[ Index ]
 

Code source de e107 0.7.8
Accédez au Source d'autres logiciels libresSoutenez Angelica Josefina !

title

Body

[fermer]

/e107_handlers/ -> input_class.php (source)

[Sommaire] [Imprimer] 

   1  <?php
   2  
   3  /**
   4  +-------------------------------------------------------------+
   5  |     e107 website system
   6  |
   7  |     ©Steve Dunstan 2001-2002
   8  |     http://e107.org
   9  |     jalist@e107.org
  10  |
  11  |     Released under the terms and conditions of the
  12  |     GNU General Public License (http://gnu.org).
  13  |
  14  |     $Source: /cvsroot/e107/e107_0.7/e107_handlers/input_class.php,v $
  15  |     $Revision: 1.10 $
  16  |     $Date: 2005/12/14 17:37:34 $
  17  |     $Author: sweetas $
  18  +-------------------------------------------------------------+
  19  */
  20  
  21  if (!defined('e107_INIT')) { exit; }
  22  
  23  /**
  24  * User input cleaning class
  25  *
  26  * @package e107
  27  * @version $Revision: 1.10 $
  28  * @author $Author: sweetas $
  29  */
  30  class einput {
  31  
  32      // new, better function.. docs soon :)
  33  	function escape($string, $gpc_data = true) {
  34          // Stripslashes if needed
  35          if ($gpc_data == true && get_magic_quotes_gpc()) {
  36              $string = stripslashes($string);
  37          }
  38          // Replace new lines (quick / dirty fix to issues caused by real_escape)
  39          $string = str_replace(array("\r", "\n"), array("--#R--", "--#N--"), $string);
  40          // Escape data
  41          $string = mysql_real_escape_string($string);
  42          // Put back new lines
  43          $string = str_replace(array("--#R--", "--#N--"), array("\r", "\n"), $string);
  44          return $string;
  45      }
  46  
  47      /**
  48       * Escape SQL data to help prevent injections
  49       *
  50       * @param string $string [dirty input data]
  51       * @return string [escaped data]
  52       */
  53  	function sql_escape_string($string = "") {
  54          // Replace new lines (quick / dirty fix to issues caused by real_escape)
  55          $string = str_replace(array("\r", "\n"), array("--#R--", "--#N--"), $string);
  56          // Escape data
  57          $string = mysql_real_escape_string($string);
  58          // Put back new lines
  59          $string = str_replace(array("--#R--", "--#N--"), array("\r", "\n"), $string);
  60          return $string;
  61      }
  62  
  63      /**
  64       * Strip slashes from string, for use before escaping data for sql queries - takes into account magic_quotes_gpc setting, i.e. only stips if it's on - or the second arg is true
  65       *
  66       * @param string $string [input string]
  67       * @param bool $ignore_magic_quotes_gpc [overide magic_quotes_gpc setting, i.e. always strip slashes
  68       * @return string
  69       */
  70  	function strip_input($string = "", $ignore_magic_quotes_gpc = false) {
  71          if(get_magic_quotes_gpc() == true || $ignore_magic_quotes_gpc == true) {
  72              $string = stripslashes($string);
  73          }
  74          return $string;
  75      }
  76  }
  77  
  78  ?>

Corps

Corps

Corps

Corps


Généré le : Sun Apr 1 01:23:32 2007 par Balluche grâce à PHPXref 0.7