本文整理汇总了PHP中mysql_real_escape_string函数的典型用法代码示例。如果您正苦于以下问题:PHP mysql_real_escape_string函数的具体用法?PHP mysql_real_escape_string怎么用?PHP mysql_real_escape_string使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了mysql_real_escape_string函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的PHP代码示例。
示例1: dbkit_run_query_with_array
function dbkit_run_query_with_array($sql, $args)
{
foreach ($args as &$arg) {
if (is_array($arg)) {
if (count($arg) == 0) {
$arg = array(-1);
}
$parts = array();
foreach ($arg as $part) {
$parts[] = "'" . mysql_real_escape_string("{$part}") . "'";
}
$arg = "(" . implode(",", $parts) . ")";
} else {
$arg = "'" . mysql_real_escape_string("{$arg}") . "'";
}
}
$sql = str_replace("?", "%s", $sql);
array_unshift($args, $sql);
$sql = call_user_func_array('sprintf', $args);
dbkit_log_query($sql);
$res = mysql_query($sql);
if (!$res) {
die("database query failed: " . mysql_error());
}
return $res;
}
开发者ID:andreyvit,项目名称:retester,代码行数:26,代码来源:dbkit.inc.php
示例2: query_operon_gene_percentage
function query_operon_gene_percentage($species_id)
{
$spe = array();
$spe['name'] = '';
$spe['ncs'] = array();
$spe['total_gene'] = 0;
$spe['in_operon'] = 0;
$species_id = mysql_real_escape_string($species_id);
$sql = "SELECT id, name FROM Species WHERE id={$species_id}";
$result = mysql_query($sql) or die("Invalid query: " . mysql_error());
$row = mysql_fetch_array($result);
$spe['name'] = $row['name'];
unset($result);
$sql = "SELECT id,NC_id,protein_gene_number,rna_gene_number,operon_number FROM NC WHERE species_id={$species_id}";
$result = mysql_query($sql) or die("Invalid query: " . mysql_error());
$n = mysql_num_rows($result);
for ($i = 0; $i < $n; $i++) {
$row = mysql_fetch_array($result);
$NC_id = $row['id'];
$row['total_gene_num'] = $row['protein_gene_number'] + $row['rna_gene_number'];
$sql2 = "SELECT sum(size) as total_genes FROM Operon WHERE size>=2 AND NC_id={$NC_id} ORDER BY id";
$result2 = mysql_query($sql2) or die("Invalid query: " . mysql_error());
$row2 = mysql_fetch_array($result2);
$row['gene_in_operon'] = $row2['total_genes'];
#$row['percent'] = round($row['gene_in_operon'] / $row['total_gene_num'],2);
array_push($spe['ncs'], $row);
$spe['total_gene'] += $row['total_gene_num'];
$spe['in_operon'] += $row['gene_in_operon'];
}
$spe['percent'] = round(100 * $spe['in_operon'] / $spe['total_gene'], 2);
return $spe;
}
开发者ID:jluzhhy,项目名称:Cross-microrna,代码行数:32,代码来源:NC_statistic.php
示例3: toRegularString
public static function toRegularString($string)
{
if (!is_string($string)) {
return null;
}
return mysql_real_escape_string($string);
}
开发者ID:jasonhai,项目名称:onehome,代码行数:7,代码来源:Helper.php
示例4: formatField
function formatField($input)
{
$input = strip_tags($input);
$input = str_replace(";", ":", $input);
$input = mysql_real_escape_string($input);
return trim($input);
}
开发者ID:nicefirework,项目名称:Joke-Site-Script-Free,代码行数:7,代码来源:config.inc.php
示例5: get_all_promo_events
function get_all_promo_events()
{
connect_and_select_db(DB_SERVER, DB_UN, DB_PWD, DB_NAME);
$startDate = mysql_real_escape_string($_POST['startDate']);
$endDate = mysql_real_escape_string($_POST['endDate']);
//Retrieve all events that occur during the time period including the outer bounds
if ($startDate == null || $startDate == "") {
$startDate = "0000-00-00";
}
if ($endDate == null || $endDate == "") {
$endDate = "9999-99-99";
}
//$startDate = str_replace("-", "", $startDate);
//$endDate = str_replace("-", "", $endDate);
$sql = "SELECT * FROM AdEvent WHERE " . "(StartDate >= '{$startDate}' " . "AND StartDate <= '{$endDate}') " . "OR (EndDate >= '{$startDate}' " . "AND EndDate <= '{$endDate}') " . "ORDER BY AdEvent.StartDate ASC;";
//$sql = "SELECT * FROM AdEvent ORDER BY AdEvent.StartDate ASC"; --older, incorrect version
$error_message = "Could not successfully run query ({$sql}) from DB: ";
$search_events_result = get_result_set_from_select_query($sql, $error_message);
//$result is non-empty. So count the rows
$numrows = mysql_num_rows($search_events_result);
//Create an appropriate message
$message = "";
if ($numrows == 0) {
$message = "No events found in database";
}
ui_show_events_retrieved($message, $search_events_result);
}
开发者ID:rjoac1,项目名称:CSC423_TermProject,代码行数:27,代码来源:retrieve_events_promo_listing.php
示例6: index
public function index()
{
$email = "";
if ($this->post and !$this->csrf) {
global $site;
$site['flash']['error'] = "Invalid form submission";
} elseif ($this->post) {
$email = mysql_real_escape_string($_POST['email']);
$user = User::find("users.email = '{$email}' AND users.suspended = 0 AND users.activated = 1", null, false, 1);
if ($user) {
// Disable any active lost password requests
$lost_passwords = $user->get_lost_passwords();
if (count($lost_passwords) > 0) {
foreach ($lost_passwords as $lost_password) {
$lost_password->used = true;
$lost_password->save();
}
}
// Make a new lost password request
$lost_password = new LostPassword($user);
if ($lost_password->save()) {
Email::send_lost_password($lost_password);
Site::flash("notice", "Instructions on how to reset your password have been sent to {$user->email}");
Redirect("resetpassword");
} else {
$this->site['flash']['error'] = "Unable to send password reset instructions";
}
} else {
$this->site['flash']['error'] = "Unable to find a user with that email address";
}
}
$this->assign("email", $email);
$this->title = "Lost Password";
$this->render("lost_password/index.tpl");
}
开发者ID:ItsHaden,项目名称:epicLanBootstrap,代码行数:35,代码来源:lost_password.controller.php
示例7: createForum
public function createForum($name, $category, $subcategory)
{
if (isset($this->authIdentity)) {
$insert_data = array('creator' => $this->authIdentity->userid, 'category' => $category, 'subcategory' => $subcategory, 'name' => mysql_real_escape_string($name), 'vote' => 'a:0:{}');
$forumid = $this->insert($insert_data);
}
}
开发者ID:abdulnizam,项目名称:zend-freniz,代码行数:7,代码来源:forum.php
示例8: handleRegister
function handleRegister()
{
//showLog("handleLogin");
//
$ret = array('op' => 'register', 'msg' => 'Registration Successful', 'error_code' => '0');
$username = $_POST["username"];
$email = $_POST["email"];
$password = $_POST["password"];
$upass = md5(mysql_real_escape_string($_POST['password']));
$dao = new DAOuser();
// ensure that user with same email does not exist in database
$user = $dao->getByEmail($email);
// user already exists for give email
if ($user != NULL) {
$ret["error_code"] = "1";
$ret["msg"] = "Email '" . $email . "' already exists";
echo json_encode($ret);
return;
}
// ensure that user with same username does not exist in database
$user = $dao->getByUsername($username);
// user already exists for give username
if ($user != NULL) {
$ret["error_code"] = "1";
$ret["msg"] = "Username '" . $username . "' already exists";
echo json_encode($ret);
return;
}
$user = new user($_POST['username'], $upass, $_POST['email']);
$dao->save($user);
echo json_encode($ret);
}
开发者ID:stoic1979,项目名称:php_transport,代码行数:32,代码来源:api.php
示例9: forSql
public function forSql($value, $maxLength = 0)
{
if ($maxLength > 0) {
$value = substr($value, 0, $maxLength);
}
return mysql_real_escape_string($value, $this->dbConnection->getResource());
}
开发者ID:k-kalashnikov,项目名称:geekcon_new,代码行数:7,代码来源:mysqlsqlhelper.php
示例10: addm
function addm($char, $mes, $priv)
{
setlocale(LC_ALL, "ru_RU.CP1251");
if (!isset($char['sex']) || $char['sex'] == "male") {
$mes = preg_replace("/\\{([\\d\\w\\s]*?)\\|([\\d\\w\\s]*?)\\}/i", "\\1", $mes);
} else {
$mes = preg_replace("/\\{([\\d\\w\\s]*?)\\|([\\d\\w\\s]*?)\\}/i", "\\2", $mes);
}
$mes = '<span style="color:#FF2828;font-size:12px;">' . iconv("Windows-1251", "UTF-8//IGNORE", $mes) . '</style>';
$message = $mes;
$message = mysql_real_escape_string($message);
$sel = myquery("SELECT `count` FROM `game_bot_chat_resp` WHERE `id` = '" . $char['name'] . "';");
$n = mysql_fetch_array($sel);
if ($n['count'] <= 4) {
myquery("INSERT INTO `game_bot_chat_resp` (`id`,`count`) VALUES ('" . $char['name'] . "','1') ON DUPLICATE KEY UPDATE `count` = `count` + 1;");
$update_chat = myquery("insert into game_log (town,fromm,too,message,date,ptype) values (0,'-1','" . $char['user_id'] . "','" . $message . "','" . time() . "'," . $priv . ")");
} else {
$sel = myquery("SELECT `text` FROM `game_bot_chat_annoy` ORDER BY RAND() ASC LIMIT 1");
$mes = mysql_fetch_array($sel);
if (!isset($char['sex']) || $char['sex'] == "male") {
$mes = preg_replace("/\\{([\\d\\w\\s]*?)\\|([\\d\\w\\s]*?)\\}/i", "\\1", $mes);
} else {
$mes = preg_replace("/\\{([\\d\\w\\s]*?)\\|([\\d\\w\\s]*?)\\}/i", "\\2", $mes);
}
$message = mysql_real_escape_string('<span style="color:#FF2828;font-size:12px;">' . iconv("Windows-1251", "UTF-8//IGNORE", $mes['text']) . '</style>');
$update_chat = myquery("insert into game_log (town,fromm,too,message,date,ptype) values (0,'-1','" . $char['user_id'] . "','" . $message . "','" . time() . "'," . $priv . ")");
}
}
开发者ID:themiddleearth,项目名称:RPG.SU,代码行数:28,代码来源:index.php
示例11: _wobi_addWebseedfiles
function _wobi_addWebseedfiles($torrent_file_path, $relative_path, $httplocation, $hash)
{
$prefix = WOBI_PREFIX;
$fd = fopen($torrent_file_path, "rb") or die(errorMessage() . "File upload error 1</p>");
$alltorrent = fread($fd, filesize($torrent_file_path));
fclose($fd);
$array = BDecode($alltorrent);
// Add in Bittornado HTTP seeding spec
//
//add information into database
$info = $array["info"] or die("Invalid torrent file.");
$fsbase = $relative_path;
// We need single file only!
mysql_query("INSERT INTO " . $prefix . "webseedfiles (info_hash,filename,startpiece,endpiece,startpieceoffset,fileorder) values (\"{$hash}\", \"" . mysql_real_escape_string($fsbase) . "\", 0, " . (strlen($array["info"]["pieces"]) / 20 - 1) . ", 0, 0)");
// Edit torrent file
//
$data_array = $array;
$data_array["httpseeds"][0] = WOBI_URL . "/seed.php";
//$data_array["url-list"][0] = $httplocation;
$to_write = BEncode($data_array);
//write torrent file
$write_httpseed = fopen($torrent_file_path, "wb");
fwrite($write_httpseed, $to_write);
fclose($write_httpseed);
//add in piecelength and number of pieces
$query = "UPDATE " . $prefix . "summary SET piecelength=\"" . $info["piece length"] . "\", numpieces=\"" . strlen($array["info"]["pieces"]) / 20 . "\" WHERE info_hash=\"" . $hash . "\"";
quickQuery($query);
}
开发者ID:j3k0,项目名称:Wobi,代码行数:28,代码来源:wobi_functions.php
示例12: authentication
public static function authentication()
{
// print_r($_SERVER);
// exit();
if (!isset($_SERVER['PHP_AUTH_USER'])) {
header('WWW-Authenticate: Basic realm="My Realm"');
header('HTTP/1.0 401 Unauthorized');
echo 'Text to send if user hits Cancel button';
exit;
} else {
$db = new DB();
$username = mysql_real_escape_string($_SERVER['PHP_AUTH_USER']);
$password = mysql_real_escape_string($_SERVER['PHP_AUTH_PW']);
$domain = 'nebula.com';
$hash = md5($username . ':' . $domain . ':' . $password);
$sql = "SELECT id from n_nebulauser WHERE username='{$username}' AND ha1='{$hash}'";
$q = $db->query($sql);
if (mysql_num_rows($q)) {
$fetch = mysql_fetch_assoc($q);
return $fetch['id'];
} else {
return null;
}
}
return false;
}
开发者ID:8Yards,项目名称:RESTServer,代码行数:26,代码来源:rest.class.php
示例13: prepare
function prepare($id, $data = false, $period_sec = false)
{
//Если задана очистка подготовленного сохранения
if ($id == 'clear') {
$this->temp = false;
return true;
}
//Если не передано что готовить
if (!$data) {
return false;
}
$t = mktime();
if (!$period_sec) {
$period_sec = 86400;
}
//+20дней=86400
if (!is_string($data)) {
$serr = serialize($data);
} else {
$serr = $data;
}
$serr = mysql_real_escape_string($serr);
/*
if(1==3 && unserialize($serr) != $data ){
$this->temp=false;
return false;
}
*/
$this->temp = "REPLACE INTO z_fs_queries SET fq_id='{$id}', fq_content='{$serr}', fq_create=" . $t . ", fq_dead=" . ($t + $period_sec);
$this->last_id = $id;
return true;
}
开发者ID:kronius,项目名称:vidpro,代码行数:32,代码来源:cache.php
示例14: getAreaList
public function getAreaList($stfips, $areatype)
{
$link = getDatabaseConnection();
$query = sprintf("select * from wid.geog " . "where stfips = '%s' and areatype = '%s' order by stfips, areatype, area", mysql_real_escape_string($stfips), mysql_real_escape_string($areatype));
$arealist = $this->getJSONResult($query, $link);
return $arealist;
}
开发者ID:jfpearce,项目名称:arc-tools,代码行数:7,代码来源:geog_data.php
示例15: loadData
private function loadData()
{
$title = mysql_real_escape_string($this->title);
$text = mysql_real_escape_string($this->text);
$data = array("title" => "'{$title}'", "type" => "'{$this->type}'", "text" => "'{$text}'");
return $data;
}
开发者ID:OniGen1337,项目名称:Commentz,代码行数:7,代码来源:Question.class.php
示例16: check_str
function check_str($string, $trim = true)
{
global $db_type, $db;
//when code in db is urlencoded the ' does not need to be modified
if ($db_type == "sqlite") {
if (function_exists('sqlite_escape_string')) {
$string = sqlite_escape_string($string);
} else {
$string = str_replace("'", "''", $string);
}
}
if ($db_type == "pgsql") {
$string = pg_escape_string($string);
}
if ($db_type == "mysql") {
if (function_exists('mysql_real_escape_string')) {
$tmp_str = mysql_real_escape_string($string);
} else {
$tmp_str = mysqli_real_escape_string($db, $string);
}
if (strlen($tmp_str)) {
$string = $tmp_str;
} else {
$search = array("", "\n", "\r", "\\", "'", "\"", "");
$replace = array("\\x00", "\\n", "\\r", "\\\\", "\\'", "\\\"", "\\");
$string = str_replace($search, $replace, $string);
}
}
$string = $trim ? trim($string) : $string;
return $string;
}
开发者ID:rdissauer,项目名称:fusionpbx,代码行数:31,代码来源:functions.php
示例17: SaveOptions
function SaveOptions($username, $email, $calendar_ids, $project_ids)
{
$email = mysql_real_escape_string($email);
/* get the range of years that studies have occured */
$sqlstring = "select * from users where username = '{$username}'";
//echo $sqlstring;
$result = mysql_query($sqlstring) or die("Query failed: " . mysql_error() . "<br><i>{$sqlstring}</i><br>");
if (mysql_num_rows($result) > 0) {
/* update */
$sqlstring = "update users set user_email = '{$email}' where username = '{$username}'";
$result = mysql_query($sqlstring) or die("Query failed: " . mysql_error() . "<br><i>{$sqlstring}</i><br>");
} else {
/* insert */
$sqlstring = "insert into users (username, user_email) values ('{$username}', '{$email}')";
$result = mysql_query($sqlstring) or die("Query failed: " . mysql_error() . "<br><i>{$sqlstring}</i><br>");
}
$sqlstring = "select * from users where username = '{$username}'";
$result = mysql_query($sqlstring) or die("Query failed: " . mysql_error() . "<br><i>{$sqlstring}</i><br>");
$row = mysql_fetch_array($result, MYSQL_ASSOC);
$user_id = $row['user_id'];
$sqlstring = "delete from calendar_notifications where not_userid = {$user_id}";
$result = mysql_query($sqlstring) or die("Query failed: " . mysql_error() . "<br><i>{$sqlstring}</i><br>");
foreach ($calendar_ids as $cal_id) {
$sqlstring = "insert into calendar_notifications (not_userid, not_calendarid) values ({$user_id}, {$cal_id})";
$result = mysql_query($sqlstring) or die("Query failed: " . mysql_error() . "<br><i>{$sqlstring}</i><br>");
}
$sqlstring = "delete from project_notifications where not_userid = {$user_id}";
$result = mysql_query($sqlstring) or die("Query failed: " . mysql_error() . "<br><i>{$sqlstring}</i><br>");
foreach ($project_ids as $prj_id) {
$sqlstring = "insert into project_notifications (not_userid, not_projectid) values ({$user_id}, {$prj_id})";
$result = mysql_query($sqlstring) or die("Query failed: " . mysql_error() . "<br><i>{$sqlstring}</i><br>");
}
}
开发者ID:pmolfese,项目名称:nidb,代码行数:33,代码来源:calendar_users.php
示例18: query
/**
* execute query - show be regarded as private to insulate the rest of
* the application from sql differences
* @access private
*/
function query($sql)
{
global $CONF;
if (is_null($this->dblink)) {
$this->_connect();
}
//been passed more parameters? do some smart replacement
if (func_num_args() > 1) {
//query contains ? placeholders, but it's possible the
//replacement string have ? in too, so we replace them in
//our sql with something more unique
$q = md5(uniqid(rand(), true));
$sql = str_replace('?', $q, $sql);
$args = func_get_args();
for ($i = 1; $i <= count($args); $i++) {
$sql = preg_replace("/{$q}/", "'" . preg_quote(mysql_real_escape_string($args[$i])) . "'", $sql, 1);
}
//we shouldn't have any $q left, but it will help debugging if we change them back!
$sql = str_replace($q, '?', $sql);
}
$this->dbresult = mysql_query($sql, $this->dblink);
if (!$this->dbresult) {
die("Query failure: " . mysql_error() . "<br />{$sql}");
}
return $this->dbresult;
}
开发者ID:carriercomm,项目名称:pastebin,代码行数:31,代码来源:legacy.php
示例19: writeToDestination
function writeToDestination($data)
{
$sqlInsertStatement = "INSERT INTO SAKPART (SP_SAID, SP_U1, SP_KORTNAVN, SP_NAVN, SP_ADRESSE, SP_POSTNR, SP_POSTSTED, SP_UTLAND, SP_EPOSTADR, SP_KONTAKT, SP_ROLLE, SP_FAKS, SP_TLF) VALUES (";
$sqlInsertStatement .= "'" . $data->SP_SAID . "',";
$sqlInsertStatement .= "'" . $data->SP_U1 . "',";
$sqlInsertStatement .= "'" . $data->SP_KORTNAVN . "',";
$sqlInsertStatement .= "'" . mysql_real_escape_string($data->SP_NAVN) . "',";
$sqlInsertStatement .= "'" . mysql_real_escape_string($data->SP_ADRESSE) . "',";
$sqlInsertStatement .= "'" . $data->SP_POSTNR . "',";
$sqlInsertStatement .= "'" . $data->SP_POSTSTED . "',";
$sqlInsertStatement .= "'" . $data->SP_UTLAND . "',";
$sqlInsertStatement .= "'" . $data->SP_EPOSTADR . "',";
$sqlInsertStatement .= "'" . $data->SP_KONTAKT . "',";
$sqlInsertStatement .= "'" . $data->SP_ROLLE . "',";
$sqlInsertStatement .= "'" . $data->SP_FAKS . "',";
$sqlInsertStatement .= "'" . $data->SP_TLF . "'";
$sqlInsertStatement .= ");";
$this->uttrekksBase->printErrorIfDuplicateFail = false;
if ($this->uttrekksBase->executeStatement($sqlInsertStatement) == false) {
// 1062 == duplicate key. Scary to hardcode, but can't find mysql constants somewhere
if (mysql_errno() == Constants::MY_SQL_DUPLICATE) {
// This table is know to contain duplicates. We just log and continue
$this->logger->log($this->XMLfilename, "Duplicate value detected. Value is SP_SAID (" . $data->SP_SAID . "), SP_NAVN (" . $data->SP_NAVN . ")", Constants::LOG_WARNING);
}
}
$this->uttrekksBase->printErrorIfDuplicateFail = true;
// $this->uttrekksBase->executeStatement($sqlInsertStatement);
}
开发者ID:KDRS-DEVELOP,项目名称:noark4-uttrekk-php,代码行数:28,代码来源:SakPartDAO.php
示例20: modul
function modul($posisi)
{
global $koneksi_db, $STYLE_INCLUDE, $SCRIPT_INCLUDE;
$total = 0;
$numb = 0;
if (isset($_GET['pilih'])) {
$pilih = mysql_real_escape_string(strip_tags($_GET['pilih']));
$numb = mysql_num_rows(mysql_query("SELECT `id` FROM `actions` WHERE `modul_hrd` = '{$pilih}'"));
$modulku = mysql_query("SELECT * FROM `actions` LEFT JOIN `modul_hrd` ON (`modul_hrd`.`id` = `actions`.`modul_id`) WHERE `actions`.`modul_hrd` = '{$pilih}' AND `actions`.`posisi` = '{$posisi}' ORDER BY `actions`.`order`");
$total = mysql_num_rows($modulku);
while ($viewmoduls = mysql_fetch_assoc($modulku)) {
if (file_exists($viewmoduls['isi']) && $viewmoduls['type'] == 'module') {
include $viewmoduls['isi'];
kotakjudul($viewmoduls['modul'], @$out, '');
$out = '';
}
if ($viewmoduls['type'] == 'block') {
kotakjudul($viewmoduls['modul'], $viewmoduls['isi'], '');
}
}
}
if ($total == 0 && $numb == 0) {
$modulku = $koneksi_db->sql_query("SELECT * FROM modul_hrd WHERE published= 1 AND posisi= '{$posisi}' ORDER BY ordering");
while ($viewmodul = $koneksi_db->sql_fetchrow($modulku)) {
if (file_exists($viewmodul['isi']) && $viewmodul['type'] == 'module') {
include $viewmodul['isi'];
kotakjudul($viewmodul['modul'], @$out, '');
$out = '';
}
if ($viewmodul['type'] == 'block') {
kotakjudul($viewmodul['modul'], $viewmodul['isi'], '');
}
}
}
}
开发者ID:sofiasrifin,项目名称:sistermetta,代码行数:35,代码来源:fungsi.php
注:本文中的mysql_real_escape_string函数示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论