From 1cccb4a2ad14a8f6e9d7dd79cc978f27b87de62f Mon Sep 17 00:00:00 2001 From: cookie Date: Fri, 21 Oct 2005 17:39:16 +0000 Subject: [PATCH] secure bugfix SQLcommand wurde nicht am programmstart geleert ausgabe user frendly gestalltet git-svn-id: svn://svn.cccv.de/engel-system@7 29ba0400-6e00-0410-a75a-ca02368028f8 --- admin/room.php | 31 +++++++++++++++++++++---------- 1 file changed, 21 insertions(+), 10 deletions(-) diff --git a/admin/room.php b/admin/room.php index b1faac70..a2cc7d13 100755 --- a/admin/room.php +++ b/admin/room.php @@ -21,7 +21,10 @@ if( !IsSet($action) ) for( $i = 1; $i < mysql_num_fields($Erg); $i++ ) { - echo "\t". mysql_field_name($Erg, $i). ""; + if( substr( mysql_field_name($Erg, $i), 0, 12) == "DEFAULT_EID_") + echo "\t Anzahl ". $EngelTypeID[substr( mysql_field_name($Erg, $i), 12)]. ""; + else + echo "\t". mysql_field_name($Erg, $i).""; } echo "\tÄndern"; echo ""; @@ -52,11 +55,14 @@ case 'new': for( $Uj = 1; $Uj < mysql_num_fields($Erg); $Uj++ ) { - echo "".mysql_field_name($Erg, $Uj)."". - ""; //sonderfall fuer Default Engel if( substr( mysql_field_name($Erg, $Uj), 0, 12) == "DEFAULT_EID_") - echo " ". $EngelTypeID[substr( mysql_field_name($Erg, $Uj), 12)]; + $FeldName = "Anzahl ". $EngelTypeID[substr( mysql_field_name($Erg, $Uj), 12)]; + else + $FeldName = mysql_field_name($Erg, $Uj); + + echo "$FeldName". + ""; echo "\n"; } echo "\n"; @@ -105,12 +111,15 @@ case 'change': for ($Uj = 1; $Uj < mysql_num_fields($ERG); $Uj++) { - echo "".mysql_field_name($ERG, $Uj)."". - ""; //sonderfall fuer Default Engel if( substr( mysql_field_name($ERG, $Uj), 0, 12) == "DEFAULT_EID_") - echo " ". $EngelTypeID[substr( mysql_field_name($ERG, $Uj), 12)]; + $FeldName = "Anzahl ". $EngelTypeID[substr( mysql_field_name($ERG, $Uj), 12)]; + else + $FeldName = mysql_field_name($ERG, $Uj); + + echo "$FeldName". + ""; echo"\n"; } echo "\n"; @@ -149,8 +158,8 @@ case 'delete': SetHeaderGo2Back(); break; -} -} +} //switch + // Update ??? @@ -166,5 +175,7 @@ if (IsSet($SQL)){ } } // Ende Update +} //IF IsSet($action) + include ("./inc/footer.php"); ?>