diff options
| author | cookie <cookie@29ba0400-6e00-0410-a75a-ca02368028f8> | 2006-04-19 21:02:00 +0000 |
|---|---|---|
| committer | cookie <cookie@29ba0400-6e00-0410-a75a-ca02368028f8> | 2006-04-19 21:02:00 +0000 |
| commit | f7b658be9b7f2275f2b27a4c23136c7d01d89464 (patch) | |
| tree | 54b56e042de0939f5dd996356ddab90743f1404c /www-ssl | |
| parent | e26c8ad1ac80bc5a849ca56d1a01d9cff6d2b18a (diff) | |
erweitert
git-svn-id: svn://svn.cccv.de/engel-system@128 29ba0400-6e00-0410-a75a-ca02368028f8
Diffstat (limited to 'www-ssl')
| -rw-r--r-- | www-ssl/inc/funktion_db.php | 45 |
1 files changed, 22 insertions, 23 deletions
diff --git a/www-ssl/inc/funktion_db.php b/www-ssl/inc/funktion_db.php index 0c54c2d3..6533c215 100644 --- a/www-ssl/inc/funktion_db.php +++ b/www-ssl/inc/funktion_db.php @@ -32,9 +32,9 @@ if( !function_exists("db_query")) function db_query( $SQL, $comment) { global $con, $Page; + $Diff = ""; //commed anlyse udn daten sicherung - $Diff = ""; if( strpos( "#$SQL", "UPDATE") > 0) { //Tabellen name ermitteln @@ -48,24 +48,24 @@ if( !function_exists("db_query")) //WHERE ermitteln $Where_Start = strpos( $SQL, "WHERE"); $Where = substr( $SQL, $Where_Start); - - // sicherheitsprüfung !!!! if( $Where_Start == 0) $Where = ";"; - - //Daten auslesen - $Diff .= Ausgabe_Daten( "SELECT * FROM $Table $Where"); - - //execute command - $querry_erg = mysql_query($SQL, $con); - - //Daten auslesen - $Diff .= Ausgabe_Daten( "SELECT * FROM $Table $Where"); + + if( strlen( $Where) < 2) + { + $Diff = "can't show, too mutch data (no filter was set)"; + $querry_erg = mysql_query($SQL, $con); + } + else + { + $Diff .= Ausgabe_Daten( "SELECT * FROM $Table $Where"); + //execute command + $querry_erg = mysql_query($SQL, $con); + $Diff .= Ausgabe_Daten( "SELECT * FROM $Table $Where"); + } } elseif( strpos( "#$SQL", "DELETE") > 0) { $TableWhere = substr( $SQL, 6); - - //Daten auslesen $Diff .= Ausgabe_Daten( "SELECT * $TableWhere"); //execute command @@ -73,7 +73,8 @@ if( !function_exists("db_query")) } elseif( strpos( "#$SQL", "INSERT") > 0) { - echo "##### LOG: INSERT #####"; + //execute command + $querry_erg = mysql_query($SQL, $con); } else { @@ -81,18 +82,16 @@ if( !function_exists("db_query")) $querry_erg = mysql_query($SQL, $con); } - //abschneiden wenn zu lang - if( strlen( $Where) < 2) $Diff = "can't show, too mutch data (no filter was set)"; -// if( strlen( $Diff) > 5120) $Diff = "too mutch (len ". strlen( $Diff). "bytes)"; + $SQLCommand = "SQL:<br>". htmlentities( $SQL, ENT_QUOTES); + if( strlen($Diff) > 0) + $SQLCommand .= "<br><br>Diff:<br>$Diff"; - $SQLCommand = "SQL:<br>". htmlentities( $SQL, ENT_QUOTES). "<br><br>Diff:<br>$Diff"; $Commend = htmlentities( ($Page["Name"]. ": ". $comment), ENT_QUOTES); //LOG commands in DB $SQL_SEC = "INSERT INTO `ChangeLog` ( `UID` , `SQLCommad` , `Commend` ) ". - " VALUES ( ". - "'". $_SESSION['UID']. "', ". - "'". mysql_escape_string( $SQLCommand). "', ". - "'". mysql_escape_string( $Commend). "' );"; + " VALUES ( '". $_SESSION['UID']. "', ". + "'". mysql_escape_string( $SQLCommand). "', ". + "'". mysql_escape_string( $Commend). "' );"; $erg = mysql_query($SQL_SEC, $con); echo mysql_error($con); return $querry_erg; |