diff --git a/www-ssl/inc/funktion_schichtplan_Tage.php b/www-ssl/inc/funktion_schichtplan_Tage.php index 14ae53a9..abbbddc4 100755 --- a/www-ssl/inc/funktion_schichtplan_Tage.php +++ b/www-ssl/inc/funktion_schichtplan_Tage.php @@ -55,12 +55,15 @@ do "WHERE ( (`DateS` like '$DateS%') AND NOT (`DateE` like '%00:00:00'))"; $Erg2 = mysql_query($SQL2, $con); $DateE = substr(mysql_result($Erg2, 0 , 0), 0,10); - - while( $DateS != $DateE) - { - $DateS = DatumUm1TagErhoehen( $DateS); - $VeranstaltungsTage[$Pos++] = $DateS; - } + + if( strlen($DateE) == 0) + $DateE = $DateS; + else + while( $DateS != $DateE) + { + $DateS = DatumUm1TagErhoehen( $DateS); + $VeranstaltungsTage[$Pos++] = $DateS; + } //suchen den nästen eintrag $SQL = "SELECT `DateS` FROM `Shifts` ". diff --git a/www-ssl/inc/secure.php b/www-ssl/inc/secure.php index ed3a514b..687289fc 100755 --- a/www-ssl/inc/secure.php +++ b/www-ssl/inc/secure.php @@ -10,7 +10,7 @@ foreach ($_GET as $k => $v) $v = htmlspecialchars($v); $v = mysql_escape_string($v); // $v = htmlentities($v); - if (preg_match('/([\"`])/', $v, $match)) + if (preg_match('/([\'"`\'])/', $v, $match)) { print "sorry get has illegal char '$match[1]'"; exit;