From 6bede2fd229395f34c321a37efa2ea93e7b1a7ba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philip=20H=C3=A4usler?= Date: Sun, 28 Dec 2014 13:44:56 +0100 Subject: [PATCH] harden the sql queries --- db/update.d/16_admin_user_angeltypes.php | 2 +- includes/controller/shifts_controller.php | 2 +- includes/controller/users_controller.php | 6 +-- includes/model/AngelType_model.php | 12 +++--- includes/model/LogEntries_model.php | 2 +- includes/model/Message_model.php | 6 +-- includes/model/NeededAngelTypes_model.php | 4 +- includes/model/Room_model.php | 2 +- includes/model/ShiftEntry_model.php | 18 ++++----- includes/model/ShiftTypes_model.php | 8 ++-- includes/model/Shifts_model.php | 32 ++++++++-------- includes/model/UserAngelTypes_model.php | 34 ++++++++--------- includes/model/UserGroups_model.php | 2 +- includes/model/User_model.php | 26 ++++++------- includes/mysqli_provider.php | 10 +++++ includes/pages/admin_active.php | 10 ++--- includes/pages/admin_arrive.php | 4 +- includes/pages/admin_free.php | 2 +- includes/pages/admin_groups.php | 14 +++---- includes/pages/admin_news.php | 6 +-- includes/pages/admin_questions.php | 8 ++-- includes/pages/admin_rooms.php | 16 ++++---- includes/pages/admin_shifts.php | 6 +-- includes/pages/admin_user.php | 24 ++++++------ includes/pages/guest_login.php | 8 ++-- includes/pages/user_ical.php | 2 +- includes/pages/user_messages.php | 14 +++---- includes/pages/user_myshifts.php | 10 ++--- includes/pages/user_news.php | 4 +- includes/pages/user_questions.php | 10 ++--- includes/pages/user_settings.php | 8 ++-- includes/pages/user_shifts.php | 46 +++++++++++------------ includes/sys_auth.php | 8 ++-- 33 files changed, 188 insertions(+), 178 deletions(-) diff --git a/db/update.d/16_admin_user_angeltypes.php b/db/update.d/16_admin_user_angeltypes.php index de1803ea..29fc9f54 100644 --- a/db/update.d/16_admin_user_angeltypes.php +++ b/db/update.d/16_admin_user_angeltypes.php @@ -5,7 +5,7 @@ if (sql_num_query("SELECT * FROM `Privileges` WHERE `name`='admin_user_angeltypes'") == 0) { sql_query("INSERT INTO `Privileges` (`id`, `name`, `desc`) VALUES ( NULL , 'admin_user_angeltypes', 'Confirm restricted angel types' );"); $id = sql_id(); - sql_query("INSERT INTO `GroupPrivileges` SET `group_id`=-5, `privilege_id`=" . sql_escape($id)); + sql_query("INSERT INTO `GroupPrivileges` SET `group_id`=-5, `privilege_id`='" . sql_escape($id) . "'"); sql_query("INSERT INTO `Sprache` ( `TextID` , `Sprache` , diff --git a/includes/controller/shifts_controller.php b/includes/controller/shifts_controller.php index 90753217..9982388e 100644 --- a/includes/controller/shifts_controller.php +++ b/includes/controller/shifts_controller.php @@ -145,7 +145,7 @@ function shifts_json_export_controller() { INNER JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) INNER JOIN `ShiftTypes` ON (`Shifts`.`shifttype_id`=`ShiftTypes`.`id`) INNER JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) - WHERE `UID`=" . sql_escape($user['UID']) . " + WHERE `UID`='" . sql_escape($user['UID']) . "' ORDER BY `start`"); } diff --git a/includes/controller/users_controller.php b/includes/controller/users_controller.php index 484d9912..7810ce77 100644 --- a/includes/controller/users_controller.php +++ b/includes/controller/users_controller.php @@ -74,14 +74,14 @@ function user_controller() { $shifts = Shifts_by_user($user_source); foreach ($shifts as &$shift) { // TODO: Move queries to model - $shift['needed_angeltypes'] = sql_select("SELECT DISTINCT `AngelTypes`.* FROM `ShiftEntry` JOIN `AngelTypes` ON `ShiftEntry`.`TID`=`AngelTypes`.`id` WHERE `ShiftEntry`.`SID`=" . sql_escape($shift['SID']) . " ORDER BY `AngelTypes`.`name`"); + $shift['needed_angeltypes'] = sql_select("SELECT DISTINCT `AngelTypes`.* FROM `ShiftEntry` JOIN `AngelTypes` ON `ShiftEntry`.`TID`=`AngelTypes`.`id` WHERE `ShiftEntry`.`SID`='" . sql_escape($shift['SID']) . "' ORDER BY `AngelTypes`.`name`"); foreach ($shift['needed_angeltypes'] as &$needed_angeltype) { $needed_angeltype['users'] = sql_select(" SELECT `ShiftEntry`.`freeloaded`, `User`.* FROM `ShiftEntry` JOIN `User` ON `ShiftEntry`.`UID`=`User`.`UID` - WHERE `ShiftEntry`.`SID`=" . sql_escape($shift['SID']) . " - AND `ShiftEntry`.`TID`=" . sql_escape($needed_angeltype['id'])); + WHERE `ShiftEntry`.`SID`='" . sql_escape($shift['SID']) . "' + AND `ShiftEntry`.`TID`='" . sql_escape($needed_angeltype['id']) . "'"); } } diff --git a/includes/model/AngelType_model.php b/includes/model/AngelType_model.php index d0119e6f..5e7f4fb6 100644 --- a/includes/model/AngelType_model.php +++ b/includes/model/AngelType_model.php @@ -8,7 +8,7 @@ function AngelType_delete($angeltype) { return sql_query(" DELETE FROM `AngelTypes` - WHERE `id`=" . sql_escape($angeltype['id']) . " + WHERE `id`='" . sql_escape($angeltype['id']) . "' LIMIT 1"); } @@ -24,9 +24,9 @@ function AngelType_update($angeltype_id, $name, $restricted, $description) { return sql_query(" UPDATE `AngelTypes` SET `name`='" . sql_escape($name) . "', - `restricted`=" . sql_escape($restricted ? 1 : 0) . ", + `restricted`='" . sql_escape($restricted ? 1 : 0) . "', `description`='" . sql_escape($description) . "' - WHERE `id`=" . sql_escape($angeltype_id) . " + WHERE `id`='" . sql_escape($angeltype_id) . "' LIMIT 1"); } @@ -42,7 +42,7 @@ function AngelType_create($name, $restricted, $description) { $result = sql_query(" INSERT INTO `AngelTypes` SET `name`='" . sql_escape($name) . "', - `restricted`=" . sql_escape($restricted ? 1 : 0) . ", + `restricted`='" . sql_escape($restricted ? 1 : 0) . "', `description`='" . sql_escape($description) . "'"); if ($result === false) return false; @@ -69,7 +69,7 @@ function AngelType_validate_name($name, $angeltype) { SELECT * FROM `AngelTypes` WHERE `name`='" . sql_escape($name) . "' - AND NOT `id`=" . sql_escape($angeltype['id']) . " + AND NOT `id`='" . sql_escape($angeltype['id']) . "' LIMIT 1") == 0, $name ); @@ -130,7 +130,7 @@ function AngelType_ids() { * ID */ function AngelType($id) { - $angelType_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); + $angelType_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($id) . "' LIMIT 1"); if ($angelType_source === false) return false; if (count($angelType_source) > 0) diff --git a/includes/model/LogEntries_model.php b/includes/model/LogEntries_model.php index 2e8a8cf7..d13c3692 100644 --- a/includes/model/LogEntries_model.php +++ b/includes/model/LogEntries_model.php @@ -8,7 +8,7 @@ * Message */ function LogEntry_create($nick, $message) { - return sql_query("INSERT INTO `LogEntries` SET `timestamp`=" . sql_escape(time()) . ", `nick`='" . sql_escape($nick) . "', `message`='" . sql_escape($message) . "'"); + return sql_query("INSERT INTO `LogEntries` SET `timestamp`='" . sql_escape(time()) . "', `nick`='" . sql_escape($nick) . "', `message`='" . sql_escape($message) . "'"); } /** diff --git a/includes/model/Message_model.php b/includes/model/Message_model.php index 1e1923e8..7bae0dd4 100644 --- a/includes/model/Message_model.php +++ b/includes/model/Message_model.php @@ -14,7 +14,7 @@ function Message_ids() { * ID */ function Message($id) { - $message_source = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); + $message_source = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1"); if ($message_source === false) return false; if (count($message_source) > 0) @@ -38,8 +38,8 @@ function Message_send($id, $text) { $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($text)); $to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($id)); - if (($text != "" && is_numeric($to)) && (sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0)) { - sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'"); + if (($text != "" && is_numeric($to)) && (sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($to) . "' AND NOT `UID`='" . sql_escape($user['UID']) . "' LIMIT 1") > 0)) { + sql_query("INSERT INTO `Messages` SET `Datum`='" . sql_escape(time()) . "', `SUID`='" . sql_escape($user['UID']) . "', `RUID`='" . sql_escape($to) . "', `Text`='" . sql_escape($text) . "'"); return true; } else { return false; diff --git a/includes/model/NeededAngelTypes_model.php b/includes/model/NeededAngelTypes_model.php index e9176d34..8d6b8cce 100644 --- a/includes/model/NeededAngelTypes_model.php +++ b/includes/model/NeededAngelTypes_model.php @@ -10,7 +10,7 @@ function NeededAngelTypes_by_shift($shiftId) { SELECT `NeededAngelTypes`.*, `AngelTypes`.`name`, `AngelTypes`.`restricted` FROM `NeededAngelTypes` JOIN `AngelTypes` ON `AngelTypes`.`id` = `NeededAngelTypes`.`angel_type_id` - WHERE `shift_id`=" . sql_escape($shiftId) . " + WHERE `shift_id`='" . sql_escape($shiftId) . "' AND `count` > 0 ORDER BY `room_id` DESC "); @@ -24,7 +24,7 @@ function NeededAngelTypes_by_shift($shiftId) { FROM `NeededAngelTypes` JOIN `AngelTypes` ON `AngelTypes`.`id` = `NeededAngelTypes`.`angel_type_id` JOIN `Shifts` ON `Shifts`.`RID` = `NeededAngelTypes`.`room_id` - WHERE `Shifts`.`SID`=" . sql_escape($shiftId) . " + WHERE `Shifts`.`SID`='" . sql_escape($shiftId) . "' AND `count` > 0 ORDER BY `room_id` DESC "); diff --git a/includes/model/Room_model.php b/includes/model/Room_model.php index c48abc78..49ad0c60 100644 --- a/includes/model/Room_model.php +++ b/includes/model/Room_model.php @@ -18,7 +18,7 @@ function Room_ids() { * @param $id RID */ function Room($id) { - $room_source = sql_select("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($id) . " AND `show` = 'Y' LIMIT 1"); + $room_source = sql_select("SELECT * FROM `Room` WHERE `RID`='" . sql_escape($id) . "' AND `show` = 'Y' LIMIT 1"); if ($room_source === false) return false; if (count($room_source) > 0) diff --git a/includes/model/ShiftEntry_model.php b/includes/model/ShiftEntry_model.php index 5129f15a..1579b93b 100644 --- a/includes/model/ShiftEntry_model.php +++ b/includes/model/ShiftEntry_model.php @@ -16,7 +16,7 @@ function ShiftEntries_by_shift($shift_id) { FROM `ShiftEntry` JOIN `User` ON `ShiftEntry`.`UID`=`User`.`UID` JOIN `AngelTypes` ON `ShiftEntry`.`TID`=`AngelTypes`.`id` - WHERE `ShiftEntry`.`SID`=" . sql_escape($shift_id)); + WHERE `ShiftEntry`.`SID`='" . sql_escape($shift_id)) . "'"; } /** @@ -27,12 +27,12 @@ function ShiftEntries_by_shift($shift_id) { function ShiftEntry_create($shift_entry) { mail_shift_assign(User($shift_entry['UID']), Shift($shift_entry['SID'])); return sql_query("INSERT INTO `ShiftEntry` SET - `SID`=" . sql_escape($shift_entry['SID']) . ", - `TID`=" . sql_escape($shift_entry['TID']) . ", - `UID`=" . sql_escape($shift_entry['UID']) . ", + `SID`='" . sql_escape($shift_entry['SID']) . "', + `TID`='" . sql_escape($shift_entry['TID']) . "', + `UID`='" . sql_escape($shift_entry['UID']) . "', `Comment`='" . sql_escape($shift_entry['Comment']) . "', `freeload_comment`='" . sql_escape($shift_entry['freeload_comment']) . "', - `freeloaded`=" . sql_escape($shift_entry['freeloaded'] ? 'TRUE' : 'FALSE')); + `freeloaded`=" . sql_bool($shift_entry['freeloaded'])); } /** @@ -42,15 +42,15 @@ function ShiftEntry_update($shift_entry) { return sql_query("UPDATE `ShiftEntry` SET `Comment`='" . sql_escape($shift_entry['Comment']) . "', `freeload_comment`='" . sql_escape($shift_entry['freeload_comment']) . "', - `freeloaded`=" . sql_escape($shift_entry['freeloaded'] ? 'TRUE' : 'FALSE') . " - WHERE `id`=" . sql_escape($shift_entry['id'])); + `freeloaded`=" . sql_bool($shift_entry['freeloaded']) . " + WHERE `id`='" . sql_escape($shift_entry['id']) . "'"); } /** * Get a shift entry. */ function ShiftEntry($shift_entry_id) { - $shift_entry = sql_select("SELECT * FROM `ShiftEntry` WHERE `id`=" . sql_escape($shift_entry_id)); + $shift_entry = sql_select("SELECT * FROM `ShiftEntry` WHERE `id`='" . sql_escape($shift_entry_id) . "'"); if ($shift_entry === false) return false; if (count($shift_entry) == 0) @@ -64,7 +64,7 @@ function ShiftEntry($shift_entry_id) { function ShiftEntry_delete($shift_entry_id) { $shift_entry = ShiftEntry($shift_entry_id); mail_shift_removed(User($shift_entry['UID']), Shift($shift_entry['SID'])); - return sql_query("DELETE FROM `ShiftEntry` WHERE `id`=" . sql_escape($shift_entry_id)); + return sql_query("DELETE FROM `ShiftEntry` WHERE `id`='" . sql_escape($shift_entry_id) . "'"); } /** diff --git a/includes/model/ShiftTypes_model.php b/includes/model/ShiftTypes_model.php index 7b502585..907ad076 100644 --- a/includes/model/ShiftTypes_model.php +++ b/includes/model/ShiftTypes_model.php @@ -5,7 +5,7 @@ * @param int $shifttype_id */ function ShiftType_delete($shifttype_id) { - return sql_query("DELETE FROM `ShiftTypes` WHERE `id`=" . sql_escape($shifttype_id)); + return sql_query("DELETE FROM `ShiftTypes` WHERE `id`='" . sql_escape($shifttype_id) . "'"); } /** @@ -21,7 +21,7 @@ function ShiftType_update($shifttype_id, $name, $angeltype_id, $description) { `name`='" . sql_escape($name) . "', `angeltype_id`=" . sql_null($angeltype_id) . ", `description`='" . sql_escape($description) . "' - WHERE `id`=" . sql_escape($shifttype_id)); + WHERE `id`='" . sql_escape($shifttype_id) . "'"); } /** @@ -35,7 +35,7 @@ function ShiftType_update($shifttype_id, $name, $angeltype_id, $description) { function ShiftType_create($name, $angeltype_id, $description) { $result = sql_query("INSERT INTO `ShiftTypes` SET `name`='" . sql_escape($name) . "', - `angeltype_id`=" . sql_null($angeltype_id) . ", + `angeltype_id`='" . sql_null($angeltype_id) . "', `description`='" . sql_escape($description) . "'"); if ($result === false) return false; @@ -48,7 +48,7 @@ function ShiftType_create($name, $angeltype_id, $description) { * @param int $shifttype_id */ function ShiftType($shifttype_id) { - $shifttype = sql_select("SELECT * FROM `ShiftTypes` WHERE `id`=" . sql_escape($shifttype_id)); + $shifttype = sql_select("SELECT * FROM `ShiftTypes` WHERE `id`='" . sql_escape($shifttype_id) . "'"); if ($shifttype === false) return false; if ($shifttype == null) diff --git a/includes/model/Shifts_model.php b/includes/model/Shifts_model.php index a0cdbe5d..edf80538 100644 --- a/includes/model/Shifts_model.php +++ b/includes/model/Shifts_model.php @@ -85,7 +85,7 @@ function Shift_signup_allowed($shift, $angeltype, $user_angeltype = null, $user_ * Delete a shift by its external id. */ function Shift_delete_by_psid($shift_psid) { - return sql_query("DELETE FROM `Shifts` WHERE `PSID`=" . sql_escape($shift_psid)); + return sql_query("DELETE FROM `Shifts` WHERE `PSID`='" . sql_escape($shift_psid)."'"); } /** @@ -94,7 +94,7 @@ function Shift_delete_by_psid($shift_psid) { function Shift_delete($shift_id) { mail_shift_delete(Shift($shift_id)); - return sql_query("DELETE FROM `Shifts` WHERE `SID`=" . sql_escape($shift_id)); + return sql_query("DELETE FROM `Shifts` WHERE `SID`='" . sql_escape($shift_id) . "'"); } /** @@ -105,14 +105,14 @@ function Shift_update($shift) { mail_shift_change(Shift($shift['SID']), $shift); return sql_query("UPDATE `Shifts` SET - `shifttype_id`=" . sql_escape($shift['shifttype_id']) . ", - `start`=" . sql_escape($shift['start']) . ", - `end`=" . sql_escape($shift['end']) . ", - `RID`=" . sql_escape($shift['RID']) . ", + `shifttype_id`='" . sql_escape($shift['shifttype_id']) . "', + `start`='" . sql_escape($shift['start']) . "', + `end`='" . sql_escape($shift['end']) . "', + `RID`='" . sql_escape($shift['RID']) . "', `title`=" . sql_null($shift['title']) . ", `URL`=" . sql_null($shift['URL']) . ", `PSID`=" . sql_null($shift['PSID']) . " - WHERE `SID`=" . sql_escape($shift['SID'])); + WHERE `SID`='" . sql_escape($shift['SID']) . "'"); } /** @@ -135,12 +135,12 @@ function Shift_update_by_psid($shift) { */ function Shift_create($shift) { $result = sql_query("INSERT INTO `Shifts` SET - `shifttype_id`=" . sql_escape($shift['shifttype_id']) . ", - `start`=" . sql_escape($shift['start']) . ", - `end`=" . sql_escape($shift['end']) . ", - `RID`=" . sql_escape($shift['RID']) . ", + `shifttype_id`='" . sql_escape($shift['shifttype_id']) . "', + `start`='" . sql_escape($shift['start']) . "', + `end`='" . sql_escape($shift['end']) . "', + `RID`='" . sql_escape($shift['RID']) . "', `title`=" . sql_null($shift['title']) . ", - `URL`=" . sql_null($shift['URL']) . ", + `URL`=" . sql_null($shift['URL']) . "', `PSID`=" . sql_null($shift['PSID'])); if ($result === false) return false; @@ -157,7 +157,7 @@ function Shifts_by_user($user) { JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) - WHERE `UID`=" . sql_escape($user['UID']) . " + WHERE `UID`='" . sql_escape($user['UID']) . "' ORDER BY `start` "); } @@ -173,7 +173,7 @@ function Shifts_filtered() { // filterRoom (Array of integer) - Array of Room IDs (optional, for list request) if (isset($_REQUEST['filterRoom']) && is_array($_REQUEST['filterRoom'])) { foreach ($_REQUEST['filterRoom'] as $key => $value) { - $filter .= ", `RID`=" . sql_escape($value) . " "; + $filter .= ", `RID`='" . sql_escape($value) . "' "; } } @@ -218,8 +218,8 @@ function Shift($id) { SELECT `Shifts`.*, `ShiftTypes`.`name` FROM `Shifts` JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`) - WHERE `SID`=" . sql_escape($id)); - $shiftsEntry_source = sql_select("SELECT `id`, `TID` , `UID` , `freeloaded` FROM `ShiftEntry` WHERE `SID`=" . sql_escape($id)); + WHERE `SID`='" . sql_escape($id) . "'"); + $shiftsEntry_source = sql_select("SELECT `id`, `TID` , `UID` , `freeloaded` FROM `ShiftEntry` WHERE `SID`='" . sql_escape($id) . "'"); if ($shifts_source === false) return false; diff --git a/includes/model/UserAngelTypes_model.php b/includes/model/UserAngelTypes_model.php index 7dcaef7a..19686480 100644 --- a/includes/model/UserAngelTypes_model.php +++ b/includes/model/UserAngelTypes_model.php @@ -8,7 +8,7 @@ function User_angeltypes($user) { SELECT `AngelTypes`.*, `UserAngelTypes`.`confirm_user_id`, `UserAngelTypes`.`coordinator` FROM `UserAngelTypes` JOIN `AngelTypes` ON `UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id` - WHERE `UserAngelTypes`.`user_id`=" . sql_escape($user['UID']) . " + WHERE `UserAngelTypes`.`user_id`='" . sql_escape($user['UID']) . "' "); } @@ -22,7 +22,7 @@ function User_unconfirmed_AngelTypes($user) { SELECT `UnconfirmedMembers`.*, `AngelTypes`.`name` FROM `UserAngelTypes` JOIN `AngelTypes` ON `UserAngelTypes`.`angeltype_id`=`AngelTypes`.`id` JOIN `UserAngelTypes` as `UnconfirmedMembers` ON `UserAngelTypes`.`angeltype_id`=`UnconfirmedMembers`.`angeltype_id` - WHERE `UserAngelTypes`.`user_id`=" . sql_escape($user['UID']) . " + WHERE `UserAngelTypes`.`user_id`='" . sql_escape($user['UID']) . "' AND `UserAngelTypes`.`coordinator`=TRUE AND `AngelTypes`.`restricted`=TRUE AND `UnconfirmedMembers`.`confirm_user_id` IS NULL"); @@ -38,8 +38,8 @@ function User_is_AngelType_coordinator($user, $angeltype) { return (sql_num_query(" SELECT `id` FROM `UserAngelTypes` - WHERE `user_id`=" . sql_escape($user['UID']) . " - AND `angeltype_id`=" . sql_escape($angeltype['id']) . " + WHERE `user_id`='" . sql_escape($user['UID']) . "' + AND `angeltype_id`='" . sql_escape($angeltype['id']) . "' AND `coordinator`=TRUE LIMIT 1") > 0) || in_array('admin_user_angeltypes', privileges_for_user($user['UID'])); } @@ -53,8 +53,8 @@ function User_is_AngelType_coordinator($user, $angeltype) { function UserAngelType_update($user_angeltype_id, $coordinator) { return sql_query(" UPDATE `UserAngelTypes` - SET `coordinator`=" . ($coordinator ? 'TRUE' : 'FALSE') . " - WHERE `id`=" . sql_escape($user_angeltype_id) . " + SET `coordinator`=" . sql_bool($coordinator) . " + WHERE `id`='" . sql_escape($user_angeltype_id) . "' LIMIT 1"); } @@ -66,7 +66,7 @@ function UserAngelType_update($user_angeltype_id, $coordinator) { function UserAngelTypes_delete_all($angeltype_id) { return sql_query(" DELETE FROM `UserAngelTypes` - WHERE `angeltype_id`=" . sql_escape($angeltype_id) . " + WHERE `angeltype_id`='" . sql_escape($angeltype_id) . "' AND `confirm_user_id` IS NULL"); } @@ -79,8 +79,8 @@ function UserAngelTypes_delete_all($angeltype_id) { function UserAngelTypes_confirm_all($angeltype_id, $confirm_user) { return sql_query(" UPDATE `UserAngelTypes` - SET `confirm_user_id`=" . sql_escape($confirm_user['UID']) . " - WHERE `angeltype_id`=" . sql_escape($angeltype_id) . " + SET `confirm_user_id`='" . sql_escape($confirm_user['UID']) . "' + WHERE `angeltype_id`='" . sql_escape($angeltype_id) . "' AND `confirm_user_id` IS NULL"); } @@ -93,8 +93,8 @@ function UserAngelTypes_confirm_all($angeltype_id, $confirm_user) { function UserAngelType_confirm($user_angeltype_id, $confirm_user) { return sql_query(" UPDATE `UserAngelTypes` - SET `confirm_user_id`=" . sql_escape($confirm_user['UID']) . " - WHERE `id`=" . sql_escape($user_angeltype_id) . " + SET `confirm_user_id`='" . sql_escape($confirm_user['UID']) . "' + WHERE `id`='" . sql_escape($user_angeltype_id) . "' LIMIT 1"); } @@ -106,7 +106,7 @@ function UserAngelType_confirm($user_angeltype_id, $confirm_user) { function UserAngelType_delete($user_angeltype) { return sql_query(" DELETE FROM `UserAngelTypes` - WHERE `id`=" . sql_escape($user_angeltype['id']) . " + WHERE `id`='" . sql_escape($user_angeltype['id']) . "' LIMIT 1"); } @@ -119,8 +119,8 @@ function UserAngelType_delete($user_angeltype) { function UserAngelType_create($user, $angeltype) { $result = sql_query(" INSERT INTO `UserAngelTypes` SET - `user_id`=" . sql_escape($user['UID']) . ", - `angeltype_id`=" . sql_escape($angeltype['id'])); + `user_id`='" . sql_escape($user['UID']) . "', + `angeltype_id`='" . sql_escape($angeltype['id']) . "'"); if ($result === false) return false; return sql_id(); @@ -135,7 +135,7 @@ function UserAngelType($user_angeltype_id) { $angeltype = sql_select(" SELECT * FROM `UserAngelTypes` - WHERE `id`=" . sql_escape($user_angeltype_id) . " + WHERE `id`='" . sql_escape($user_angeltype_id) . "' LIMIT 1"); if ($angeltype === false) return false; @@ -154,8 +154,8 @@ function UserAngelType_by_User_and_AngelType($user, $angeltype) { $angeltype = sql_select(" SELECT * FROM `UserAngelTypes` - WHERE `user_id`=" . sql_escape($user['UID']) . " - AND `angeltype_id`=" . sql_escape($angeltype['id']) . " + WHERE `user_id`='" . sql_escape($user['UID']) . "' + AND `angeltype_id`='" . sql_escape($angeltype['id']) . "' LIMIT 1"); if ($angeltype === false) return false; diff --git a/includes/model/UserGroups_model.php b/includes/model/UserGroups_model.php index 1d018386..766f402f 100644 --- a/includes/model/UserGroups_model.php +++ b/includes/model/UserGroups_model.php @@ -9,7 +9,7 @@ function User_groups($user) { SELECT `Groups`.* FROM `UserGroups` JOIN `Groups` ON `Groups`.`UID`=`UserGroups`.`group_id` - WHERE `UserGroups`.`uid`=" . sql_escape($user['UID']) . " + WHERE `UserGroups`.`uid`='" . sql_escape($user['UID']) . "' ORDER BY `UserGroups`.`group_id` "); } diff --git a/includes/model/User_model.php b/includes/model/User_model.php index 516f9adf..c6f8e3bf 100644 --- a/includes/model/User_model.php +++ b/includes/model/User_model.php @@ -14,23 +14,23 @@ function User_update($user) { `Nick`='" . sql_escape($user['Nick']) . "', `Name`='" . sql_escape($user['Name']) . "', `Vorname`='" . sql_escape($user['Vorname']) . "', - `Alter`=" . sql_escape($user['Alter']) . ", + `Alter`='" . sql_escape($user['Alter']) . "', `Telefon`='" . sql_escape($user['Telefon']) . "', `DECT`='" . sql_escape($user['DECT']) . "', `Handy`='" . sql_escape($user['Handy']) . "', `email`='" . sql_escape($user['email']) . "', - `email_shiftinfo`=" . sql_escape($user['email_shiftinfo'] ? 'TRUE' : 'FALSE') . ", + `email_shiftinfo`=" . sql_bool($user['email_shiftinfo']) . ", `jabber`='" . sql_escape($user['jabber']) . "', `Size`='" . sql_escape($user['Size']) . "', - `Gekommen`=" . sql_escape($user['Gekommen']) . ", - `Aktiv`=" . sql_escape($user['Aktiv']) . ", - `force_active`=" . sql_escape($user['force_active'] ? 'TRUE' : 'FALSE') . ", - `Tshirt`=" . sql_escape($user['Tshirt']) . ", - `color`=" . sql_escape($user['color']) . ", + `Gekommen`='" . sql_escape($user['Gekommen']) . "', + `Aktiv`='" . sql_escape($user['Aktiv']) . "', + `force_active`=" . sql_bool($user['force_active']) . ", + `Tshirt`='" . sql_escape($user['Tshirt']) . "', + `color`='" . sql_escape($user['color']) . "', `Sprache`='" . sql_escape($user['Sprache']) . "', `Hometown`='" . sql_escape($user['Hometown']) . "', - `got_voucher`=" . sql_escape($user['got_voucher'] ? 'TRUE' : 'FALSE') . " - WHERE `UID`=" . sql_escape($user['UID'])); + `got_voucher`=" . sql_bool($user['got_voucher']) . " + WHERE `UID`='" . sql_escape($user['UID']). "'"); } /** @@ -105,7 +105,7 @@ function Users_by_angeltype_inverted($angeltype) { return sql_select(" SELECT `User`.* FROM `User` - LEFT JOIN `UserAngelTypes` ON (`User`.`UID`=`UserAngelTypes`.`user_id` AND `angeltype_id`=" . sql_escape($angeltype['id']) . ") + LEFT JOIN `UserAngelTypes` ON (`User`.`UID`=`UserAngelTypes`.`user_id` AND `angeltype_id`='" . sql_escape($angeltype['id']) . "') WHERE `UserAngelTypes`.`id` IS NULL ORDER BY `Nick`"); } @@ -124,7 +124,7 @@ function Users_by_angeltype($angeltype) { `UserAngelTypes`.`coordinator` FROM `User` JOIN `UserAngelTypes` ON `User`.`UID`=`UserAngelTypes`.`user_id` - WHERE `UserAngelTypes`.`angeltype_id`=" . sql_escape($angeltype['id']) . " + WHERE `UserAngelTypes`.`angeltype_id`='" . sql_escape($angeltype['id']) . "' ORDER BY `Nick`"); } @@ -150,7 +150,7 @@ function User_validate_Nick($nick) { * @param $id UID */ function User($id) { - $user_source = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1"); + $user_source = sql_select("SELECT * FROM `User` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); if ($user_source === false) return false; if (count($user_source) > 0) @@ -165,7 +165,7 @@ function User($id) { * @param $id UID */ function mUser_Limit($id) { - $user_source = sql_select("SELECT `UID`, `Nick`, `Name`, `Vorname`, `Telefon`, `DECT`, `Handy`, `email`, `jabber`, `Avatar` FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1"); + $user_source = sql_select("SELECT `UID`, `Nick`, `Name`, `Vorname`, `Telefon`, `DECT`, `Handy`, `email`, `jabber`, `Avatar` FROM `User` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); if ($user_source === false) return false; if (count($user_source) > 0) diff --git a/includes/mysqli_provider.php b/includes/mysqli_provider.php index 9f4f1396..f141e0de 100644 --- a/includes/mysqli_provider.php +++ b/includes/mysqli_provider.php @@ -170,6 +170,16 @@ function sql_escape($query) { return $sql_connection->real_escape_string($query); } +/** + * Convert a boolean for mysql-queries. + * + * @param boolean $boolean + * @return string + */ +function sql_bool($boolean) { + return $boolean === true ? 'TRUE' : 'FALSE'; +} + /** * Count query result lines. * diff --git a/includes/pages/admin_active.php b/includes/pages/admin_active.php index 08c436fc..9046ca2d 100644 --- a/includes/pages/admin_active.php +++ b/includes/pages/admin_active.php @@ -42,7 +42,7 @@ function admin_active() { ORDER BY `force_active` DESC, `shift_length` DESC" . $limit); $user_nicks = array(); foreach ($users as $usr) { - sql_query("UPDATE `User` SET `Aktiv` = 1 WHERE `UID`=" . sql_escape($usr['UID'])); + sql_query("UPDATE `User` SET `Aktiv` = 1 WHERE `UID`='" . sql_escape($usr['UID']) . "'"); $user_nicks[] = User_Nick_render($usr); } engelsystem_log("These angels are active now: " . join(", ", $user_nicks)); @@ -58,7 +58,7 @@ function admin_active() { $id = $_REQUEST['active']; $user_source = User($id); if ($user_source != null) { - sql_query("UPDATE `User` SET `Aktiv`=1 WHERE `UID`=" . sql_escape($id) . " LIMIT 1"); + sql_query("UPDATE `User` SET `Aktiv`=1 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); engelsystem_log("User " . User_Nick_render($user_source) . " is active now."); $msg = success(_("Angel has been marked as active."), true); } else @@ -67,7 +67,7 @@ function admin_active() { $id = $_REQUEST['not_active']; $user_source = User($id); if ($user_source != null) { - sql_query("UPDATE `User` SET `Aktiv`=0 WHERE `UID`=" . sql_escape($id) . " LIMIT 1"); + sql_query("UPDATE `User` SET `Aktiv`=0 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); engelsystem_log("User " . User_Nick_render($user_source) . " is NOT active now."); $msg = success(_("Angel has been marked as not active."), true); } else @@ -76,7 +76,7 @@ function admin_active() { $id = $_REQUEST['tshirt']; $user_source = User($id); if ($user_source != null) { - sql_query("UPDATE `User` SET `Tshirt`=1 WHERE `UID`=" . sql_escape($id) . " LIMIT 1"); + sql_query("UPDATE `User` SET `Tshirt`=1 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); engelsystem_log("User " . User_Nick_render($user_source) . " has tshirt now."); $msg = success(_("Angel has got a t-shirt."), true); } else @@ -85,7 +85,7 @@ function admin_active() { $id = $_REQUEST['not_tshirt']; $user_source = User($id); if ($user_source != null) { - sql_query("UPDATE `User` SET `Tshirt`=0 WHERE `UID`=" . sql_escape($id) . " LIMIT 1"); + sql_query("UPDATE `User` SET `Tshirt`=0 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); engelsystem_log("User " . User_Nick_render($user_source) . " has NO tshirt."); $msg = success(_("Angel has got no t-shirt."), true); } else diff --git a/includes/pages/admin_arrive.php b/includes/pages/admin_arrive.php index bec1ae56..f51ef7ac 100644 --- a/includes/pages/admin_arrive.php +++ b/includes/pages/admin_arrive.php @@ -13,7 +13,7 @@ function admin_arrive() { $id = $_REQUEST['reset']; $user_source = User($id); if ($user_source != null) { - sql_query("UPDATE `User` SET `Gekommen`=0 WHERE `UID`=" . sql_escape($id) . " LIMIT 1"); + sql_query("UPDATE `User` SET `Gekommen`=0 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); engelsystem_log("User set to not arrived: " . User_Nick_render($user_source)); $msg = success(_("Reset done. Angel has not arrived."), true); } else @@ -22,7 +22,7 @@ function admin_arrive() { $id = $_REQUEST['arrived']; $user_source = User($id); if ($user_source != null) { - sql_query("UPDATE `User` SET `Gekommen`=1 WHERE `UID`=" . sql_escape($id) . " LIMIT 1"); + sql_query("UPDATE `User` SET `Gekommen`=1 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); engelsystem_log("User set has arrived: " . User_Nick_render($user_source)); $msg = success(_("Angel has been marked as arrived."), true); } else diff --git a/includes/pages/admin_free.php b/includes/pages/admin_free.php index b56da4d1..227769dc 100644 --- a/includes/pages/admin_free.php +++ b/includes/pages/admin_free.php @@ -32,7 +32,7 @@ function admin_free() { FROM `User` ${angeltypesearch} LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` - LEFT JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID` AND `Shifts`.`start` < " . sql_escape(time()) . " AND `Shifts`.`end` > " . sql_escape(time()) . ") + LEFT JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID` AND `Shifts`.`start` < '" . sql_escape(time()) . "' AND `Shifts`.`end` > '" . sql_escape(time()) . "') WHERE `User`.`Gekommen` = 1 AND `Shifts`.`SID` IS NULL GROUP BY `User`.`UID` ORDER BY `Nick`"); diff --git a/includes/pages/admin_groups.php b/includes/pages/admin_groups.php index 3133cf8b..f43c63e9 100644 --- a/includes/pages/admin_groups.php +++ b/includes/pages/admin_groups.php @@ -11,7 +11,7 @@ function admin_groups() { if (! isset($_REQUEST["action"])) { $groups_table = array(); foreach ($groups as $group) { - $privileges = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`=" . sql_escape($group['UID'])); + $privileges = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`='" . sql_escape($group['UID']) . "'"); $privileges_html = array(); foreach ($privileges as $priv) @@ -39,10 +39,10 @@ function admin_groups() { else return error("Incomplete call, missing Groups ID.", true); - $room = sql_select("SELECT * FROM `Groups` WHERE `UID`=" . sql_escape($id) . " LIMIT 1"); + $room = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); if (count($room) > 0) { list($room) = $room; - $privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`=" . sql_escape($id) . ") ORDER BY `Privileges`.`name`"); + $privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`='" . sql_escape($id) . "') ORDER BY `Privileges`.`name`"); $privileges_html = ""; $privileges_form = array(); foreach ($privileges as $priv) { @@ -64,18 +64,18 @@ function admin_groups() { else return error("Incomplete call, missing Groups ID.", true); - $room = sql_select("SELECT * FROM `Groups` WHERE `UID`=" . sql_escape($id) . " LIMIT 1"); + $room = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); if (! is_array($_REQUEST['privileges'])) $_REQUEST['privileges'] = array(); if (count($room) > 0) { list($room) = $room; - sql_query("DELETE FROM `GroupPrivileges` WHERE `group_id`=" . sql_escape($id)); + sql_query("DELETE FROM `GroupPrivileges` WHERE `group_id`='" . sql_escape($id) . "'"); $privilege_names = array(); foreach ($_REQUEST['privileges'] as $priv) { if (preg_match("/^[0-9]{1,}$/", $priv)) { - $group_privileges_source = sql_select("SELECT * FROM `Privileges` WHERE `id`=" . sql_escape($priv) . " LIMIT 1"); + $group_privileges_source = sql_select("SELECT * FROM `Privileges` WHERE `id`='" . sql_escape($priv) . "' LIMIT 1"); if (count($group_privileges_source) > 0) { - sql_query("INSERT INTO `GroupPrivileges` SET `group_id`=" . sql_escape($id) . ", `privilege_id`=" . sql_escape($priv)); + sql_query("INSERT INTO `GroupPrivileges` SET `group_id`='" . sql_escape($id) . "', `privilege_id`='" . sql_escape($priv) . "'"); $privilege_names[] = $group_privileges_source[0]['name']; } } diff --git a/includes/pages/admin_news.php b/includes/pages/admin_news.php index a4474ff9..1c435a14 100644 --- a/includes/pages/admin_news.php +++ b/includes/pages/admin_news.php @@ -11,7 +11,7 @@ function admin_news() { else return error("Incomplete call, missing News ID.", true); - $news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1"); + $news = sql_select("SELECT * FROM `News` WHERE `ID`='" . sql_escape($id) . "' LIMIT 1"); if (count($news) > 0) { switch ($_REQUEST["action"]) { default: @@ -44,7 +44,7 @@ function admin_news() { `Text`='" . sql_escape($_POST["eText"]) . "', `UID`='" . sql_escape($user['UID']) . "', `Treffen`='" . sql_escape($_POST["eTreffen"]) . "' - WHERE `ID`=" . sql_escape($id)); + WHERE `ID`='" . sql_escape($id) . "'"); engelsystem_log("News updated: " . $_POST["eBetreff"]); success(_("News entry updated.")); redirect(page_link_to("news")); @@ -53,7 +53,7 @@ function admin_news() { case 'delete': list($news) = $news; - sql_query("DELETE FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1"); + sql_query("DELETE FROM `News` WHERE `ID`='" . sql_escape($id) . "' LIMIT 1"); engelsystem_log("News deleted: " . $news['Betreff']); success(_("News entry deleted.")); redirect(page_link_to("news")); diff --git a/includes/pages/admin_questions.php b/includes/pages/admin_questions.php index 6d141251..e2fef880 100644 --- a/includes/pages/admin_questions.php +++ b/includes/pages/admin_questions.php @@ -82,12 +82,12 @@ function admin_questions() { else return error("Incomplete call, missing Question ID.", true); - $question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1"); + $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1"); if (count($question) > 0 && $question[0]['AID'] == null) { $answer = trim(preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['answer']))); if ($answer != "") { - sql_query("UPDATE `Questions` SET `AID`=" . sql_escape($user['UID']) . ", `Answer`='" . sql_escape($answer) . "' WHERE `QID`=" . sql_escape($id) . " LIMIT 1"); + sql_query("UPDATE `Questions` SET `AID`='" . sql_escape($user['UID']) . "', `Answer`='" . sql_escape($answer) . "' WHERE `QID`='" . sql_escape($id) . "' LIMIT 1"); engelsystem_log("Question " . $question[0]['Question'] . " answered: " . $answer); redirect(page_link_to("admin_questions")); } else @@ -101,9 +101,9 @@ function admin_questions() { else return error("Incomplete call, missing Question ID.", true); - $question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1"); + $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1"); if (count($question) > 0) { - sql_query("DELETE FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1"); + sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1"); engelsystem_log("Question deleted: " . $question[0]['Question']); redirect(page_link_to("admin_questions")); } else diff --git a/includes/pages/admin_rooms.php b/includes/pages/admin_rooms.php index 1c10321e..777ff6be 100644 --- a/includes/pages/admin_rooms.php +++ b/includes/pages/admin_rooms.php @@ -35,13 +35,13 @@ function admin_rooms() { } if (test_request_int('id')) { - $room = sql_select("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($_REQUEST['id'])); + $room = sql_select("SELECT * FROM `Room` WHERE `RID`='" . sql_escape($_REQUEST['id']) . "'"); if (count($room) > 0) { $id = $_REQUEST['id']; $name = $room[0]['Name']; $from_pentabarf = $room[0]['FromPentabarf']; $public = $room[0]['show']; - $needed_angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`=" . sql_escape($id)); + $needed_angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($id) . "'"); foreach ($needed_angeltypes as $needed_angeltype) $angeltypes_count[$needed_angeltype['angel_type_id']] = $needed_angeltype['count']; } else @@ -85,7 +85,7 @@ function admin_rooms() { if ($ok) { if (isset($id)) { - sql_query("UPDATE `Room` SET `Name`='" . sql_escape($name) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($public) . "', `Number`='" . sql_escape($number) . "' WHERE `RID`=" . sql_escape($id) . " LIMIT 1"); + sql_query("UPDATE `Room` SET `Name`='" . sql_escape($name) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($public) . "', `Number`='" . sql_escape($number) . "' WHERE `RID`='" . sql_escape($id) . "' LIMIT 1"); engelsystem_log("Room updated: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number); } else { sql_query("INSERT INTO `Room` SET `Name`='" . sql_escape($name) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($public) . "', `Number`='" . sql_escape($number) . "'"); @@ -93,12 +93,12 @@ function admin_rooms() { engelsystem_log("Room created: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number); } - sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`=" . sql_escape($id)); + sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($id) . "'"); $needed_angeltype_info = array(); foreach ($angeltypes_count as $angeltype_id => $angeltype_count) { - $angeltype_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`=" . sql_escape($angeltype_id) . " LIMIT 1"); + $angeltype_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($angeltype_id) . "' LIMIT 1"); if (count($angeltype_source) > 0) { - sql_query("INSERT INTO `NeededAngelTypes` SET `room_id`=" . sql_escape($id) . ", `angel_type_id`=" . sql_escape($angeltype_id) . ", `count`=" . sql_escape($angeltype_count)); + sql_query("INSERT INTO `NeededAngelTypes` SET `room_id`='" . sql_escape($id) . "', `angel_type_id`='" . sql_escape($angeltype_id) . "', `count`='" . sql_escape($angeltype_count) . "'"); $needed_angeltype_info[] = $angeltypes_source[0]['name'] . ": " . $angeltype_count; } } @@ -139,8 +139,8 @@ function admin_rooms() { )); } elseif ($_REQUEST['show'] == 'delete') { if (isset($_REQUEST['ack'])) { - sql_query("DELETE FROM `Room` WHERE `RID`=" . sql_escape($id) . " LIMIT 1"); - sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`=" . sql_escape($id) . " LIMIT 1"); + sql_query("DELETE FROM `Room` WHERE `RID`='" . sql_escape($id) . "' LIMIT 1"); + sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($id) . "' LIMIT 1"); engelsystem_log("Room deleted: " . $name); success(sprintf(_("Room %s deleted."), $name)); diff --git a/includes/pages/admin_shifts.php b/includes/pages/admin_shifts.php index 658605c1..5ff46fc9 100644 --- a/includes/pages/admin_shifts.php +++ b/includes/pages/admin_shifts.php @@ -143,7 +143,7 @@ function admin_shifts() { if ($ok) { if ($angelmode == 'location') { $needed_angel_types = array(); - $needed_angel_types_location = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`=" . sql_escape($rid)); + $needed_angel_types_location = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($rid) . "'"); foreach ($needed_angel_types_location as $type) $needed_angel_types[$type['angel_type_id']] = $type['count']; } @@ -272,9 +272,9 @@ function admin_shifts() { engelsystem_log("Shift created: " . $shifttypes[$shift['shifttype_id']] . " with title " . $shift['title'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end'])); $needed_angel_types_info = array(); foreach ($_SESSION['admin_shifts_types'] as $type_id => $count) { - $angel_type_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`=" . sql_escape($type_id) . " LIMIT 1"); + $angel_type_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($type_id) . "' LIMIT 1"); if (count($angel_type_source) > 0) { - sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`=" . sql_escape($shift_id) . ", `angel_type_id`=" . sql_escape($type_id) . ", `count`=" . sql_escape($count)); + sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`='" . sql_escape($shift_id) . "', `angel_type_id`='" . sql_escape($type_id) . "', `count`='" . sql_escape($count) . "'"); $needed_angel_types_info[] = $angel_type_source[0]['name'] . ": " . $count; } } diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php index 8713d9ab..18ed6210 100644 --- a/includes/pages/admin_user.php +++ b/includes/pages/admin_user.php @@ -93,11 +93,11 @@ function admin_user() { $html .= "
"; - $my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($user['UID']) . " ORDER BY `uid` LIMIT 1"); + $my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `uid` LIMIT 1"); if (count($my_highest_group) > 0) $my_highest_group = $my_highest_group[0]['group_id']; - $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($id) . " ORDER BY `uid` LIMIT 1"); + $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "' ORDER BY `uid` LIMIT 1"); if (count($his_highest_group) > 0) $his_highest_group = $his_highest_group[0]['group_id']; @@ -105,7 +105,7 @@ function admin_user() { $html .= "Hier kannst Du die Benutzergruppen des Engels festlegen:
\n"; $html .= ''; - $groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group) . " ORDER BY `Groups`.`Name`"); + $groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group) . "' ORDER BY `Groups`.`Name`"); foreach ($groups as $group) $html .= ''; @@ -126,11 +126,11 @@ function admin_user() { switch ($_REQUEST['action']) { case 'save_groups': if ($id != $user['UID']) { - $my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($user['UID']) . " ORDER BY `group_id`"); - $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($id) . " ORDER BY `group_id`"); + $my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `group_id`"); + $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "' ORDER BY `group_id`"); if (count($my_highest_group) > 0 && (count($his_highest_group) == 0 || ($my_highest_group[0]['group_id'] <= $his_highest_group[0]['group_id']))) { - $groups_source = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group[0]['group_id']) . " ORDER BY `Groups`.`Name`"); + $groups_source = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group[0]['group_id']) . "' ORDER BY `Groups`.`Name`"); $groups = array(); $grouplist = array(); foreach ($groups_source as $group) { @@ -141,11 +141,11 @@ function admin_user() { if (! is_array($_REQUEST['groups'])) $_REQUEST['groups'] = array(); - sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id)); + sql_query("DELETE FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "'"); $user_groups_info = array(); foreach ($_REQUEST['groups'] as $group) { if (in_array($group, $grouplist)) { - sql_query("INSERT INTO `UserGroups` SET `uid`=" . sql_escape($id) . ", `group_id`=" . sql_escape($group)); + sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($id) . "', `group_id`='" . sql_escape($group) . "'"); $user_groups_info[] = $groups[$group]['Name']; } } @@ -163,8 +163,8 @@ function admin_user() { case 'delete': if ($user['UID'] != $id) { $user_source = sql_select("SELECT `Nick`, `UID` FROM `User` WHERE `UID` = '" . sql_escape($id) . "' LIMIT 1"); - sql_query("DELETE FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1"); - sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id)); + sql_query("DELETE FROM `User` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); + sql_query("DELETE FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "'"); engelsystem_log("Deleted user " . User_Nick_render($user_source)); $html .= success("Benutzer gelöscht!", true); } else { @@ -185,7 +185,7 @@ function admin_user() { `Alter` = '" . sql_escape($_POST["eAlter"]) . "', `DECT` = '" . sql_escape($_POST["eDECT"]) . "', `email` = '" . sql_escape($_POST["eemail"]) . "', - `email_shiftinfo` = " . sql_escape(isset($_REQUEST['email_shiftinfo']) ? 'TRUE' : 'FALSE') . ", + `email_shiftinfo` = " . sql_bool(isset($_REQUEST['email_shiftinfo'])) . ", `jabber` = '" . sql_escape($_POST["ejabber"]) . "', `Size` = '" . sql_escape($_POST["eSize"]) . "', `Gekommen`= '" . sql_escape($_POST["eGekommen"]) . "', @@ -194,7 +194,7 @@ function admin_user() { `Tshirt` = '" . sql_escape($_POST["eTshirt"]) . "', `Hometown` = '" . sql_escape($_POST["Hometown"]) . "' WHERE `UID` = '" . sql_escape($id) . "' - LIMIT 1;"; + LIMIT 1"; sql_query($SQL); engelsystem_log("Updated user: " . $_POST["eNick"] . ", " . $_POST["eSize"] . ", arrived: " . $_POST["eGekommen"] . ", active: " . $_POST["eAktiv"] . ", tshirt: " . $_POST["eTshirt"]); $html .= success("Änderung wurde gespeichert...\n", true); diff --git a/includes/pages/guest_login.php b/includes/pages/guest_login.php index fc375092..8f128d9e 100644 --- a/includes/pages/guest_login.php +++ b/includes/pages/guest_login.php @@ -122,7 +122,7 @@ function guest_register() { if ($ok) { sql_query(" INSERT INTO `User` SET - `color`=" . sql_escape($default_theme) . ", + `color`='" . sql_escape($default_theme) . "', `Nick`='" . sql_escape($nick) . "', `Vorname`='" . sql_escape($prename) . "', `Name`='" . sql_escape($lastname) . "', @@ -131,7 +131,7 @@ function guest_register() { `DECT`='" . sql_escape($dect) . "', `Handy`='" . sql_escape($mobile) . "', `email`='" . sql_escape($mail) . "', - `email_shiftinfo`=" . sql_escape($email_shiftinfo ? 'TRUE' : 'FALSE') . ", + `email_shiftinfo`='" . sql_escape($email_shiftinfo ? 'TRUE' : 'FALSE') . "', `jabber`='" . sql_escape($jabber) . "', `Size`='" . sql_escape($tshirt_size) . "', `Passwort`='" . sql_escape($password_hash) . "', @@ -142,13 +142,13 @@ function guest_register() { // Assign user-group and set password $user_id = sql_id(); - sql_query("INSERT INTO `UserGroups` SET `uid`=" . sql_escape($user_id) . ", `group_id`=-2"); + sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($user_id) . "', `group_id`=-2"); set_password($user_id, $_REQUEST['password']); // Assign angel-types $user_angel_types_info = array(); foreach ($selected_angel_types as $selected_angel_type_id) { - sql_query("INSERT INTO `UserAngelTypes` SET `user_id`=" . sql_escape($user_id) . ", `angeltype_id`=" . sql_escape($selected_angel_type_id)); + sql_query("INSERT INTO `UserAngelTypes` SET `user_id`='" . sql_escape($user_id) . "', `angeltype_id`='" . sql_escape($selected_angel_type_id) . "'"); $user_angel_types_info[] = $angel_types[$selected_angel_type_id]; } engelsystem_log("User " . $nick . " signed up as: " . join(", ", $user_angel_types_info)); diff --git a/includes/pages/user_ical.php b/includes/pages/user_ical.php index ba832842..bd954a87 100644 --- a/includes/pages/user_ical.php +++ b/includes/pages/user_ical.php @@ -28,7 +28,7 @@ function user_ical() { INNER JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`) INNER JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) - WHERE `UID`=" . sql_escape($user['UID']) . " + WHERE `UID`='" . sql_escape($user['UID']) . "' ORDER BY `start`"); } diff --git a/includes/pages/user_messages.php b/includes/pages/user_messages.php index fe1b85ff..1785d5b6 100644 --- a/includes/pages/user_messages.php +++ b/includes/pages/user_messages.php @@ -7,7 +7,7 @@ function user_unread_messages() { global $user; if (isset($user)) { - $new_messages = sql_num_query("SELECT * FROM `Messages` WHERE isRead='N' AND `RUID`=" . sql_escape($user['UID'])); + $new_messages = sql_num_query("SELECT * FROM `Messages` WHERE isRead='N' AND `RUID`='" . sql_escape($user['UID']) . "'"); if ($new_messages > 0) return ' ' . $new_messages . ''; } @@ -18,7 +18,7 @@ function user_messages() { global $user; if (! isset($_REQUEST['action'])) { - $users = sql_select("SELECT * FROM `User` WHERE NOT `UID`=" . sql_escape($user['UID']) . " ORDER BY `Nick`"); + $users = sql_select("SELECT * FROM `User` WHERE NOT `UID`='" . sql_escape($user['UID']) . "' ORDER BY `Nick`"); $to_select_data = array( "" => _("Select recipient...") @@ -29,7 +29,7 @@ function user_messages() { $to_select = html_select_key('to', 'to', $to_select_data, ''); - $messages = sql_select("SELECT * FROM `Messages` WHERE `SUID`=" . sql_escape($user['UID']) . " OR `RUID`=" . sql_escape($user['UID']) . " ORDER BY `isRead`,`Datum` DESC"); + $messages = sql_select("SELECT * FROM `Messages` WHERE `SUID`='" . sql_escape($user['UID']) . "' OR `RUID`='" . sql_escape($user['UID']) . "' ORDER BY `isRead`,`Datum` DESC"); foreach ($messages as $message) { $sender_user_source = User($message['SUID']); if ($sender_user_source === false) @@ -84,9 +84,9 @@ function user_messages() { else return error(_("Incomplete call, missing Message ID."), true); - $message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); + $message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1"); if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) { - sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`=" . sql_escape($id) . " LIMIT 1"); + sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`='" . sql_escape($id) . "' LIMIT 1"); redirect(page_link_to("user_messages")); } else return error(_("No Message found."), true); @@ -98,9 +98,9 @@ function user_messages() { else return error(_("Incomplete call, missing Message ID."), true); - $message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); + $message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1"); if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) { - sql_query("DELETE FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1"); + sql_query("DELETE FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1"); redirect(page_link_to("user_messages")); } else return error(_("No Message found."), true); diff --git a/includes/pages/user_myshifts.php b/includes/pages/user_myshifts.php index daffcdc0..4a6a1838 100644 --- a/includes/pages/user_myshifts.php +++ b/includes/pages/user_myshifts.php @@ -10,13 +10,13 @@ function user_myshifts() { global $user, $privileges; $msg = ""; - if (isset($_REQUEST['id']) && in_array("user_shifts_admin", $privileges) && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($_REQUEST['id'])) > 0) { + if (isset($_REQUEST['id']) && in_array("user_shifts_admin", $privileges) && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($_REQUEST['id']) . "'") > 0) { $id = $_REQUEST['id']; } else { $id = $user['UID']; } - list($shifts_user) = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1"); + list($shifts_user) = sql_select("SELECT * FROM `User` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1"); if (isset($_REQUEST['reset'])) { if ($_REQUEST['reset'] == "ack") { @@ -44,8 +44,8 @@ function user_myshifts() { JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) - WHERE `ShiftEntry`.`id`=" . sql_escape($id) . " - AND `UID`=" . sql_escape($shifts_user['UID']) . " LIMIT 1"); + WHERE `ShiftEntry`.`id`='" . sql_escape($id) . "' + AND `UID`='" . sql_escape($shifts_user['UID']) . "' LIMIT 1"); if (count($shift) > 0) { $shift = $shift[0]; @@ -82,7 +82,7 @@ function user_myshifts() { SELECT `Shifts`.`start` FROM `Shifts` INNER JOIN `ShiftEntry` USING (`SID`) - WHERE `ShiftEntry`.`id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($shifts_user['UID'])); + WHERE `ShiftEntry`.`id`='" . sql_escape($id) . "' AND `UID`='" . sql_escape($shifts_user['UID']) . "'"); if (count($shift) > 0) { $shift = $shift[0]; if (($shift['start'] > time() + $LETZTES_AUSTRAGEN * 3600) || in_array('user_shifts_admin', $privileges)) { diff --git a/includes/pages/user_news.php b/includes/pages/user_news.php index 9fe53260..7c104095 100644 --- a/includes/pages/user_news.php +++ b/includes/pages/user_news.php @@ -73,9 +73,9 @@ function user_news_comments() { global $user; $html = '

' . user_news_comments_title() . '

'; - if (isset($_REQUEST["nid"]) && preg_match("/^[0-9]{1,}$/", $_REQUEST['nid']) && sql_num_query("SELECT * FROM `News` WHERE `ID`=" . sql_escape($_REQUEST['nid']) . " LIMIT 1") > 0) { + if (isset($_REQUEST["nid"]) && preg_match("/^[0-9]{1,}$/", $_REQUEST['nid']) && sql_num_query("SELECT * FROM `News` WHERE `ID`='" . sql_escape($_REQUEST['nid']) . "' LIMIT 1") > 0) { $nid = $_REQUEST["nid"]; - list($news) = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($nid) . " LIMIT 1"); + list($news) = sql_select("SELECT * FROM `News` WHERE `ID`='" . sql_escape($nid) . "' LIMIT 1"); if (isset($_REQUEST["text"])) { $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text'])); sql_query("INSERT INTO `NewsComments` (`Refid`, `Datum`, `Text`, `UID`) VALUES ('" . sql_escape($nid) . "', '" . date("Y-m-d H:i:s") . "', '" . sql_escape($text) . "', '" . sql_escape($user["UID"]) . "')"); diff --git a/includes/pages/user_questions.php b/includes/pages/user_questions.php index be7f9930..0a2786d1 100644 --- a/includes/pages/user_questions.php +++ b/includes/pages/user_questions.php @@ -7,9 +7,9 @@ function user_questions() { global $user; if (! isset($_REQUEST['action'])) { - $open_questions = sql_select("SELECT * FROM `Questions` WHERE `AID` IS NULL AND `UID`=" . sql_escape($user['UID'])); + $open_questions = sql_select("SELECT * FROM `Questions` WHERE `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'"); - $answered_questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL AND `UID`=" . sql_escape($user['UID'])); + $answered_questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'"); foreach ($answered_questions as &$question) { $answer_user_source = User($question['AID']); if ($answer_user_source === false) @@ -23,7 +23,7 @@ function user_questions() { case 'ask': $question = strip_request_item_nl('question'); if ($question != "") { - $result = sql_query("INSERT INTO `Questions` SET `UID`=" . sql_escape($user['UID']) . ", `Question`='" . sql_escape($question) . "'"); + $result = sql_query("INSERT INTO `Questions` SET `UID`='" . sql_escape($user['UID']) . "', `Question`='" . sql_escape($question) . "'"); if ($result === false) engelsystem_error(_("Unable to save question.")); success(_("You question was saved.")); @@ -39,9 +39,9 @@ function user_questions() { else return error(_("Incomplete call, missing Question ID."), true); - $question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1"); + $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1"); if (count($question) > 0 && $question[0]['UID'] == $user['UID']) { - sql_query("DELETE FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1"); + sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1"); redirect(page_link_to("user_questions")); } else return page_with_title(questions_title(), array( diff --git a/includes/pages/user_settings.php b/includes/pages/user_settings.php index 0d569661..20ed3468 100644 --- a/includes/pages/user_settings.php +++ b/includes/pages/user_settings.php @@ -82,11 +82,11 @@ function user_settings() { `DECT`='" . sql_escape($dect) . "', `Handy`='" . sql_escape($mobile) . "', `email`='" . sql_escape($mail) . "', - `email_shiftinfo`=" . sql_escape($email_shiftinfo ? 'TRUE' : 'FALSE') . ", + `email_shiftinfo`='" . sql_escape($email_shiftinfo ? 'TRUE' : 'FALSE') . "', `jabber`='" . sql_escape($jabber) . "', `Size`='" . sql_escape($tshirt_size) . "', `Hometown`='" . sql_escape($hometown) . "' - WHERE `UID`=" . sql_escape($user['UID'])); + WHERE `UID`='" . sql_escape($user['UID']) . "'"); success(_("Settings saved.")); redirect(page_link_to('user_settings')); @@ -114,7 +114,7 @@ function user_settings() { $ok = false; if ($ok) { - sql_query("UPDATE `User` SET `color`='" . sql_escape($selected_theme) . "' WHERE `UID`=" . sql_escape($user['UID'])); + sql_query("UPDATE `User` SET `color`='" . sql_escape($selected_theme) . "' WHERE `UID`='" . sql_escape($user['UID']) . "'"); success(_("Theme changed.")); redirect(page_link_to('user_settings')); @@ -128,7 +128,7 @@ function user_settings() { $ok = false; if ($ok) { - sql_query("UPDATE `User` SET `Sprache`='" . sql_escape($selected_language) . "' WHERE `UID`=" . sql_escape($user['UID'])); + sql_query("UPDATE `User` SET `Sprache`='" . sql_escape($selected_language) . "' WHERE `UID`='" . sql_escape($user['UID']) . "'"); $_SESSION['locale'] = $selected_language; success("Language changed."); diff --git a/includes/pages/user_shifts.php b/includes/pages/user_shifts.php index 5b199c01..56695549 100644 --- a/includes/pages/user_shifts.php +++ b/includes/pages/user_shifts.php @@ -31,7 +31,7 @@ function user_shifts() { JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) - WHERE `ShiftEntry`.`id`=" . sql_escape($entry_id)); + WHERE `ShiftEntry`.`id`='" . sql_escape($entry_id) . "'"); if (count($shift_entry_source) > 0) { $shift_entry_source = $shift_entry_source[0]; @@ -58,7 +58,7 @@ function user_shifts() { SELECT `ShiftTypes`.`name`, `Shifts`.*, `Room`.* FROM `Shifts` JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`) - WHERE `SID`=" . sql_escape($shift_id)); + WHERE `SID`='" . sql_escape($shift_id) . "'"); if (count($shift) == 0) redirect(page_link_to('user_shifts')); $shift = $shift[0]; @@ -78,14 +78,14 @@ function user_shifts() { $shifttypes[$shifttype['id']] = $shifttype['name']; // Benötigte Engeltypen vom Raum - $needed_angel_types_source = sql_select("SELECT `AngelTypes`.*, `NeededAngelTypes`.`count` FROM `AngelTypes` LEFT JOIN `NeededAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id` AND `NeededAngelTypes`.`room_id`=" . sql_escape($shift['RID']) . ") ORDER BY `AngelTypes`.`name`"); + $needed_angel_types_source = sql_select("SELECT `AngelTypes`.*, `NeededAngelTypes`.`count` FROM `AngelTypes` LEFT JOIN `NeededAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id` AND `NeededAngelTypes`.`room_id`='" . sql_escape($shift['RID']) . "') ORDER BY `AngelTypes`.`name`"); foreach ($needed_angel_types_source as $type) { if ($type['count'] != "") $needed_angel_types[$type['id']] = $type['count']; } // Benötigte Engeltypen von der Schicht - $needed_angel_types_source = sql_select("SELECT `AngelTypes`.*, `NeededAngelTypes`.`count` FROM `AngelTypes` LEFT JOIN `NeededAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id` AND `NeededAngelTypes`.`shift_id`=" . sql_escape($shift_id) . ") ORDER BY `AngelTypes`.`name`"); + $needed_angel_types_source = sql_select("SELECT `AngelTypes`.*, `NeededAngelTypes`.`count` FROM `AngelTypes` LEFT JOIN `NeededAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id` AND `NeededAngelTypes`.`shift_id`='" . sql_escape($shift_id) . "') ORDER BY `AngelTypes`.`name`"); foreach ($needed_angel_types_source as $type) { if ($type['count'] != "") $needed_angel_types[$type['id']] = $type['count']; @@ -154,10 +154,10 @@ function user_shifts() { $result = Shift_update($shift); if ($result === false) engelsystem_error('Unable to update shift.'); - sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`=" . sql_escape($shift_id)); + sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`='" . sql_escape($shift_id) . "'"); $needed_angel_types_info = array(); foreach ($needed_angel_types as $type_id => $count) { - sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`=" . sql_escape($shift_id) . ", `angel_type_id`=" . sql_escape($type_id) . ", `count`=" . sql_escape($count)); + sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`='" . sql_escape($shift_id) . "', `angel_type_id`='" . sql_escape($type_id) . "', `count`='" . sql_escape($count) . "'"); $needed_angel_types_info[] = $angel_types[$type_id]['name'] . ": " . $count; } @@ -247,7 +247,7 @@ function user_shifts() { if (! in_array('user_shifts_admin', $privileges) && sql_num_query(" SELECT `Shifts`.`SID` FROM `Shifts` - INNER JOIN `ShiftEntry` ON (`Shifts`.`SID` = `ShiftEntry`.`SID` AND `ShiftEntry`.`UID` = " . sql_escape($user['UID']) . ") + INNER JOIN `ShiftEntry` ON (`Shifts`.`SID` = `ShiftEntry`.`SID` AND `ShiftEntry`.`UID` = '" . sql_escape($user['UID']) . "') WHERE `start` < '" . sql_escape($shift['end']) . "' AND `end` > '" . sql_escape($shift['start']) . "'") > 0) { error(_("You already subscribed to shift in the same timeslot. Please contact a dispatcher to join the shift.")); redirect(shift_link($shift)); @@ -266,9 +266,9 @@ function user_shifts() { } if (in_array('user_shifts_admin', $privileges)) - $type = sql_select("SELECT * FROM `AngelTypes` WHERE `id`=" . sql_escape($type_id) . " LIMIT 1"); + $type = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($type_id) . "' LIMIT 1"); else - $type = sql_select("SELECT * FROM `UserAngelTypes` JOIN `AngelTypes` ON (`UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`) WHERE `AngelTypes`.`id` = " . sql_escape($type_id) . " AND (`AngelTypes`.`restricted` = 0 OR (`UserAngelTypes`.`user_id` = " . sql_escape($user['UID']) . " AND NOT `UserAngelTypes`.`confirm_user_id` IS NULL)) LIMIT 1"); + $type = sql_select("SELECT * FROM `UserAngelTypes` JOIN `AngelTypes` ON (`UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`) WHERE `AngelTypes`.`id` = '" . sql_escape($type_id) . "' AND (`AngelTypes`.`restricted` = 0 OR (`UserAngelTypes`.`user_id` = '" . sql_escape($user['UID']) . "' AND NOT `UserAngelTypes`.`confirm_user_id` IS NULL)) LIMIT 1"); if (count($type) == 0) redirect(page_link_to('user_shifts')); @@ -282,10 +282,10 @@ function user_shifts() { else $user_id = $user['UID']; - if (sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($user_id) . " LIMIT 1") == 0) + if (sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1") == 0) redirect(page_link_to('user_shifts')); - if (isset($_REQUEST['angeltype_id']) && test_request_int('angeltype_id') && sql_num_query("SELECT * FROM `AngelTypes` WHERE `id`=" . sql_escape($_REQUEST['angeltype_id']) . " LIMIT 1") > 0) + if (isset($_REQUEST['angeltype_id']) && test_request_int('angeltype_id') && sql_num_query("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($_REQUEST['angeltype_id']) . "' LIMIT 1") > 0) $selected_type_id = $_REQUEST['angeltype_id']; } else $user_id = $user['UID']; @@ -370,7 +370,7 @@ function view_user_shifts() { if (in_array('user_shifts_admin', $privileges)) $types = sql_select("SELECT `id`, `name` FROM `AngelTypes` ORDER BY `AngelTypes`.`name`"); else - $types = sql_select("SELECT `AngelTypes`.`id`, `AngelTypes`.`name`, (`AngelTypes`.`restricted`=0 OR (NOT `UserAngelTypes`.`confirm_user_id` IS NULL OR `UserAngelTypes`.`id` IS NULL)) as `enabled` FROM `AngelTypes` LEFT JOIN `UserAngelTypes` ON (`UserAngelTypes`.`angeltype_id`=`AngelTypes`.`id` AND `UserAngelTypes`.`user_id`=" . sql_escape($user['UID']) . ") ORDER BY `AngelTypes`.`name`"); + $types = sql_select("SELECT `AngelTypes`.`id`, `AngelTypes`.`name`, (`AngelTypes`.`restricted`=0 OR (NOT `UserAngelTypes`.`confirm_user_id` IS NULL OR `UserAngelTypes`.`id` IS NULL)) as `enabled` FROM `AngelTypes` LEFT JOIN `UserAngelTypes` ON (`UserAngelTypes`.`angeltype_id`=`AngelTypes`.`id` AND `UserAngelTypes`.`user_id`='" . sql_escape($user['UID']) . "') ORDER BY `AngelTypes`.`name`"); if (empty($types)) $types = sql_select("SELECT `id`, `name` FROM `AngelTypes` WHERE `restricted` = 0"); $filled = array( @@ -471,10 +471,10 @@ function view_user_shifts() { if (count($_SESSION['user_shifts']['filled']) == 1) { if ($_SESSION['user_shifts']['filled'][0] == 0) $SQL .= " - AND (nat.`count` > entries.`count` OR entries.`count` IS NULL OR EXISTS (SELECT `SID` FROM `ShiftEntry` WHERE `UID` = " . sql_escape($user['UID']) . " AND `ShiftEntry`.`SID` = `Shifts`.`SID`))"; + AND (nat.`count` > entries.`count` OR entries.`count` IS NULL OR EXISTS (SELECT `SID` FROM `ShiftEntry` WHERE `UID` = '" . sql_escape($user['UID']) . "' AND `ShiftEntry`.`SID` = `Shifts`.`SID`))"; elseif ($_SESSION['user_shifts']['filled'][0] == 1) $SQL .= " - AND (nat.`count` <= entries.`count` OR EXISTS (SELECT `SID` FROM `ShiftEntry` WHERE `UID` = " . sql_escape($user['UID']) . " AND `ShiftEntry`.`SID` = `Shifts`.`SID`))"; + AND (nat.`count` <= entries.`count` OR EXISTS (SELECT `SID` FROM `ShiftEntry` WHERE `UID` = '" . sql_escape($user['UID']) . "' AND `ShiftEntry`.`SID` = `Shifts`.`SID`))"; } $SQL .= " ORDER BY `start`"; @@ -601,14 +601,14 @@ function view_user_shifts() { $query = "SELECT `NeededAngelTypes`.`count`, `AngelTypes`.`id`, `AngelTypes`.`restricted`, `UserAngelTypes`.`confirm_user_id`, `AngelTypes`.`name`, `UserAngelTypes`.`user_id` FROM `NeededAngelTypes` JOIN `AngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id`) - LEFT JOIN `UserAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `UserAngelTypes`.`angeltype_id`AND `UserAngelTypes`.`user_id`=" . sql_escape($user['UID']) . ") + LEFT JOIN `UserAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `UserAngelTypes`.`angeltype_id`AND `UserAngelTypes`.`user_id`='" . sql_escape($user['UID']) . "') WHERE `count` > 0 AND "; if ($shift['has_special_needs']) - $query .= "`shift_id` = " . sql_escape($shift['SID']); + $query .= "`shift_id` = '" . sql_escape($shift['SID']) . "'"; else - $query .= "`room_id` = " . sql_escape($shift['RID']); + $query .= "`room_id` = '" . sql_escape($shift['RID']) . "'"; if (! empty($_SESSION['user_shifts']['types'])) $query .= " AND `angel_type_id` IN (" . implode(',', $_SESSION['user_shifts']['types']) . ") "; $query .= " ORDER BY `AngelTypes`.`name`"; @@ -616,7 +616,7 @@ function view_user_shifts() { if (count($angeltypes) > 0) { foreach ($angeltypes as $angeltype) { - $entries = sql_select("SELECT * FROM `ShiftEntry` JOIN `User` ON (`ShiftEntry`.`UID` = `User`.`UID`) WHERE `SID`=" . sql_escape($shift['SID']) . " AND `TID`=" . sql_escape($angeltype['id']) . " ORDER BY `Nick`"); + $entries = sql_select("SELECT * FROM `ShiftEntry` JOIN `User` ON (`ShiftEntry`.`UID` = `User`.`UID`) WHERE `SID`='" . sql_escape($shift['SID']) . "' AND `TID`='" . sql_escape($angeltype['id']) . "' ORDER BY `Nick`"); $entry_list = array(); $freeloader = 0; foreach ($entries as $entry) { @@ -732,22 +732,22 @@ function view_user_shifts() { $query = "SELECT `NeededAngelTypes`.`count`, `AngelTypes`.`id`, `AngelTypes`.`restricted`, `UserAngelTypes`.`confirm_user_id`, `AngelTypes`.`name`, `UserAngelTypes`.`user_id` FROM `NeededAngelTypes` JOIN `AngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id`) - LEFT JOIN `UserAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `UserAngelTypes`.`angeltype_id`AND `UserAngelTypes`.`user_id`=" . sql_escape($user['UID']) . ") + LEFT JOIN `UserAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `UserAngelTypes`.`angeltype_id`AND `UserAngelTypes`.`user_id`='" . sql_escape($user['UID']) . "') WHERE "; if ($shift_has_special_needs) - $query .= "`shift_id` = " . sql_escape($shift['SID']); + $query .= "`shift_id` = '" . sql_escape($shift['SID']) . "'"; else - $query .= "`room_id` = " . sql_escape($shift['RID']); + $query .= "`room_id` = '" . sql_escape($shift['RID']) . "'"; $query .= " AND `count` > 0 "; if (! empty($_SESSION['user_shifts']['types'])) $query .= "AND `angel_type_id` IN (" . implode(',', $_SESSION['user_shifts']['types']) . ") "; $query .= "ORDER BY `AngelTypes`.`name`"; $angeltypes = sql_select($query); if (count($angeltypes) > 0) { - $my_shift = sql_num_query("SELECT * FROM `ShiftEntry` WHERE `SID`=" . sql_escape($shift['SID']) . " AND `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0; + $my_shift = sql_num_query("SELECT * FROM `ShiftEntry` WHERE `SID`='" . sql_escape($shift['SID']) . "' AND `UID`='" . sql_escape($user['UID']) . "' LIMIT 1") > 0; foreach ($angeltypes as &$angeltype) { - $entries = sql_select("SELECT * FROM `ShiftEntry` JOIN `User` ON (`ShiftEntry`.`UID` = `User`.`UID`) WHERE `SID`=" . sql_escape($shift['SID']) . " AND `TID`=" . sql_escape($angeltype['id']) . " ORDER BY `Nick`"); + $entries = sql_select("SELECT * FROM `ShiftEntry` JOIN `User` ON (`ShiftEntry`.`UID` = `User`.`UID`) WHERE `SID`='" . sql_escape($shift['SID']) . "' AND `TID`='" . sql_escape($angeltype['id']) . "' ORDER BY `Nick`"); $entry_list = array(); $freeloader = 0; foreach ($entries as $entry) { diff --git a/includes/sys_auth.php b/includes/sys_auth.php index e9fa197d..3e5cd109 100644 --- a/includes/sys_auth.php +++ b/includes/sys_auth.php @@ -6,7 +6,7 @@ function load_auth() { $user = null; if (isset($_SESSION['uid'])) { - $user = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($_SESSION['uid']) . " LIMIT 1"); + $user = sql_select("SELECT * FROM `User` WHERE `UID`='" . sql_escape($_SESSION['uid']) . "' LIMIT 1"); if (count($user) > 0) { // User ist eingeloggt, Datensatz zur Verfügung stellen und Timestamp updaten list ($user) = $user; @@ -70,7 +70,7 @@ function json_auth_service() { if (count($Erg) == 1) { $Erg = $Erg[0]; if (verify_password($Pass, $Erg["Passwort"], $Erg["UID"])) { - $user_privs = sql_select("SELECT `Privileges`.`name` FROM `User` JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`) JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`) JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `User`.`UID`=" . sql_escape($UID) . ";"); + $user_privs = sql_select("SELECT `Privileges`.`name` FROM `User` JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`) JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`) JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `User`.`UID`='" . sql_escape($UID) . "'"); foreach ($user_privs as $user_priv) $privileges[] = $user_priv['name']; @@ -93,7 +93,7 @@ function json_auth_service() { function privileges_for_user($user_id) { $privileges = array (); - $user_privs = sql_select("SELECT `Privileges`.`name` FROM `User` JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`) JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`) JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `User`.`UID`=" . sql_escape($user_id) . ";"); + $user_privs = sql_select("SELECT `Privileges`.`name` FROM `User` JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`) JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`) JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `User`.`UID`='" . sql_escape($user_id) . "'"); foreach ($user_privs as $user_priv) $privileges[] = $user_priv['name']; return $privileges; @@ -101,7 +101,7 @@ function privileges_for_user($user_id) { function privileges_for_group($group_id) { $privileges = array (); - $groups_privs = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`=" . sql_escape($group_id)); + $groups_privs = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`='" . sql_escape($group_id) . "'"); foreach ($groups_privs as $guest_priv) $privileges[] = $guest_priv['name']; return $privileges;
' . $group['Name'] . '