diff options
author | cookie <cookie@29ba0400-6e00-0410-a75a-ca02368028f8> | 2005-11-09 16:05:28 +0000 |
---|---|---|
committer | cookie <cookie@29ba0400-6e00-0410-a75a-ca02368028f8> | 2005-11-09 16:05:28 +0000 |
commit | 1d219f5c776b1ce403586f0458881e5a05940454 (patch) | |
tree | cd613caa6bafb062546722020986f6e97a1e98a2 /www-ssl | |
parent | 7e5f4a333273cbf230545dd345a7540b28409eb0 (diff) |
funktion_schichtplan_Tage.php: endlosscheliede bei nur einer schicht
secure.php: filterung noict komplett
git-svn-id: svn://svn.cccv.de/engel-system@28 29ba0400-6e00-0410-a75a-ca02368028f8
Diffstat (limited to 'www-ssl')
-rwxr-xr-x | www-ssl/inc/funktion_schichtplan_Tage.php | 15 | ||||
-rwxr-xr-x | www-ssl/inc/secure.php | 2 |
2 files changed, 10 insertions, 7 deletions
diff --git a/www-ssl/inc/funktion_schichtplan_Tage.php b/www-ssl/inc/funktion_schichtplan_Tage.php index 14ae53a9..abbbddc4 100755 --- a/www-ssl/inc/funktion_schichtplan_Tage.php +++ b/www-ssl/inc/funktion_schichtplan_Tage.php @@ -55,12 +55,15 @@ do "WHERE ( (`DateS` like '$DateS%') AND NOT (`DateE` like '%00:00:00'))"; $Erg2 = mysql_query($SQL2, $con); $DateE = substr(mysql_result($Erg2, 0 , 0), 0,10); - - while( $DateS != $DateE) - { - $DateS = DatumUm1TagErhoehen( $DateS); - $VeranstaltungsTage[$Pos++] = $DateS; - } + + if( strlen($DateE) == 0) + $DateE = $DateS; + else + while( $DateS != $DateE) + { + $DateS = DatumUm1TagErhoehen( $DateS); + $VeranstaltungsTage[$Pos++] = $DateS; + } //suchen den nästen eintrag $SQL = "SELECT `DateS` FROM `Shifts` ". diff --git a/www-ssl/inc/secure.php b/www-ssl/inc/secure.php index ed3a514b..687289fc 100755 --- a/www-ssl/inc/secure.php +++ b/www-ssl/inc/secure.php @@ -10,7 +10,7 @@ foreach ($_GET as $k => $v) $v = htmlspecialchars($v); $v = mysql_escape_string($v); // $v = htmlentities($v); - if (preg_match('/([\"`])/', $v, $match)) + if (preg_match('/([\'"`\'])/', $v, $match)) { print "sorry get has illegal char '$match[1]'"; exit; |