From cb1736d180ce91cb8b66acfe6cf7cede3a04d097 Mon Sep 17 00:00:00 2001
From: Daniel Friesel ' . $angel_type['Name'] . ' ' . $angel_type['Man'] . ' Edit ';
+ $table .= sprintf(
+ ' ',
+ $angel_type['Name'], $angel_type['Man'],
+ page_link_to("admin_angel_types"),
+ $angel_type['TID']
+ );
$html .= template_render('../templates/admin_angel_types.html', array (
'link' => page_link_to("admin_angel_types"),
'table' => $table
));
+
} else {
+
switch ($_REQUEST['action']) {
+
case 'create' :
- $name = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['name']));
- $man = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['man']));
+ $name = strip_request_item("name");
+ $man = strip_request_item("man");
+
sql_query("INSERT INTO `AngelTypes` SET `Name`='" . sql_escape($name) . "', `Man`='" . sql_escape($man) . "'");
+
header("Location: " . page_link_to("admin_angel_types"));
break;
@@ -30,11 +44,12 @@ function admin_angel_types() {
if (count($angel_type) > 0) {
list ($angel_type) = $angel_type;
- $html .= template_render('../templates/admin_angel_types_edit_form.html', array (
- 'link' => page_link_to("admin_angel_types"),
- 'id' => $id,
- 'name' => $angel_type['Name'],
- 'man' => $angel_type['Man']
+ $html .= template_render(
+ '../templates/admin_angel_types_edit_form.html', array (
+ 'link' => page_link_to("admin_angel_types"),
+ 'id' => $id,
+ 'name' => $angel_type['Name'],
+ 'man' => $angel_type['Man']
));
} else
return error("No Angel Type found.");
@@ -50,8 +65,9 @@ function admin_angel_types() {
if (count($angel_type) > 0) {
list ($angel_type) = $angel_type;
- $name = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['name']));
- $man = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['man']));
+ $name = strip_request_item("name");
+ $man = strip_request_item("man");
+
sql_query("UPDATE `AngelTypes` SET `Name`='" . sql_escape($name) . "', `Man`='" . sql_escape($man) . "' WHERE `TID`=" . sql_escape($id) . " LIMIT 1");
header("Location: " . page_link_to("admin_angel_types"));
} else
@@ -76,131 +92,5 @@ function admin_angel_types() {
}
return $html;
- $Sql = "SELECT * FROM `EngelType` ORDER BY `NAME`";
- $Erg = mysql_query($Sql, $con);
-
- if (!IsSet ($_GET["action"])) {
- echo "Hallo " . $_SESSION['Nick'] .
- ",%s %s '
+ . 'Edit
\nhier hast du die Möglichkeit, neue Engeltypen für die Schichtpläne einzutragen " .
- "oder vorhandene abzuändern:
\n";
-
- echo "- Neuen EngelType eintragen
\n";
-
- echo "\n";
- echo "
";
- } else {
-
- switch ($_GET["action"]) {
-
- case 'new' :
- echo "Neuen EngelType einrichten: \n";
-
- for ($i = 1; $i < mysql_num_fields($Erg); $i++) {
- echo "\t ";
-
- for ($t = 0; $t < mysql_num_rows($Erg); $t++) {
- echo "\t" . mysql_field_name($Erg, $i) . " ";
- }
- echo "\tÄndern ";
- echo "\n";
- for ($j = 1; $j < mysql_num_fields($Erg); $j++) {
- echo "\t\t \n";
- } // ende Auflistung Raeume
- echo "" . mysql_result($Erg, $t, $j) . " \n";
- }
- echo "\t\t### \n";
- echo "\t
";
- echo "";
- break;
-
- case 'newsave' :
- $vars = $_GET;
- $count = count($vars) - 1;
- $vars = array_splice($vars, 0, $count);
- $Keys = "";
- $Values = "";
- foreach ($vars as $key => $value) {
- $Keys .= ", `$key`";
- $Values .= ", '$value'";
- }
-
- if (runSQL_log("INSERT INTO `EngelType` (" . substr($Keys, 2) . ") VALUES (" . substr($Values, 2) . ")", "save new EngelType")) {
- SetHeaderGo2Back();
-
- $SQL2 = "SELECT * FROM `EngelType` WHERE `Name`='" . $_GET["Name"] . "'";
- $ERG = mysql_query($SQL2, $con);
-
- if (mysql_num_rows($ERG) == 1)
- runSQL_log("ALTER TABLE `Room` ADD `DEFAULT_EID_" . mysql_result($ERG, 0, 0) .
- "` INT DEFAULT '0' NOT NULL;", "add new EngelType in Romm Table");
- }
- break;
-
- case 'change' :
- if (!IsSet ($_GET["TID"]))
- echo "Fehlerhafter Aufruf!";
- else {
- echo "Raum abändern:\n";
- echo "Hier kannst du eintragen, den EngelType ändern.";
- echo "";
- echo "";
- }
- break;
-
- case 'changesave' :
- $vars = $_GET;
- $count = count($vars) - 2;
- $vars = array_splice($vars, 0, $count);
- $keys = "";
- $sql = "";
- foreach ($vars as $key => $value) {
- $keys = substr($key, 1);
- $sql .= ", `" . $keys . "`='" . $value . "'";
- }
- runSQL_log("UPDATE `EngelType` SET " . substr($sql, 2) . " WHERE `TID`='" . $_GET["eTID"] . "'", "Save Change EngelType");
- SetHeaderGo2Back();
- break;
-
- case 'delete' :
- if (IsSet ($_GET["TID"])) {
- if (runSQL_log("DELETE FROM `EngelType` WHERE `TID`='" . $_GET["TID"] . "'", "delete EngelType"))
- runSQL_log("ALTER TABLE `Room` DROP `DEFAULT_EID_" . $_GET["TID"] . "`;", "delete EngelType in Room Table");
- } else
- echo "Fehlerhafter Aufruf";
- SetHeaderGo2Back();
- break;
- }
- }
-
- include ("includes/footer.php");
}
?>
diff --git a/includes/sys_page.php b/includes/sys_page.php
index ab8b05e2..2af5f729 100644
--- a/includes/sys_page.php
+++ b/includes/sys_page.php
@@ -1,4 +1,13 @@
' . $msg . '
' . $msg . '
'; } -?> \ No newline at end of file +?>