplay_legacy,代码行数:30,代码来源:DPSAddCensorTrackModel.class.php
示例7: processValid
protected function processValid()
{
global $cfg;
$db = Database::getInstance($cfg['DPS']['dsn']);
$audio = $this->fieldData['audioID'];
$style = $this->fieldData['style'];
$AwWall = $this->fieldData['awwallID'];
$AwItemPos = $this->fieldData['awitemPos'];
$text = "";
$subStr = explode("\n", $_POST["text"]);
foreach ($subStr as $value) {
$text = $text . pg_escape_string($value) . "\n";
}
$text = rtrim($text, "\n");
if ($text != '' && $audio != '' && is_numeric($audio)) {
$sql = "SELECT COUNT(*) FROM aw_items, aw_walls \n\t\t\t\tWHERE aw_walls.id = aw_items.wall_id\n\t\t\t\tAND aw_walls.id = " . pg_escape_string($AwWall) . " \n\t\t\t\tAND aw_items.item = " . pg_escape_string($AwItemPos);
$count = $db->getOne($sql);
if ($count == 0) {
$AwItem = array();
$AwItem['text'] = $text;
$AwItem['audio_id'] = $audio;
$AwItem['style_id'] = $style;
$AwItem['wall_id'] = $AwWall;
$AwItem['item'] = $AwItemPos;
$db->insert('aw_items', $AwItem, true);
} else {
//do error stuff
}
}
}
开发者ID:radiowarwick,项目名称:digiplay_legacy,代码行数:30,代码来源:DPSUserAddAwItemModel.class.php
示例8: FetchLogs
function FetchLogs($channel)
{
$html = "";
$c = 0;
$logs = array();
$display_joins = isset($_GET['data']);
if ($display_joins) {
$sql = "SELECT * FROM logs WHERE channel = '" . pg_escape_string($channel) . "' and time > to_timestamp( '" . pg_escape_string($_GET["start"] . " 00:00:00") . "', 'MM/DD/YYYY HH24:MI:SS' ) and time < to_timestamp( '" . pg_escape_string($_GET["end"] . " 23:59:59") . "', 'MM/DD/YYYY HH24:MI:SS' ) order by time asc;";
} else {
$sql = "SELECT * FROM logs WHERE channel = '" . pg_escape_string($channel) . "' and time > to_timestamp( '" . pg_escape_string($_GET["start"] . " 00:00:00") . "', 'MM/DD/YYYY HH24:MI:SS' ) and time < to_timestamp( '" . pg_escape_string($_GET["end"] . " 23:59:59") . "', 'MM/DD/YYYY HH24:MI:SS' ) and type = 0 order by time asc;";
}
$query = pg_query($sql);
if (!$query) {
die('SQL failure: ' . pg_last_error());
}
while ($item = pg_fetch_assoc($query)) {
$logs[] = $item;
$c++;
}
if ($c == 0) {
return "No logs found, try a different filter";
}
$html .= "<p>Displaying {$c} items:</p>\n";
if (isset($_GET["wiki"])) {
$html .= LogsWiki::Render2($logs);
} else {
$html .= LogsHtml::RenderLogs($logs);
}
return $html;
}
开发者ID:mhutti1,项目名称:wikimedia-bot,代码行数:30,代码来源:menu.php
示例9: DDLB_Choices
function DDLB_Choices($Name = 'page_size', $selected = '', $ChoiceSuffix = '')
{
# return the HTML which forms a dropdown list box.
# optionally, select the item identified by $selected.
$Debug = 0;
$HTML = '<select name="' . htmlentities($Name);
$HTML .= '" title="select a page size"';
$HTML .= ">\n";
if ($Debug) {
echo "{$NumRows} rows found!<br>";
echo "selected = '{$selected}'<br>";
}
foreach ($this->Choices as $choice => $value) {
$HTML .= '<option value="' . htmlspecialchars(pg_escape_string($value)) . '"';
if ($value == $selected) {
$HTML .= ' selected';
}
$HTML .= '>' . htmlspecialchars(pg_escape_string($choice));
if ($ChoiceSuffix) {
$HTML .= ' ' . htmlspecialchars(pg_escape_string($ChoiceSuffix));
}
$HTML .= "</option>\n";
}
$HTML .= '</select>';
return $HTML;
}
开发者ID:brycied00d,项目名称:freshports,代码行数:26,代码来源:page_options.php
示例10: CreateHTML
function CreateHTML()
{
global $freshports_CommitMsgMaxNumOfLinesToShow;
if (isset($this->Filter)) {
$sql = "select * from LatestCommitsFiltered({$this->MaxNumberOfPorts}, {$this->UserID}, '" . pg_escape_string($this->Filter) . "')";
} else {
# $sql = "select * from LatestCommits($this->MaxNumberOfPorts, $this->UserID)";
$sql = "\n SELECT LC.*, STF.message AS stf_message\n FROM LatestCommits({$this->MaxNumberOfPorts}, 0, '" . pg_escape_string($this->BranchName) . "') LC LEFT OUTER JOIN sanity_test_failures STF\n ON LC.commit_log_id = STF.commit_log_id\nORDER BY LC.commit_date_raw DESC, LC.category, LC.port, element_pathname";
}
if ($this->Debug) {
echo "\n<p>sql={$sql}</p>\n";
}
$result = pg_exec($this->dbh, $sql);
if (!$result) {
die("read from database failed");
exit;
}
$DisplayCommit = new DisplayCommit($this->dbh, $result);
$DisplayCommit->Debug = $this->Debug;
$DisplayCommit->SetDaysMarkedAsNew($this->DaysMarkedAsNew);
$DisplayCommit->SetUserID($this->UserID);
$DisplayCommit->SetWatchListAsk($this->WatchListAsk);
$RetVal = $DisplayCommit->CreateHTML();
$this->HTML = $DisplayCommit->HTML;
return $RetVal;
}
开发者ID:brycied00d,项目名称:freshports,代码行数:26,代码来源:latest_commits.php
示例11: quote
public function quote($string, $withQuotes = true)
{
if (!is_scalar($string) && !is_null($string) && (!is_object($string) || !method_exists($string, '__toString'))) {
throw new Exception('Trying to quote "' . gettype($string) . '". Value: "' . var_export($string, true) . '"');
}
return $withQuotes ? "'" . pg_escape_string($string) . "'" : pg_escape_string($string);
}
开发者ID:ATouhou,项目名称:dbench,代码行数:7,代码来源:PostgreSQL.php
示例12: Add
function Add($UserID, $CommitLogID)
{
#
# Add an item to the list
#
#
# make sure we don't report the duplicate entry error when adding...
#
$PreviousReportingLevel = error_reporting(E_ALL ^ E_WARNING);
#
# The subselect ensures the user can only add things to their
# own watch list
#
$sql = "\nINSERT INTO {$this->_TableName}\nSELECT {$UserID} as user_id, \n\t (SELECT id from commit_log where message_id = '" . pg_escape_string($CommitLogID) . "') as commit_log_id\n WHERE not exists (\n SELECT T.user_id, T.commit_log_id\n FROM {$this->_TableName} T\n WHERE T.user_id = {$UserID}\n AND T.commit_log_id = (SELECT id from commit_log where message_id = '" . pg_escape_string($CommitLogID) . "'))";
if ($this->_Debug) {
echo "<pre>{$sql}</pre>";
}
$result = pg_exec($this->dbh, $sql);
if ($result) {
$return = 1;
} else {
# If this isn't a duplicate key error, then break
if (stristr(pg_last_error(), "Cannot insert a duplicate key") == '') {
$return = -1;
} else {
$return = 1;
}
}
error_reporting($PreviousReportingLevel);
return $return;
}
开发者ID:brycied00d,项目名称:freshports,代码行数:31,代码来源:commit_flag.php
示例13: _run
public static function _run($xml, $conn_pg)
{
global $user_maclabel;
$table = array();
$data = array();
foreach ($xml->children() as $k => $v) {
if (!isset($table[$k])) {
$table[$k] = array();
}
if (!isset($data[$k])) {
$data[$k] = array();
}
$assoc = array();
foreach ($v->children() as $r => $c) {
$d = (string) $c;
if ($d !== '') {
if (is_numeric($d)) {
$d = floatval($d);
if (!isset($table[$k][$r])) {
$table[$k][$r] = 'float';
}
} else {
$table[$k][$r] = 'varchar(255)';
}
}
if ($d !== '') {
$assoc[$r] = "'" . pg_escape_string($d) . "'";
}
}
$data[$k][] = $assoc;
}
//ooo, how much memory is used here...
foreach ($table as $k => $v) {
$mod = "";
if ($user_maclabel) {
$mod .= "ALTER TABLE {$k} SET MAC TO NULL; ALTER TABLE {$k} DISABLE COLUMN MACS;";
}
$mod .= "DROP TABLE IF EXISTS {$k}; CREATE TABLE {$k} ( ";
foreach ($v as $col => $typ) {
if ($col != 'maclabel') {
$mod .= "\"{$col}\" {$typ},";
}
}
$mod .= "CHECK(TRUE))";
$mod .= ($_POST['mac_records'] ? " WITH (MACS = true)" : "") . ";";
if ($_POST['mac_columns']) {
$mod .= "ALTER TABLE {$k} ENABLE COLUMN MACS;";
}
pg_query($conn_pg, $mod) or die("error on query " . pg_last_error($conn_pg));
}
foreach ($data as $k => $t) {
pg_query($conn_pg, "BEGIN;");
foreach ($t as $v) {
$ins = "INSERT INTO {$k} ( " . implode(",", array_keys($v)) . ") VALUES (" . implode(",", array_values($v)) . ");";
pg_query($conn_pg, $ins) or die("error on query " . pg_last_error($conn_pg));
}
pg_query($conn_pg, "ANALYZE {$k};");
pg_query($conn_pg, "COMMIT;");
}
}
开发者ID:radixvinni,项目名称:xml-data-resource,代码行数:60,代码来源:import.php
示例14: Fetch
function Fetch()
{
$sql = "\n\t\tSELECT DISTINCT\n\t\t\tcommit_log.commit_date - SystemTimeAdjust() AS commit_date_raw,\n\t\t\tcommit_log.id AS commit_log_id,\n\t\t\tcommit_log.encoding_losses AS encoding_losses,\n\t\t\tcommit_log.message_id AS message_id,\n\t\t\tcommit_log.committer AS committer,\n\t\t\tcommit_log.description AS commit_description,\n\t\t\tto_char(commit_log.commit_date - SystemTimeAdjust(), 'DD Mon YYYY') AS commit_date,\n\t\t\tto_char(commit_log.commit_date - SystemTimeAdjust(), 'HH24:MI') AS commit_time,\n\t\t\tNULL AS port_id,\n\t\t\tNULL AS category,\n\t\t\tNULL AS category_id,\n\t\t\tNULL AS port,\n\t\t\telement_pathname(element.id) AS pathname,\n\t\t\tNULL AS version,\n\t\t\tcommit_log_elements.revision_name AS revision,\n\t\t\tNULL AS epoch,\n\t\t\telement.status AS status,\n\t\t\tNULL AS needs_refresh,\n\t\t\tNULL AS forbidden,\n\t\t\tNULL AS broken,\n\t\t\tNULL AS deprecated,\n\t\t\tNULL AS ignore,\n\t\t\tNULL AS expiration_date,\n\t\t\tNULL AS date_added,\n\t\t\tNULL AS element_id,\n\t\t\tNULL AS short_description,\n\t\t\tNULL AS stf_message";
if ($this->UserID) {
$sql .= ",\n\t onwatchlist ";
}
$sql .= "\n FROM commit_log, commit_log_elements, element ";
if ($this->UserID) {
$sql .= "\n\t LEFT OUTER JOIN\n\t (SELECT element_id as wle_element_id, COUNT(watch_list_id) as onwatchlist\n\t FROM watch_list JOIN watch_list_element \n\t ON watch_list.id = watch_list_element.watch_list_id\n\t AND watch_list.user_id = " . $this->UserID . "\n\t AND watch_list.in_service\t\t\n\t GROUP BY wle_element_id) AS TEMP\n\t ON TEMP.wle_element_id = element.id";
}
$sql .= "\n\t WHERE commit_log.id IN (SELECT tmp.id FROM (SELECT DISTINCT CL.id, CL.commit_date\n FROM commit_log CL\n WHERE CL.committer = '" . pg_escape_string($this->Committer) . "'\nORDER BY CL.commit_date DESC ";
if ($this->Limit) {
$sql .= " LIMIT " . $this->Limit;
}
if ($this->Offset) {
$sql .= " OFFSET " . $this->Offset;
}
$sql .= ")as tmp)\n\t AND commit_log_elements.commit_log_id = commit_log.id\n\t AND commit_log_elements.element_id = element.id\n ORDER BY 1 desc,\n\t\t\tcommit_log_id";
if ($this->Debug) {
echo '<pre>' . $sql . '</pre>';
}
$this->LocalResult = pg_exec($this->dbh, $sql);
if ($this->LocalResult) {
$numrows = pg_numrows($this->LocalResult);
if ($this->Debug) {
echo "That would give us {$numrows} rows";
}
} else {
$numrows = -1;
echo 'pg_exec failed: ' . "<pre>{$sql}</pre>";
}
return $numrows;
}
开发者ID:brycied00d,项目名称:freshports,代码行数:33,代码来源:commits_by_committer.php
示例15: search_db
function search_db($netid)
{
global $dbfields;
if (!preg_match("/\\A[a-z]{3}([0-9]*)\\Z/i", $netid)) {
return array();
}
init_db();
$query = "select * from users where netid='" . pg_escape_string($netid) . "'";
$result = pg_query($query);
$present = pg_fetch_array($result, null, PGSQL_ASSOC);
if ($present == null) {
return array();
}
$person = new Person($netid);
pg_free_result($result);
foreach ($dbfields as $f) {
$query = "select * from " . $f . " where netid='" . pg_escape_string($netid) . "'";
$result = pg_query($query);
while ($line = pg_fetch_array($result, null, PGSQL_ASSOC)) {
$value = $line[$f];
if ($line["ldap"] === "f") {
$person->db_fields[$f][] = $value;
} else {
$person->ldap_fields[$f][] = $value;
}
}
pg_free_result($result);
}
$person->refresh_db();
return array($person);
}
开发者ID:rde1024,项目名称:cwrufind,代码行数:31,代码来源:dbutils.php
示例16: setupTemplate
protected function setupTemplate()
{
global $cfg;
parent::setupTemplate();
$db = Database::getInstance($cfg['DPS']['dsn']);
$scriptID = pg_escape_string($this->fieldData['scriptID']);
$auth = Auth::getInstance();
$userID = $auth->getUserID();
$date = time();
if (is_numeric($scriptID)) {
$script_query = "SELECT bit_or(permissions) \n\t\t\t\tFROM v_tree_script\n\t\t\t\tWHERE id = {$scriptID}\n\t\t\t\t\tAND userid = {$userID}";
$checkScripts = $db->getOne($script_query);
if (substr($checkScripts, 0, 1) == "1") {
if (substr($checkScripts, 1, 1) == "1") {
$this->assign('write', 't');
} else {
$this->assign('write', 'f');
}
$script_sql = "SELECT * FROM scripts WHERE id = " . $scriptID;
$script = $db->getRow($script_sql);
$script['m'] = (int) ($script['length'] / 60);
$script['s'] = $script['length'] - $script['m'] * 60;
$script['niceProducer'] = AuthUtil::getUsername($script['creator']);
$this->assign('script', $script);
} else {
$this->assign('error', 'You do not have permission to edit that script.');
}
} else {
$this->assign('error', 'Invalid Show ID supplied');
}
$this->assign('Admin', AuthUtil::getDetailedUserrealmAccess(array(1), $userID));
}
开发者ID:radiowarwick,项目名称:digiplay_legacy,代码行数:32,代码来源:DPSUserEditScriptViewer.class.php
示例17: clsEnderecoExterno
/**
* Construtor.
*/
function clsEnderecoExterno($idpes = FALSE, $tipo = FALSE, $idtlog = FALSE, $logradouro = FALSE, $numero = FALSE, $letra = FALSE, $complemento = FALSE, $bairro = FALSE, $cep = FALSE, $cidade = FALSE, $sigla_uf = FALSE, $reside_desde = FALSE, $bloco = FALSE, $apartamento = FALSE, $andar = FALSE, $idpes_cad = FALSE, $idpes_rev = FALSE, $zona_localizacao = 1)
{
$idtlog = urldecode($idtlog);
$objPessoa = new clsPessoa_($idpes);
if ($objPessoa->detalhe()) {
$this->idpes = $idpes;
}
$this->tipo = $tipo;
$objTipoLog = new clsTipoLogradouro($idtlog);
if ($objTipoLog->detalhe()) {
$this->idtlog = $idtlog;
}
$this->logradouro = pg_escape_string($logradouro);
$this->numero = $numero;
$this->letra = $letra;
$this->complemento = pg_escape_string($complemento);
$this->bairro = pg_escape_string($bairro);
$this->cep = $cep;
$this->cidade = pg_escape_string($cidade);
$objSiglaUf = new clsUf($sigla_uf);
if ($objPessoa->detalhe()) {
$this->sigla_uf = $sigla_uf;
}
$this->idpes_cad = $idpes_cad ? $idpes_cad : $_SESSION['id_pessoa'];
$this->idpes_rev = $idpes_rev ? $idpes_rev : $_SESSION['id_pessoa'];
$this->reside_desde = $reside_desde;
$this->bloco = $bloco;
$this->apartamento = $apartamento;
$this->andar = $andar;
$this->zona_localizacao = $zona_localizacao;
$this->tabela = 'endereco_externo';
}
开发者ID:secteofilandia,项目名称:ieducar,代码行数:35,代码来源:clsEnderecoExterno.inc.php
示例18: helper_userdata
function helper_userdata($data)
{
$user_data = array();
$user_data['accion'] = pg_escape_string($data->accion);
$user_data["municipio"] = $data->municipio;
return $user_data;
}
开发者ID:santu1987,项目名称:angular_crud,代码行数:7,代码来源:parroquiasController.php
示例19: transform
function transform($x, $y, $oldEPSG, $newEPSG)
{
if (is_null($x) || !is_numeric($x) || is_null($y) || !is_numeric($y) || is_null($oldEPSG) || !is_numeric($oldEPSG) || is_null($newEPSG) || !is_numeric($newEPSG)) {
return null;
}
if (SYS_DBTYPE == 'pgsql') {
$con = db_connect(DBSERVER, OWNER, PW);
$sqlMinx = "SELECT X(transform(GeometryFromText('POINT(" . pg_escape_string($x) . " " . pg_escape_string($y) . ")'," . pg_escape_string($oldEPSG) . ")," . pg_escape_string($newEPSG) . ")) as minx";
$resMinx = db_query($sqlMinx);
$minx = floatval(db_result($resMinx, 0, "minx"));
$sqlMiny = "SELECT Y(transform(GeometryFromText('POINT(" . pg_escape_string($x) . " " . pg_escape_string($y) . ")'," . pg_escape_string($oldEPSG) . ")," . pg_escape_string($newEPSG) . ")) as miny";
$resMiny = db_query($sqlMiny);
$miny = floatval(db_result($resMiny, 0, "miny"));
} else {
$con_string = "host=" . GEOS_DBSERVER . " port=" . GEOS_PORT . " dbname=" . GEOS_DB . "user=" . GEOS_OWNER . "password=" . GEOS_PW;
$con = pg_connect($con_string) or die("Error while connecting database");
/*
* @security_patch sqli done
*/
$sqlMinx = "SELECT X(transform(GeometryFromText('POINT(" . pg_escape_string($x) . " " . pg_escape_string($y) . ")'," . pg_escape_string($oldEPSG) . ")," . pg_escape_string($newEPSG) . ")) as minx";
$resMinx = pg_query($con, $sqlMinx);
$minx = floatval(pg_fetch_result($resMinx, 0, "minx"));
$sqlMiny = "SELECT Y(transform(GeometryFromText('POINT(" . pg_escape_string($x) . " " . pg_escape_string($y) . ")'," . pg_escape_string($oldEPSG) . ")," . pg_escape_string($newEPSG) . ")) as miny";
$resMiny = pg_query($con, $sqlMiny);
$miny = floatval(pg_fetch_result($resMiny, 0, "miny"));
}
return array("x" => $minx, "y" => $miny);
}
开发者ID:bfpi,项目名称:klarschiff-frontend-mit-mapbender,代码行数:28,代码来源:mod_coordsLookup_server.php
示例20: bindParameters
function bindParameters($binds)
{
krsort($binds);
$safe = '$1G#$2T#$3E$#';
$this->sql = str_replace(':', ':' . $safe, $this->sql);
$this->sql = str_replace(':-', ':-' . $safe, $this->sql);
$this->sql = str_replace('->', '->' . $safe, $this->sql);
foreach ($binds as $key => $value) {
if (is_array($value)) {
if (is_null($value[0])) {
$this->sql = str_replace(':' . $safe . $key, "NULL", $this->sql);
$this->sql = str_replace(':-' . $safe . $key, "NULL", $this->sql);
} else {
$this->sql = str_replace(':' . $safe . $key, pg_escape_string($value[0]), $this->sql);
$this->sql = str_replace(':-' . $safe . $key, "'" . pg_escape_string($value[0]) . "'", $this->sql);
}
} else {
if (is_null($value)) {
$this->sql = str_replace(':' . $safe . $key, "NULL", $this->sql);
} else {
if (gettype($value) == "string") {
$this->sql = str_replace(':' . $safe . $key, "'" . pg_escape_string($value) . "'", $this->sql);
} else {
$this->sql = str_replace(':' . $safe . $key, $value, $this->sql);
}
}
$this->sql = str_replace('->' . $safe . $key, $value, $this->sql);
}
}
//return $this->sql;
}
开发者ID:sistemasfidegar,项目名称:beneficiarios_prepasi,代码行数:31,代码来源:MY_Model.php
注:本文中的pg_escape_string函数示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论