erweitert
git-svn-id: svn://svn.cccv.de/engel-system@128 29ba0400-6e00-0410-a75a-ca02368028f8
This commit is contained in:
parent
e26c8ad1ac
commit
f7b658be9b
|
@ -32,9 +32,9 @@ if( !function_exists("db_query"))
|
|||
function db_query( $SQL, $comment)
|
||||
{
|
||||
global $con, $Page;
|
||||
$Diff = "";
|
||||
|
||||
//commed anlyse udn daten sicherung
|
||||
$Diff = "";
|
||||
if( strpos( "#$SQL", "UPDATE") > 0)
|
||||
{
|
||||
//Tabellen name ermitteln
|
||||
|
@ -48,24 +48,24 @@ if( !function_exists("db_query"))
|
|||
//WHERE ermitteln
|
||||
$Where_Start = strpos( $SQL, "WHERE");
|
||||
$Where = substr( $SQL, $Where_Start);
|
||||
|
||||
// sicherheitsprüfung !!!!
|
||||
if( $Where_Start == 0) $Where = ";";
|
||||
|
||||
//Daten auslesen
|
||||
$Diff .= Ausgabe_Daten( "SELECT * FROM $Table $Where");
|
||||
|
||||
//execute command
|
||||
$querry_erg = mysql_query($SQL, $con);
|
||||
|
||||
//Daten auslesen
|
||||
$Diff .= Ausgabe_Daten( "SELECT * FROM $Table $Where");
|
||||
if( strlen( $Where) < 2)
|
||||
{
|
||||
$Diff = "can't show, too mutch data (no filter was set)";
|
||||
$querry_erg = mysql_query($SQL, $con);
|
||||
}
|
||||
else
|
||||
{
|
||||
$Diff .= Ausgabe_Daten( "SELECT * FROM $Table $Where");
|
||||
//execute command
|
||||
$querry_erg = mysql_query($SQL, $con);
|
||||
$Diff .= Ausgabe_Daten( "SELECT * FROM $Table $Where");
|
||||
}
|
||||
}
|
||||
elseif( strpos( "#$SQL", "DELETE") > 0)
|
||||
{
|
||||
$TableWhere = substr( $SQL, 6);
|
||||
|
||||
//Daten auslesen
|
||||
$Diff .= Ausgabe_Daten( "SELECT * $TableWhere");
|
||||
|
||||
//execute command
|
||||
|
@ -73,7 +73,8 @@ if( !function_exists("db_query"))
|
|||
}
|
||||
elseif( strpos( "#$SQL", "INSERT") > 0)
|
||||
{
|
||||
echo "##### LOG: INSERT #####";
|
||||
//execute command
|
||||
$querry_erg = mysql_query($SQL, $con);
|
||||
}
|
||||
else
|
||||
{
|
||||
|
@ -81,18 +82,16 @@ if( !function_exists("db_query"))
|
|||
$querry_erg = mysql_query($SQL, $con);
|
||||
}
|
||||
|
||||
//abschneiden wenn zu lang
|
||||
if( strlen( $Where) < 2) $Diff = "can't show, too mutch data (no filter was set)";
|
||||
// if( strlen( $Diff) > 5120) $Diff = "too mutch (len ". strlen( $Diff). "bytes)";
|
||||
$SQLCommand = "SQL:<br>". htmlentities( $SQL, ENT_QUOTES);
|
||||
if( strlen($Diff) > 0)
|
||||
$SQLCommand .= "<br><br>Diff:<br>$Diff";
|
||||
|
||||
$SQLCommand = "SQL:<br>". htmlentities( $SQL, ENT_QUOTES). "<br><br>Diff:<br>$Diff";
|
||||
$Commend = htmlentities( ($Page["Name"]. ": ". $comment), ENT_QUOTES);
|
||||
//LOG commands in DB
|
||||
$SQL_SEC = "INSERT INTO `ChangeLog` ( `UID` , `SQLCommad` , `Commend` ) ".
|
||||
" VALUES ( ".
|
||||
"'". $_SESSION['UID']. "', ".
|
||||
"'". mysql_escape_string( $SQLCommand). "', ".
|
||||
"'". mysql_escape_string( $Commend). "' );";
|
||||
" VALUES ( '". $_SESSION['UID']. "', ".
|
||||
"'". mysql_escape_string( $SQLCommand). "', ".
|
||||
"'". mysql_escape_string( $Commend). "' );";
|
||||
$erg = mysql_query($SQL_SEC, $con);
|
||||
echo mysql_error($con);
|
||||
return $querry_erg;
|
||||
|
|
Loading…
Reference in New Issue