funktion_schichtplan_Tage.php: endlosscheliede bei nur einer schicht
secure.php: filterung noict komplett git-svn-id: svn://svn.cccv.de/engel-system@28 29ba0400-6e00-0410-a75a-ca02368028f8
This commit is contained in:
parent
7e5f4a3332
commit
1d219f5c77
|
@ -56,11 +56,14 @@ do
|
|||
$Erg2 = mysql_query($SQL2, $con);
|
||||
$DateE = substr(mysql_result($Erg2, 0 , 0), 0,10);
|
||||
|
||||
while( $DateS != $DateE)
|
||||
{
|
||||
$DateS = DatumUm1TagErhoehen( $DateS);
|
||||
$VeranstaltungsTage[$Pos++] = $DateS;
|
||||
}
|
||||
if( strlen($DateE) == 0)
|
||||
$DateE = $DateS;
|
||||
else
|
||||
while( $DateS != $DateE)
|
||||
{
|
||||
$DateS = DatumUm1TagErhoehen( $DateS);
|
||||
$VeranstaltungsTage[$Pos++] = $DateS;
|
||||
}
|
||||
|
||||
//suchen den nästen eintrag
|
||||
$SQL = "SELECT `DateS` FROM `Shifts` ".
|
||||
|
|
|
@ -10,7 +10,7 @@ foreach ($_GET as $k => $v)
|
|||
$v = htmlspecialchars($v);
|
||||
$v = mysql_escape_string($v);
|
||||
// $v = htmlentities($v);
|
||||
if (preg_match('/([\"`])/', $v, $match))
|
||||
if (preg_match('/([\'"`\'])/', $v, $match))
|
||||
{
|
||||
print "sorry get has illegal char '$match[1]'";
|
||||
exit;
|
||||
|
|
Loading…
Reference in New Issue