typo erweitert
git-svn-id: svn://svn.cccv.de/engel-system@123 29ba0400-6e00-0410-a75a-ca02368028f8
This commit is contained in:
parent
1b954ddea9
commit
6ce01377ed
|
@ -31,7 +31,7 @@ if( !function_exists("db_query"))
|
||||||
|
|
||||||
function db_query( $SQL, $comment)
|
function db_query( $SQL, $comment)
|
||||||
{
|
{
|
||||||
global $con;
|
global $con, $Page;
|
||||||
|
|
||||||
//commed anlyse udn daten sicherung
|
//commed anlyse udn daten sicherung
|
||||||
$Diff = "";
|
$Diff = "";
|
||||||
|
@ -42,6 +42,9 @@ if( !function_exists("db_query"))
|
||||||
$Table_End = strpos( $SQL, "`", $Table_Start+1);
|
$Table_End = strpos( $SQL, "`", $Table_Start+1);
|
||||||
$Table = substr( $SQL, $Table_Start, ($Table_End-$Table_Start+1));
|
$Table = substr( $SQL, $Table_Start, ($Table_End-$Table_Start+1));
|
||||||
|
|
||||||
|
//SecureTest
|
||||||
|
if( $Table_Start == 0 || $Table_End == 0) die("<h1>funktion_db ERROR SQL: '$SQL' nicht OK</h1>");
|
||||||
|
|
||||||
//WHERE ermitteln
|
//WHERE ermitteln
|
||||||
$Where_Start = strpos( $SQL, "WHERE");
|
$Where_Start = strpos( $SQL, "WHERE");
|
||||||
$Where = substr( $SQL, $Where_Start);
|
$Where = substr( $SQL, $Where_Start);
|
||||||
|
@ -79,19 +82,19 @@ if( !function_exists("db_query"))
|
||||||
}
|
}
|
||||||
|
|
||||||
//abschneiden wenn zu lang
|
//abschneiden wenn zu lang
|
||||||
if( strlen( $Diff) > 5120) $Diff = "too mutch (len ". strlen( $Diff). ")";
|
if( strlen( $Where) < 2) $Diff = "can't show, too mutch data (no filter was set)";
|
||||||
|
// if( strlen( $Diff) > 5120) $Diff = "too mutch (len ". strlen( $Diff). "bytes)";
|
||||||
|
|
||||||
|
$SQLCommand = "SQL:<br>". htmlentities( $SQL, ENT_QUOTES). "<br><br>Diff:<br>$Diff";
|
||||||
|
$Commend = htmlentities( ($Page["Name"]. ": ". $comment), ENT_QUOTES);
|
||||||
//LOG commands in DB
|
//LOG commands in DB
|
||||||
$SQL_SEC = "INSERT INTO `ChangeLog` ( `UID` , `SQLCommad` , `Commend` ) ".
|
$SQL_SEC = "INSERT INTO `ChangeLog` ( `UID` , `SQLCommad` , `Commend` ) ".
|
||||||
" VALUES ( ".
|
" VALUES ( ".
|
||||||
"'". $_SESSION['UID']. "', ".
|
"'". $_SESSION['UID']. "', ".
|
||||||
"'SQL:<br>". htmlentities( $SQL, ENT_QUOTES). "<br><br>".
|
"'". mysql_escape_string( $SQLCommand). "', ".
|
||||||
"Diff:<br>$Diff', ".
|
"'". mysql_escape_string( $Commend). "' );";
|
||||||
"'". htmlentities( $comment, ENT_QUOTES). "' );";
|
|
||||||
$erg = mysql_query($SQL_SEC, $con);
|
$erg = mysql_query($SQL_SEC, $con);
|
||||||
echo "##$erg";
|
|
||||||
echo mysql_error($con);
|
echo mysql_error($con);
|
||||||
echo "##";
|
|
||||||
return $querry_erg;
|
return $querry_erg;
|
||||||
}//function db_query(
|
}//function db_query(
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
include ("./inc/config.php");
|
include ("./inc/config.php");
|
||||||
include ("./inc/db.php");
|
include ("./inc/db.php");
|
||||||
include ("./inc/funktion_lang.php");
|
include ("./inc/funktion_lang.php");
|
||||||
include("./inc/funktion_menu.php");
|
include ("./inc/funktion_menu.php");
|
||||||
session_start();
|
session_start();
|
||||||
include ("./inc/secure.php");
|
include ("./inc/secure.php");
|
||||||
/*if ( (!IsSet($_SESSION['UID'])) && (strstr ($_SERVER['PHP_SELF'], "nonpublic") !="" ) ) {
|
/*if ( (!IsSet($_SESSION['UID'])) && (strstr ($_SERVER['PHP_SELF'], "nonpublic") !="" ) ) {
|
||||||
|
|
Loading…
Reference in New Issue