From f7b658be9b7f2275f2b27a4c23136c7d01d89464 Mon Sep 17 00:00:00 2001
From: cookie <cookie@29ba0400-6e00-0410-a75a-ca02368028f8>
Date: Wed, 19 Apr 2006 21:02:00 +0000
Subject: erweitert

git-svn-id: svn://svn.cccv.de/engel-system@128 29ba0400-6e00-0410-a75a-ca02368028f8
---
 www-ssl/inc/funktion_db.php | 45 ++++++++++++++++++++++-----------------------
 1 file changed, 22 insertions(+), 23 deletions(-)

(limited to 'www-ssl/inc')

diff --git a/www-ssl/inc/funktion_db.php b/www-ssl/inc/funktion_db.php
index 0c54c2d3..6533c215 100644
--- a/www-ssl/inc/funktion_db.php
+++ b/www-ssl/inc/funktion_db.php
@@ -32,9 +32,9 @@ if( !function_exists("db_query"))
 	function db_query( $SQL, $comment)
 	{
 		global $con, $Page;	
+		$Diff = "";
 		
 		//commed anlyse udn daten sicherung
-		$Diff = "";
 		if( strpos( "#$SQL", "UPDATE") > 0)
 		{
 			//Tabellen name ermitteln
@@ -48,24 +48,24 @@ if( !function_exists("db_query"))
 			//WHERE ermitteln
 			$Where_Start = strpos( $SQL, "WHERE");
 			$Where = substr( $SQL, $Where_Start);
-			
-			// sicherheitsprüfung !!!!
 			if( $Where_Start == 0)	$Where = ";"; 
-
-			//Daten auslesen
-			$Diff .= Ausgabe_Daten( "SELECT * FROM $Table $Where");
-
-			//execute command
-			$querry_erg = mysql_query($SQL, $con);
-			
-			//Daten auslesen
-			$Diff .= Ausgabe_Daten( "SELECT * FROM $Table $Where");
+		
+			if( strlen( $Where) < 2) 	
+			{
+				$Diff = "can't show, too mutch data (no filter was set)";
+				$querry_erg = mysql_query($SQL, $con);
+			}
+			else
+			{
+				$Diff .= Ausgabe_Daten( "SELECT * FROM $Table $Where");
+				//execute command
+				$querry_erg = mysql_query($SQL, $con);
+				$Diff .= Ausgabe_Daten( "SELECT * FROM $Table $Where");
+			}
 		}
 		elseif( strpos( "#$SQL", "DELETE") > 0)
 		{
 			$TableWhere = substr( $SQL, 6);
-			
-			//Daten auslesen
 			$Diff .= Ausgabe_Daten( "SELECT * $TableWhere");
 
 			//execute command
@@ -73,7 +73,8 @@ if( !function_exists("db_query"))
 		}
 		elseif( strpos( "#$SQL", "INSERT") > 0)
 		{
-			echo "##### LOG: INSERT #####";
+			//execute command
+			$querry_erg = mysql_query($SQL, $con);
 		}
 		else
 		{
@@ -81,18 +82,16 @@ if( !function_exists("db_query"))
 			$querry_erg = mysql_query($SQL, $con);
 		}
 
-		//abschneiden wenn zu lang
-		if( strlen( $Where) < 2) 	$Diff = "can't show, too mutch data (no filter was set)";
-//		if( strlen( $Diff) > 5120) 	$Diff = "too mutch (len ". strlen( $Diff). "bytes)";
+		$SQLCommand = "SQL:<br>". htmlentities( $SQL, ENT_QUOTES);
+		if( strlen($Diff) > 0)
+			$SQLCommand .= "<br><br>Diff:<br>$Diff";
 
-		$SQLCommand = "SQL:<br>". htmlentities( $SQL, ENT_QUOTES). "<br><br>Diff:<br>$Diff";
 		$Commend = htmlentities( ($Page["Name"]. ": ". $comment), ENT_QUOTES);
 		//LOG commands in DB
 		$SQL_SEC =	"INSERT INTO `ChangeLog` ( `UID` , `SQLCommad` , `Commend` ) ".
-				" VALUES ( ".
-					"'". $_SESSION['UID']. "', ".
-					"'". mysql_escape_string( $SQLCommand). "', ".
-					"'". mysql_escape_string( $Commend). "' );";
+				" VALUES ( '". $_SESSION['UID']. "', ".
+					  "'". mysql_escape_string( $SQLCommand). "', ".
+					  "'". mysql_escape_string( $Commend). "' );";
 		$erg = mysql_query($SQL_SEC, $con);
 		echo mysql_error($con);
 		return $querry_erg;
-- 
cgit v1.2.3-54-g00ecf