typo erweitert

git-svn-id: svn://svn.cccv.de/engel-system@123 29ba0400-6e00-0410-a75a-ca02368028f8
This commit is contained in:
cookie 2006-04-19 17:29:11 +00:00
parent 1b954ddea9
commit 6ce01377ed
2 changed files with 11 additions and 8 deletions

View File

@ -31,7 +31,7 @@ if( !function_exists("db_query"))
function db_query( $SQL, $comment) function db_query( $SQL, $comment)
{ {
global $con; global $con, $Page;
//commed anlyse udn daten sicherung //commed anlyse udn daten sicherung
$Diff = ""; $Diff = "";
@ -42,6 +42,9 @@ if( !function_exists("db_query"))
$Table_End = strpos( $SQL, "`", $Table_Start+1); $Table_End = strpos( $SQL, "`", $Table_Start+1);
$Table = substr( $SQL, $Table_Start, ($Table_End-$Table_Start+1)); $Table = substr( $SQL, $Table_Start, ($Table_End-$Table_Start+1));
//SecureTest
if( $Table_Start == 0 || $Table_End == 0) die("<h1>funktion_db ERROR SQL: '$SQL' nicht OK</h1>");
//WHERE ermitteln //WHERE ermitteln
$Where_Start = strpos( $SQL, "WHERE"); $Where_Start = strpos( $SQL, "WHERE");
$Where = substr( $SQL, $Where_Start); $Where = substr( $SQL, $Where_Start);
@ -79,19 +82,19 @@ if( !function_exists("db_query"))
} }
//abschneiden wenn zu lang //abschneiden wenn zu lang
if( strlen( $Diff) > 5120) $Diff = "too mutch (len ". strlen( $Diff). ")"; if( strlen( $Where) < 2) $Diff = "can't show, too mutch data (no filter was set)";
// if( strlen( $Diff) > 5120) $Diff = "too mutch (len ". strlen( $Diff). "bytes)";
$SQLCommand = "SQL:<br>". htmlentities( $SQL, ENT_QUOTES). "<br><br>Diff:<br>$Diff";
$Commend = htmlentities( ($Page["Name"]. ": ". $comment), ENT_QUOTES);
//LOG commands in DB //LOG commands in DB
$SQL_SEC = "INSERT INTO `ChangeLog` ( `UID` , `SQLCommad` , `Commend` ) ". $SQL_SEC = "INSERT INTO `ChangeLog` ( `UID` , `SQLCommad` , `Commend` ) ".
" VALUES ( ". " VALUES ( ".
"'". $_SESSION['UID']. "', ". "'". $_SESSION['UID']. "', ".
"'SQL:<br>". htmlentities( $SQL, ENT_QUOTES). "<br><br>". "'". mysql_escape_string( $SQLCommand). "', ".
"Diff:<br>$Diff', ". "'". mysql_escape_string( $Commend). "' );";
"'". htmlentities( $comment, ENT_QUOTES). "' );";
$erg = mysql_query($SQL_SEC, $con); $erg = mysql_query($SQL_SEC, $con);
echo "##$erg";
echo mysql_error($con); echo mysql_error($con);
echo "##";
return $querry_erg; return $querry_erg;
}//function db_query( }//function db_query(
} }