bei der umstelling auf global=off vergessen

git-svn-id: svn://svn.cccv.de/engel-system@30 29ba0400-6e00-0410-a75a-ca02368028f8

1 files changed, 12 insertions, 13 deletions

diff --git a/www-ssl/nonpublic/news_output.php b/www-ssl/nonpublic/news_output.php
index 9648fc41..91112c81 100755
--- a/www-ssl/nonpublic/news_output.php
+++ b/www-ssl/nonpublic/news_output.php
@@ -3,31 +3,30 @@ include ("./inc/db.php");
 include ("./inc/funktion_user.php");
 
 
-if ( isset($text) && isset($betreff) && IsSet($date) ) {
-  if (!isset($treffen)) $treffen = 0;
+if( isset( $_POST["text"]) && isset( $_POST["betreff"]) && IsSet( $_POST["date"]) ) {
+  if( !isset( $_POST["treffen"])) 
+  	$_POST["treffen"] = 0;
   //$escaped_text = htmlescape($text);
   //$escaped_betreff = htmlescape($betreff);
   $SQL = "INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) ";
-  $SQL.= "VALUES ('$date', '$betreff', '$text', '".$_SESSION['UID'];
-  $SQL.= "', '$treffen');";
+  $SQL.= "VALUES ('". $_POST["date"]. "', '". $_POST["betreff"]. "', '". $_POST["text"]. "', '".$_SESSION['UID'];
+  $SQL.= "', '". $_POST["treffen"]. "');";
   $Erg = mysql_query($SQL, $con);
-  if ($Erg == 1) { Print_Text(4); }
+  if ($Erg == 1)
+  	Print_Text(4);
 }
 
+if( !IsSet( $_GET["news_begin"]))
+	$_GET["news_begin"]=0;
 
-if (!IsSet($news_begin)) {
-	$news_begin=0;
-}
-
-if (!IsSet($DISPLAY_NEWS)) {
-  $DISPLAY_NEWS = 5;
-}
+if( !IsSet( $_GET["DISPLAY_NEWS"]))
+  $_GET["DISPLAY_NEWS"] = 5;
  
 //if (($news_begin-$DISPLAY_NEWS) >= 0 ) {
 //	echo "<br><br><a href=\"./news.php?news_begin=".($news_begin-$DISPLAY_NEWS)."\">Die vorherigen $DISPLAY_NEWS News anzeigen...</a><br>";
 //} 
    
-$SQL = "SELECT * FROM `News` ORDER BY 'ID' DESC LIMIT $news_begin,$DISPLAY_NEWS";
+$SQL = "SELECT * FROM `News` ORDER BY 'ID' DESC LIMIT ". $_GET["news_begin"]. ",". $_GET["DISPLAY_NEWS"];
 $Erg = mysql_query($SQL, $con);
 
 // anzahl zeilen