funktion_schichtplan_Tage.php: endlosscheliede bei nur einer schicht

secure.php: filterung noict komplett


git-svn-id: svn://svn.cccv.de/engel-system@28 29ba0400-6e00-0410-a75a-ca02368028f8
main
cookie 19 years ago
parent 7e5f4a3332
commit 1d219f5c77

@ -55,12 +55,15 @@ do
"WHERE ( (`DateS` like '$DateS%') AND NOT (`DateE` like '%00:00:00'))"; "WHERE ( (`DateS` like '$DateS%') AND NOT (`DateE` like '%00:00:00'))";
$Erg2 = mysql_query($SQL2, $con); $Erg2 = mysql_query($SQL2, $con);
$DateE = substr(mysql_result($Erg2, 0 , 0), 0,10); $DateE = substr(mysql_result($Erg2, 0 , 0), 0,10);
while( $DateS != $DateE) if( strlen($DateE) == 0)
{ $DateE = $DateS;
$DateS = DatumUm1TagErhoehen( $DateS); else
$VeranstaltungsTage[$Pos++] = $DateS; while( $DateS != $DateE)
} {
$DateS = DatumUm1TagErhoehen( $DateS);
$VeranstaltungsTage[$Pos++] = $DateS;
}
//suchen den nästen eintrag //suchen den nästen eintrag
$SQL = "SELECT `DateS` FROM `Shifts` ". $SQL = "SELECT `DateS` FROM `Shifts` ".

@ -10,7 +10,7 @@ foreach ($_GET as $k => $v)
$v = htmlspecialchars($v); $v = htmlspecialchars($v);
$v = mysql_escape_string($v); $v = mysql_escape_string($v);
// $v = htmlentities($v); // $v = htmlentities($v);
if (preg_match('/([\"`])/', $v, $match)) if (preg_match('/([\'"`\'])/', $v, $match))
{ {
print "sorry get has illegal char '$match[1]'"; print "sorry get has illegal char '$match[1]'";
exit; exit;

Loading…
Cancel
Save