kontakt
/
engelsystem
3
0
Fork 0
Code Issues 12 Pull Requests Projects Releases Wiki Activity

harden the sql queries

Browse Source
main
Philip Häusler 10 years ago
parent a6ab81b834
commit 6bede2fd22
33 changed files with 188 additions and 178 deletions
Show Stats Download Patch File Download Diff File

2
db/update.d/16_admin_user_angeltypes.php
Unescape Escape View File

@ -5,7 +5,7 @@
if (sql_num_query("SELECT * FROM `Privileges` WHERE `name`='admin_user_angeltypes'") == 0) {
sql_query("INSERT INTO `Privileges` (`id`, `name`, `desc`) VALUES ( NULL , 'admin_user_angeltypes', 'Confirm restricted angel types' );");
$id = sql_id();
sql_query("INSERT INTO `GroupPrivileges` SET `group_id`=-5, `privilege_id`=" . sql_escape($id));
sql_query("INSERT INTO `GroupPrivileges` SET `group_id`=-5, `privilege_id`='" . sql_escape($id) . "'");
sql_query("INSERT INTO `Sprache` (
`TextID` ,
`Sprache` ,

2
includes/controller/shifts_controller.php
Unescape Escape View File

@ -145,7 +145,7 @@ function shifts_json_export_controller() {
INNER JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`)
INNER JOIN `ShiftTypes` ON (`Shifts`.`shifttype_id`=`ShiftTypes`.`id`)
INNER JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`)
WHERE `UID`=" . sql_escape($user['UID']) . "
WHERE `UID`='" . sql_escape($user['UID']) . "'
ORDER BY `start`");
}

6
includes/controller/users_controller.php
Unescape Escape View File

@ -74,14 +74,14 @@ function user_controller() {
$shifts = Shifts_by_user($user_source);
foreach ($shifts as &$shift) {
// TODO: Move queries to model
$shift['needed_angeltypes'] = sql_select("SELECT DISTINCT `AngelTypes`.* FROM `ShiftEntry` JOIN `AngelTypes` ON `ShiftEntry`.`TID`=`AngelTypes`.`id` WHERE `ShiftEntry`.`SID`=" . sql_escape($shift['SID']) . " ORDER BY `AngelTypes`.`name`");
$shift['needed_angeltypes'] = sql_select("SELECT DISTINCT `AngelTypes`.* FROM `ShiftEntry` JOIN `AngelTypes` ON `ShiftEntry`.`TID`=`AngelTypes`.`id` WHERE `ShiftEntry`.`SID`='" . sql_escape($shift['SID']) . "' ORDER BY `AngelTypes`.`name`");
foreach ($shift['needed_angeltypes'] as &$needed_angeltype) {
$needed_angeltype['users'] = sql_select("
SELECT `ShiftEntry`.`freeloaded`, `User`.*
FROM `ShiftEntry`
JOIN `User` ON `ShiftEntry`.`UID`=`User`.`UID`
WHERE `ShiftEntry`.`SID`=" . sql_escape($shift['SID']) . "
AND `ShiftEntry`.`TID`=" . sql_escape($needed_angeltype['id']));
WHERE `ShiftEntry`.`SID`='" . sql_escape($shift['SID']) . "'
AND `ShiftEntry`.`TID`='" . sql_escape($needed_angeltype['id']) . "'");
}
}

12
includes/model/AngelType_model.php
Unescape Escape View File

@ -8,7 +8,7 @@
function AngelType_delete($angeltype) {
return sql_query("
DELETE FROM `AngelTypes`
WHERE `id`=" . sql_escape($angeltype['id']) . "
WHERE `id`='" . sql_escape($angeltype['id']) . "'
LIMIT 1");
}
@ -24,9 +24,9 @@ function AngelType_update($angeltype_id, $name, $restricted, $description) {
return sql_query("
UPDATE `AngelTypes` SET
`name`='" . sql_escape($name) . "',
`restricted`=" . sql_escape($restricted ? 1 : 0) . ",
`restricted`='" . sql_escape($restricted ? 1 : 0) . "',
`description`='" . sql_escape($description) . "'
WHERE `id`=" . sql_escape($angeltype_id) . "
WHERE `id`='" . sql_escape($angeltype_id) . "'
LIMIT 1");
}
@ -42,7 +42,7 @@ function AngelType_create($name, $restricted, $description) {
$result = sql_query("
INSERT INTO `AngelTypes` SET
`name`='" . sql_escape($name) . "',
`restricted`=" . sql_escape($restricted ? 1 : 0) . ",
`restricted`='" . sql_escape($restricted ? 1 : 0) . "',
`description`='" . sql_escape($description) . "'");
if ($result === false)
return false;
@ -69,7 +69,7 @@ function AngelType_validate_name($name, $angeltype) {
SELECT *
FROM `AngelTypes`
WHERE `name`='" . sql_escape($name) . "'
AND NOT `id`=" . sql_escape($angeltype['id']) . "
AND NOT `id`='" . sql_escape($angeltype['id']) . "'
LIMIT 1") == 0,
$name
);
@ -130,7 +130,7 @@ function AngelType_ids() {
* ID
*/
function AngelType($id) {
$angelType_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
$angelType_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
if ($angelType_source === false)
return false;
if (count($angelType_source) > 0)

2
includes/model/LogEntries_model.php
Unescape Escape View File

@ -8,7 +8,7 @@
* Message
*/
function LogEntry_create($nick, $message) {
return sql_query("INSERT INTO `LogEntries` SET `timestamp`=" . sql_escape(time()) . ", `nick`='" . sql_escape($nick) . "', `message`='" . sql_escape($message) . "'");
return sql_query("INSERT INTO `LogEntries` SET `timestamp`='" . sql_escape(time()) . "', `nick`='" . sql_escape($nick) . "', `message`='" . sql_escape($message) . "'");
}
/**

6
includes/model/Message_model.php
Unescape Escape View File

@ -14,7 +14,7 @@ function Message_ids() {
* ID
*/
function Message($id) {
$message_source = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
$message_source = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
if ($message_source === false)
return false;
if (count($message_source) > 0)
@ -38,8 +38,8 @@ function Message_send($id, $text) {
$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($text));
$to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($id));
if (($text != "" && is_numeric($to)) && (sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0)) {
sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'");
if (($text != "" && is_numeric($to)) && (sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($to) . "' AND NOT `UID`='" . sql_escape($user['UID']) . "' LIMIT 1") > 0)) {
sql_query("INSERT INTO `Messages` SET `Datum`='" . sql_escape(time()) . "', `SUID`='" . sql_escape($user['UID']) . "', `RUID`='" . sql_escape($to) . "', `Text`='" . sql_escape($text) . "'");
return true;
} else {
return false;

4
includes/model/NeededAngelTypes_model.php
Unescape Escape View File

@ -10,7 +10,7 @@ function NeededAngelTypes_by_shift($shiftId) {
SELECT `NeededAngelTypes`.*, `AngelTypes`.`name`, `AngelTypes`.`restricted`
FROM `NeededAngelTypes`
JOIN `AngelTypes` ON `AngelTypes`.`id` = `NeededAngelTypes`.`angel_type_id`
WHERE `shift_id`=" . sql_escape($shiftId) . "
WHERE `shift_id`='" . sql_escape($shiftId) . "'
AND `count` > 0
ORDER BY `room_id` DESC
");
@ -24,7 +24,7 @@ function NeededAngelTypes_by_shift($shiftId) {
FROM `NeededAngelTypes`
JOIN `AngelTypes` ON `AngelTypes`.`id` = `NeededAngelTypes`.`angel_type_id`
JOIN `Shifts` ON `Shifts`.`RID` = `NeededAngelTypes`.`room_id`
WHERE `Shifts`.`SID`=" . sql_escape($shiftId) . "
WHERE `Shifts`.`SID`='" . sql_escape($shiftId) . "'
AND `count` > 0
ORDER BY `room_id` DESC
");

2
includes/model/Room_model.php
Unescape Escape View File

@ -18,7 +18,7 @@ function Room_ids() {
* @param $id RID
*/
function Room($id) {
$room_source = sql_select("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($id) . " AND `show` = 'Y' LIMIT 1");
$room_source = sql_select("SELECT * FROM `Room` WHERE `RID`='" . sql_escape($id) . "' AND `show` = 'Y' LIMIT 1");
if ($room_source === false)
return false;
if (count($room_source) > 0)

18
includes/model/ShiftEntry_model.php
Unescape Escape View File

@ -16,7 +16,7 @@ function ShiftEntries_by_shift($shift_id) {
FROM `ShiftEntry`
JOIN `User` ON `ShiftEntry`.`UID`=`User`.`UID`
JOIN `AngelTypes` ON `ShiftEntry`.`TID`=`AngelTypes`.`id`
WHERE `ShiftEntry`.`SID`=" . sql_escape($shift_id));
WHERE `ShiftEntry`.`SID`='" . sql_escape($shift_id)) . "'";
}
/**
@ -27,12 +27,12 @@ function ShiftEntries_by_shift($shift_id) {
function ShiftEntry_create($shift_entry) {
mail_shift_assign(User($shift_entry['UID']), Shift($shift_entry['SID']));
return sql_query("INSERT INTO `ShiftEntry` SET
`SID`=" . sql_escape($shift_entry['SID']) . ",
`TID`=" . sql_escape($shift_entry['TID']) . ",
`UID`=" . sql_escape($shift_entry['UID']) . ",
`SID`='" . sql_escape($shift_entry['SID']) . "',
`TID`='" . sql_escape($shift_entry['TID']) . "',
`UID`='" . sql_escape($shift_entry['UID']) . "',
`Comment`='" . sql_escape($shift_entry['Comment']) . "',
`freeload_comment`='" . sql_escape($shift_entry['freeload_comment']) . "',
`freeloaded`=" . sql_escape($shift_entry['freeloaded'] ? 'TRUE' : 'FALSE'));
`freeloaded`=" . sql_bool($shift_entry['freeloaded']));
}
/**
@ -42,15 +42,15 @@ function ShiftEntry_update($shift_entry) {
return sql_query("UPDATE `ShiftEntry` SET
`Comment`='" . sql_escape($shift_entry['Comment']) . "',
`freeload_comment`='" . sql_escape($shift_entry['freeload_comment']) . "',
`freeloaded`=" . sql_escape($shift_entry['freeloaded'] ? 'TRUE' : 'FALSE') . "
WHERE `id`=" . sql_escape($shift_entry['id']));
`freeloaded`=" . sql_bool($shift_entry['freeloaded']) . "
WHERE `id`='" . sql_escape($shift_entry['id']) . "'");
}
/**
* Get a shift entry.
*/
function ShiftEntry($shift_entry_id) {
$shift_entry = sql_select("SELECT * FROM `ShiftEntry` WHERE `id`=" . sql_escape($shift_entry_id));
$shift_entry = sql_select("SELECT * FROM `ShiftEntry` WHERE `id`='" . sql_escape($shift_entry_id) . "'");
if ($shift_entry === false)
return false;
if (count($shift_entry) == 0)
@ -64,7 +64,7 @@ function ShiftEntry($shift_entry_id) {
function ShiftEntry_delete($shift_entry_id) {
$shift_entry = ShiftEntry($shift_entry_id);
mail_shift_removed(User($shift_entry['UID']), Shift($shift_entry['SID']));
return sql_query("DELETE FROM `ShiftEntry` WHERE `id`=" . sql_escape($shift_entry_id));
return sql_query("DELETE FROM `ShiftEntry` WHERE `id`='" . sql_escape($shift_entry_id) . "'");
}
/**

8
includes/model/ShiftTypes_model.php
Unescape Escape View File

@ -5,7 +5,7 @@
* @param int $shifttype_id
*/
function ShiftType_delete($shifttype_id) {
return sql_query("DELETE FROM `ShiftTypes` WHERE `id`=" . sql_escape($shifttype_id));
return sql_query("DELETE FROM `ShiftTypes` WHERE `id`='" . sql_escape($shifttype_id) . "'");
}
/**
@ -21,7 +21,7 @@ function ShiftType_update($shifttype_id, $name, $angeltype_id, $description) {
`name`='" . sql_escape($name) . "',
`angeltype_id`=" . sql_null($angeltype_id) . ",
`description`='" . sql_escape($description) . "'
WHERE `id`=" . sql_escape($shifttype_id));
WHERE `id`='" . sql_escape($shifttype_id) . "'");
}
/**
@ -35,7 +35,7 @@ function ShiftType_update($shifttype_id, $name, $angeltype_id, $description) {
function ShiftType_create($name, $angeltype_id, $description) {
$result = sql_query("INSERT INTO `ShiftTypes` SET
`name`='" . sql_escape($name) . "',
`angeltype_id`=" . sql_null($angeltype_id) . ",
`angeltype_id`='" . sql_null($angeltype_id) . "',
`description`='" . sql_escape($description) . "'");
if ($result === false)
return false;
@ -48,7 +48,7 @@ function ShiftType_create($name, $angeltype_id, $description) {
* @param int $shifttype_id
*/
function ShiftType($shifttype_id) {
$shifttype = sql_select("SELECT * FROM `ShiftTypes` WHERE `id`=" . sql_escape($shifttype_id));
$shifttype = sql_select("SELECT * FROM `ShiftTypes` WHERE `id`='" . sql_escape($shifttype_id) . "'");
if ($shifttype === false)
return false;
if ($shifttype == null)

32
includes/model/Shifts_model.php
Unescape Escape View File

@ -85,7 +85,7 @@ function Shift_signup_allowed($shift, $angeltype, $user_angeltype = null, $user_
* Delete a shift by its external id.
*/
function Shift_delete_by_psid($shift_psid) {
return sql_query("DELETE FROM `Shifts` WHERE `PSID`=" . sql_escape($shift_psid));
return sql_query("DELETE FROM `Shifts` WHERE `PSID`='" . sql_escape($shift_psid)."'");
}
/**
@ -94,7 +94,7 @@ function Shift_delete_by_psid($shift_psid) {
function Shift_delete($shift_id) {
mail_shift_delete(Shift($shift_id));
return sql_query("DELETE FROM `Shifts` WHERE `SID`=" . sql_escape($shift_id));
return sql_query("DELETE FROM `Shifts` WHERE `SID`='" . sql_escape($shift_id) . "'");
}
/**
@ -105,14 +105,14 @@ function Shift_update($shift) {
mail_shift_change(Shift($shift['SID']), $shift);
return sql_query("UPDATE `Shifts` SET
`shifttype_id`=" . sql_escape($shift['shifttype_id']) . ",
`start`=" . sql_escape($shift['start']) . ",
`end`=" . sql_escape($shift['end']) . ",
`RID`=" . sql_escape($shift['RID']) . ",
`shifttype_id`='" . sql_escape($shift['shifttype_id']) . "',
`start`='" . sql_escape($shift['start']) . "',
`end`='" . sql_escape($shift['end']) . "',
`RID`='" . sql_escape($shift['RID']) . "',
`title`=" . sql_null($shift['title']) . ",
`URL`=" . sql_null($shift['URL']) . ",
`PSID`=" . sql_null($shift['PSID']) . "
WHERE `SID`=" . sql_escape($shift['SID']));
WHERE `SID`='" . sql_escape($shift['SID']) . "'");
}
/**
@ -135,12 +135,12 @@ function Shift_update_by_psid($shift) {
*/
function Shift_create($shift) {
$result = sql_query("INSERT INTO `Shifts` SET
`shifttype_id`=" . sql_escape($shift['shifttype_id']) . ",
`start`=" . sql_escape($shift['start']) . ",
`end`=" . sql_escape($shift['end']) . ",
`RID`=" . sql_escape($shift['RID']) . ",
`shifttype_id`='" . sql_escape($shift['shifttype_id']) . "',
`start`='" . sql_escape($shift['start']) . "',
`end`='" . sql_escape($shift['end']) . "',
`RID`='" . sql_escape($shift['RID']) . "',
`title`=" . sql_null($shift['title']) . ",
`URL`=" . sql_null($shift['URL']) . ",
`URL`=" . sql_null($shift['URL']) . "',
`PSID`=" . sql_null($shift['PSID']));
if ($result === false)
return false;
@ -157,7 +157,7 @@ function Shifts_by_user($user) {
JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`)
JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`)
WHERE `UID`=" . sql_escape($user['UID']) . "
WHERE `UID`='" . sql_escape($user['UID']) . "'
ORDER BY `start`
");
}
@ -173,7 +173,7 @@ function Shifts_filtered() {
// filterRoom (Array of integer) - Array of Room IDs (optional, for list request)
if (isset($_REQUEST['filterRoom']) && is_array($_REQUEST['filterRoom'])) {
foreach ($_REQUEST['filterRoom'] as $key => $value) {
$filter .= ", `RID`=" . sql_escape($value) . " ";
$filter .= ", `RID`='" . sql_escape($value) . "' ";
}
}
@ -218,8 +218,8 @@ function Shift($id) {
SELECT `Shifts`.*, `ShiftTypes`.`name`
FROM `Shifts`
JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
WHERE `SID`=" . sql_escape($id));
$shiftsEntry_source = sql_select("SELECT `id`, `TID` , `UID` , `freeloaded` FROM `ShiftEntry` WHERE `SID`=" . sql_escape($id));
WHERE `SID`='" . sql_escape($id) . "'");
$shiftsEntry_source = sql_select("SELECT `id`, `TID` , `UID` , `freeloaded` FROM `ShiftEntry` WHERE `SID`='" . sql_escape($id) . "'");
if ($shifts_source === false)
return false;

34
includes/model/UserAngelTypes_model.php
Unescape Escape View File

@ -8,7 +8,7 @@ function User_angeltypes($user) {
SELECT `AngelTypes`.*, `UserAngelTypes`.`confirm_user_id`, `UserAngelTypes`.`coordinator`
FROM `UserAngelTypes`
JOIN `AngelTypes` ON `UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`
WHERE `UserAngelTypes`.`user_id`=" . sql_escape($user['UID']) . "
WHERE `UserAngelTypes`.`user_id`='" . sql_escape($user['UID']) . "'
");
}
@ -22,7 +22,7 @@ function User_unconfirmed_AngelTypes($user) {
SELECT `UnconfirmedMembers`.*, `AngelTypes`.`name` FROM `UserAngelTypes`
JOIN `AngelTypes` ON `UserAngelTypes`.`angeltype_id`=`AngelTypes`.`id`
JOIN `UserAngelTypes` as `UnconfirmedMembers` ON `UserAngelTypes`.`angeltype_id`=`UnconfirmedMembers`.`angeltype_id`
WHERE `UserAngelTypes`.`user_id`=" . sql_escape($user['UID']) . "
WHERE `UserAngelTypes`.`user_id`='" . sql_escape($user['UID']) . "'
AND `UserAngelTypes`.`coordinator`=TRUE
AND `AngelTypes`.`restricted`=TRUE
AND `UnconfirmedMembers`.`confirm_user_id` IS NULL");
@ -38,8 +38,8 @@ function User_is_AngelType_coordinator($user, $angeltype) {
return (sql_num_query("
SELECT `id`
FROM `UserAngelTypes`
WHERE `user_id`=" . sql_escape($user['UID']) . "
AND `angeltype_id`=" . sql_escape($angeltype['id']) . "
WHERE `user_id`='" . sql_escape($user['UID']) . "'
AND `angeltype_id`='" . sql_escape($angeltype['id']) . "'
AND `coordinator`=TRUE
LIMIT 1") > 0) || in_array('admin_user_angeltypes', privileges_for_user($user['UID']));
}
@ -53,8 +53,8 @@ function User_is_AngelType_coordinator($user, $angeltype) {
function UserAngelType_update($user_angeltype_id, $coordinator) {
return sql_query("
UPDATE `UserAngelTypes`
SET `coordinator`=" . ($coordinator ? 'TRUE' : 'FALSE') . "
WHERE `id`=" . sql_escape($user_angeltype_id) . "
SET `coordinator`=" . sql_bool($coordinator) . "
WHERE `id`='" . sql_escape($user_angeltype_id) . "'
LIMIT 1");
}
@ -66,7 +66,7 @@ function UserAngelType_update($user_angeltype_id, $coordinator) {
function UserAngelTypes_delete_all($angeltype_id) {
return sql_query("
DELETE FROM `UserAngelTypes`
WHERE `angeltype_id`=" . sql_escape($angeltype_id) . "
WHERE `angeltype_id`='" . sql_escape($angeltype_id) . "'
AND `confirm_user_id` IS NULL");
}
@ -79,8 +79,8 @@ function UserAngelTypes_delete_all($angeltype_id) {
function UserAngelTypes_confirm_all($angeltype_id, $confirm_user) {
return sql_query("
UPDATE `UserAngelTypes`
SET `confirm_user_id`=" . sql_escape($confirm_user['UID']) . "
WHERE `angeltype_id`=" . sql_escape($angeltype_id) . "
SET `confirm_user_id`='" . sql_escape($confirm_user['UID']) . "'
WHERE `angeltype_id`='" . sql_escape($angeltype_id) . "'
AND `confirm_user_id` IS NULL");
}
@ -93,8 +93,8 @@ function UserAngelTypes_confirm_all($angeltype_id, $confirm_user) {
function UserAngelType_confirm($user_angeltype_id, $confirm_user) {
return sql_query("
UPDATE `UserAngelTypes`
SET `confirm_user_id`=" . sql_escape($confirm_user['UID']) . "
WHERE `id`=" . sql_escape($user_angeltype_id) . "
SET `confirm_user_id`='" . sql_escape($confirm_user['UID']) . "'
WHERE `id`='" . sql_escape($user_angeltype_id) . "'
LIMIT 1");
}
@ -106,7 +106,7 @@ function UserAngelType_confirm($user_angeltype_id, $confirm_user) {
function UserAngelType_delete($user_angeltype) {
return sql_query("
DELETE FROM `UserAngelTypes`
WHERE `id`=" . sql_escape($user_angeltype['id']) . "
WHERE `id`='" . sql_escape($user_angeltype['id']) . "'
LIMIT 1");
}
@ -119,8 +119,8 @@ function UserAngelType_delete($user_angeltype) {
function UserAngelType_create($user, $angeltype) {
$result = sql_query("
INSERT INTO `UserAngelTypes` SET
`user_id`=" . sql_escape($user['UID']) . ",
`angeltype_id`=" . sql_escape($angeltype['id']));
`user_id`='" . sql_escape($user['UID']) . "',
`angeltype_id`='" . sql_escape($angeltype['id']) . "'");
if ($result === false)
return false;
return sql_id();
@ -135,7 +135,7 @@ function UserAngelType($user_angeltype_id) {
$angeltype = sql_select("
SELECT *
FROM `UserAngelTypes`
WHERE `id`=" . sql_escape($user_angeltype_id) . "
WHERE `id`='" . sql_escape($user_angeltype_id) . "'
LIMIT 1");
if ($angeltype === false)
return false;
@ -154,8 +154,8 @@ function UserAngelType_by_User_and_AngelType($user, $angeltype) {
$angeltype = sql_select("
SELECT *
FROM `UserAngelTypes`
WHERE `user_id`=" . sql_escape($user['UID']) . "
AND `angeltype_id`=" . sql_escape($angeltype['id']) . "
WHERE `user_id`='" . sql_escape($user['UID']) . "'
AND `angeltype_id`='" . sql_escape($angeltype['id']) . "'
LIMIT 1");
if ($angeltype === false)
return false;

2
includes/model/UserGroups_model.php
Unescape Escape View File

@ -9,7 +9,7 @@ function User_groups($user) {
SELECT `Groups`.*
FROM `UserGroups`
JOIN `Groups` ON `Groups`.`UID`=`UserGroups`.`group_id`
WHERE `UserGroups`.`uid`=" . sql_escape($user['UID']) . "
WHERE `UserGroups`.`uid`='" . sql_escape($user['UID']) . "'
ORDER BY `UserGroups`.`group_id`
");
}

26
includes/model/User_model.php
Unescape Escape View File

@ -14,23 +14,23 @@ function User_update($user) {
`Nick`='" . sql_escape($user['Nick']) . "',
`Name`='" . sql_escape($user['Name']) . "',
`Vorname`='" . sql_escape($user['Vorname']) . "',
`Alter`=" . sql_escape($user['Alter']) . ",
`Alter`='" . sql_escape($user['Alter']) . "',
`Telefon`='" . sql_escape($user['Telefon']) . "',
`DECT`='" . sql_escape($user['DECT']) . "',
`Handy`='" . sql_escape($user['Handy']) . "',
`email`='" . sql_escape($user['email']) . "',
`email_shiftinfo`=" . sql_escape($user['email_shiftinfo'] ? 'TRUE' : 'FALSE') . ",
`email_shiftinfo`=" . sql_bool($user['email_shiftinfo']) . ",
`jabber`='" . sql_escape($user['jabber']) . "',
`Size`='" . sql_escape($user['Size']) . "',
`Gekommen`=" . sql_escape($user['Gekommen']) . ",
`Aktiv`=" . sql_escape($user['Aktiv']) . ",
`force_active`=" . sql_escape($user['force_active'] ? 'TRUE' : 'FALSE') . ",
`Tshirt`=" . sql_escape($user['Tshirt']) . ",
`color`=" . sql_escape($user['color']) . ",
`Gekommen`='" . sql_escape($user['Gekommen']) . "',
`Aktiv`='" . sql_escape($user['Aktiv']) . "',
`force_active`=" . sql_bool($user['force_active']) . ",
`Tshirt`='" . sql_escape($user['Tshirt']) . "',
`color`='" . sql_escape($user['color']) . "',
`Sprache`='" . sql_escape($user['Sprache']) . "',
`Hometown`='" . sql_escape($user['Hometown']) . "',
`got_voucher`=" . sql_escape($user['got_voucher'] ? 'TRUE' : 'FALSE') . "
WHERE `UID`=" . sql_escape($user['UID']));
`got_voucher`=" . sql_bool($user['got_voucher']) . "
WHERE `UID`='" . sql_escape($user['UID']). "'");
}
/**
@ -105,7 +105,7 @@ function Users_by_angeltype_inverted($angeltype) {
return sql_select("
SELECT `User`.*
FROM `User`
LEFT JOIN `UserAngelTypes` ON (`User`.`UID`=`UserAngelTypes`.`user_id` AND `angeltype_id`=" . sql_escape($angeltype['id']) . ")
LEFT JOIN `UserAngelTypes` ON (`User`.`UID`=`UserAngelTypes`.`user_id` AND `angeltype_id`='" . sql_escape($angeltype['id']) . "')
WHERE `UserAngelTypes`.`id` IS NULL
ORDER BY `Nick`");
}
@ -124,7 +124,7 @@ function Users_by_angeltype($angeltype) {
`UserAngelTypes`.`coordinator`
FROM `User`
JOIN `UserAngelTypes` ON `User`.`UID`=`UserAngelTypes`.`user_id`
WHERE `UserAngelTypes`.`angeltype_id`=" . sql_escape($angeltype['id']) . "
WHERE `UserAngelTypes`.`angeltype_id`='" . sql_escape($angeltype['id']) . "'
ORDER BY `Nick`");
}
@ -150,7 +150,7 @@ function User_validate_Nick($nick) {
* @param $id UID
*/
function User($id) {
$user_source = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
$user_source = sql_select("SELECT * FROM `User` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
if ($user_source === false)
return false;
if (count($user_source) > 0)
@ -165,7 +165,7 @@ function User($id) {
* @param $id UID
*/
function mUser_Limit($id) {
$user_source = sql_select("SELECT `UID`, `Nick`, `Name`, `Vorname`, `Telefon`, `DECT`, `Handy`, `email`, `jabber`, `Avatar` FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
$user_source = sql_select("SELECT `UID`, `Nick`, `Name`, `Vorname`, `Telefon`, `DECT`, `Handy`, `email`, `jabber`, `Avatar` FROM `User` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
if ($user_source === false)
return false;
if (count($user_source) > 0)

10
includes/mysqli_provider.php
Unescape Escape View File

@ -170,6 +170,16 @@ function sql_escape($query) {
return $sql_connection->real_escape_string($query);
}
/**
* Convert a boolean for mysql-queries.
*
* @param boolean $boolean
* @return string
*/
function sql_bool($boolean) {
return $boolean === true ? 'TRUE' : 'FALSE';
}
/**
* Count query result lines.
*

10
includes/pages/admin_active.php
Unescape Escape View File

@ -42,7 +42,7 @@ function admin_active() {
ORDER BY `force_active` DESC, `shift_length` DESC" . $limit);
$user_nicks = array();
foreach ($users as $usr) {
sql_query("UPDATE `User` SET `Aktiv` = 1 WHERE `UID`=" . sql_escape($usr['UID']));
sql_query("UPDATE `User` SET `Aktiv` = 1 WHERE `UID`='" . sql_escape($usr['UID']) . "'");
$user_nicks[] = User_Nick_render($usr);
}
engelsystem_log("These angels are active now: " . join(", ", $user_nicks));
@ -58,7 +58,7 @@ function admin_active() {
$id = $_REQUEST['active'];
$user_source = User($id);
if ($user_source != null) {
sql_query("UPDATE `User` SET `Aktiv`=1 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
sql_query("UPDATE `User` SET `Aktiv`=1 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("User " . User_Nick_render($user_source) . " is active now.");
$msg = success(_("Angel has been marked as active."), true);
} else
@ -67,7 +67,7 @@ function admin_active() {
$id = $_REQUEST['not_active'];
$user_source = User($id);
if ($user_source != null) {
sql_query("UPDATE `User` SET `Aktiv`=0 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
sql_query("UPDATE `User` SET `Aktiv`=0 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("User " . User_Nick_render($user_source) . " is NOT active now.");
$msg = success(_("Angel has been marked as not active."), true);
} else
@ -76,7 +76,7 @@ function admin_active() {
$id = $_REQUEST['tshirt'];
$user_source = User($id);
if ($user_source != null) {
sql_query("UPDATE `User` SET `Tshirt`=1 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
sql_query("UPDATE `User` SET `Tshirt`=1 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("User " . User_Nick_render($user_source) . " has tshirt now.");
$msg = success(_("Angel has got a t-shirt."), true);
} else
@ -85,7 +85,7 @@ function admin_active() {
$id = $_REQUEST['not_tshirt'];
$user_source = User($id);
if ($user_source != null) {
sql_query("UPDATE `User` SET `Tshirt`=0 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
sql_query("UPDATE `User` SET `Tshirt`=0 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("User " . User_Nick_render($user_source) . " has NO tshirt.");
$msg = success(_("Angel has got no t-shirt."), true);
} else

4
includes/pages/admin_arrive.php
Unescape Escape View File

@ -13,7 +13,7 @@ function admin_arrive() {
$id = $_REQUEST['reset'];
$user_source = User($id);
if ($user_source != null) {
sql_query("UPDATE `User` SET `Gekommen`=0 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
sql_query("UPDATE `User` SET `Gekommen`=0 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("User set to not arrived: " . User_Nick_render($user_source));
$msg = success(_("Reset done. Angel has not arrived."), true);
} else
@ -22,7 +22,7 @@ function admin_arrive() {
$id = $_REQUEST['arrived'];
$user_source = User($id);
if ($user_source != null) {
sql_query("UPDATE `User` SET `Gekommen`=1 WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
sql_query("UPDATE `User` SET `Gekommen`=1 WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("User set has arrived: " . User_Nick_render($user_source));
$msg = success(_("Angel has been marked as arrived."), true);
} else

2
includes/pages/admin_free.php
Unescape Escape View File

@ -32,7 +32,7 @@ function admin_free() {
FROM `User`
${angeltypesearch}
LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID`
LEFT JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID` AND `Shifts`.`start` < " . sql_escape(time()) . " AND `Shifts`.`end` > " . sql_escape(time()) . ")
LEFT JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID` AND `Shifts`.`start` < '" . sql_escape(time()) . "' AND `Shifts`.`end` > '" . sql_escape(time()) . "')
WHERE `User`.`Gekommen` = 1 AND `Shifts`.`SID` IS NULL
GROUP BY `User`.`UID`
ORDER BY `Nick`");

14
includes/pages/admin_groups.php
Unescape Escape View File

@ -11,7 +11,7 @@ function admin_groups() {
if (! isset($_REQUEST["action"])) {
$groups_table = array();
foreach ($groups as $group) {
$privileges = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`=" . sql_escape($group['UID']));
$privileges = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`='" . sql_escape($group['UID']) . "'");
$privileges_html = array();
foreach ($privileges as $priv)
@ -39,10 +39,10 @@ function admin_groups() {
else
return error("Incomplete call, missing Groups ID.", true);
$room = sql_select("SELECT * FROM `Groups` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
$room = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
if (count($room) > 0) {
list($room) = $room;
$privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`=" . sql_escape($id) . ") ORDER BY `Privileges`.`name`");
$privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`='" . sql_escape($id) . "') ORDER BY `Privileges`.`name`");
$privileges_html = "";
$privileges_form = array();
foreach ($privileges as $priv) {
@ -64,18 +64,18 @@ function admin_groups() {
else
return error("Incomplete call, missing Groups ID.", true);
$room = sql_select("SELECT * FROM `Groups` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
$room = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
if (! is_array($_REQUEST['privileges']))
$_REQUEST['privileges'] = array();
if (count($room) > 0) {
list($room) = $room;
sql_query("DELETE FROM `GroupPrivileges` WHERE `group_id`=" . sql_escape($id));
sql_query("DELETE FROM `GroupPrivileges` WHERE `group_id`='" . sql_escape($id) . "'");
$privilege_names = array();
foreach ($_REQUEST['privileges'] as $priv) {
if (preg_match("/^[0-9]{1,}$/", $priv)) {
$group_privileges_source = sql_select("SELECT * FROM `Privileges` WHERE `id`=" . sql_escape($priv) . " LIMIT 1");
$group_privileges_source = sql_select("SELECT * FROM `Privileges` WHERE `id`='" . sql_escape($priv) . "' LIMIT 1");
if (count($group_privileges_source) > 0) {
sql_query("INSERT INTO `GroupPrivileges` SET `group_id`=" . sql_escape($id) . ", `privilege_id`=" . sql_escape($priv));
sql_query("INSERT INTO `GroupPrivileges` SET `group_id`='" . sql_escape($id) . "', `privilege_id`='" . sql_escape($priv) . "'");
$privilege_names[] = $group_privileges_source[0]['name'];
}
}

6
includes/pages/admin_news.php
Unescape Escape View File

@ -11,7 +11,7 @@ function admin_news() {
else
return error("Incomplete call, missing News ID.", true);
$news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
$news = sql_select("SELECT * FROM `News` WHERE `ID`='" . sql_escape($id) . "' LIMIT 1");
if (count($news) > 0) {
switch ($_REQUEST["action"]) {
default:
@ -44,7 +44,7 @@ function admin_news() {
`Text`='" . sql_escape($_POST["eText"]) . "',
`UID`='" . sql_escape($user['UID']) . "',
`Treffen`='" . sql_escape($_POST["eTreffen"]) . "'
WHERE `ID`=" . sql_escape($id));
WHERE `ID`='" . sql_escape($id) . "'");
engelsystem_log("News updated: " . $_POST["eBetreff"]);
success(_("News entry updated."));
redirect(page_link_to("news"));
@ -53,7 +53,7 @@ function admin_news() {
case 'delete':
list($news) = $news;
sql_query("DELETE FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
sql_query("DELETE FROM `News` WHERE `ID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("News deleted: " . $news['Betreff']);
success(_("News entry deleted."));
redirect(page_link_to("news"));

8
includes/pages/admin_questions.php
Unescape Escape View File

@ -82,12 +82,12 @@ function admin_questions() {
else
return error("Incomplete call, missing Question ID.", true);
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
if (count($question) > 0 && $question[0]['AID'] == null) {
$answer = trim(preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['answer'])));
if ($answer != "") {
sql_query("UPDATE `Questions` SET `AID`=" . sql_escape($user['UID']) . ", `Answer`='" . sql_escape($answer) . "' WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
sql_query("UPDATE `Questions` SET `AID`='" . sql_escape($user['UID']) . "', `Answer`='" . sql_escape($answer) . "' WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("Question " . $question[0]['Question'] . " answered: " . $answer);
redirect(page_link_to("admin_questions"));
} else
@ -101,9 +101,9 @@ function admin_questions() {
else
return error("Incomplete call, missing Question ID.", true);
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
if (count($question) > 0) {
sql_query("DELETE FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("Question deleted: " . $question[0]['Question']);
redirect(page_link_to("admin_questions"));
} else

16
includes/pages/admin_rooms.php
Unescape Escape View File

@ -35,13 +35,13 @@ function admin_rooms() {
}
if (test_request_int('id')) {
$room = sql_select("SELECT * FROM `Room` WHERE `RID`=" . sql_escape($_REQUEST['id']));
$room = sql_select("SELECT * FROM `Room` WHERE `RID`='" . sql_escape($_REQUEST['id']) . "'");
if (count($room) > 0) {
$id = $_REQUEST['id'];
$name = $room[0]['Name'];
$from_pentabarf = $room[0]['FromPentabarf'];
$public = $room[0]['show'];
$needed_angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`=" . sql_escape($id));
$needed_angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($id) . "'");
foreach ($needed_angeltypes as $needed_angeltype)
$angeltypes_count[$needed_angeltype['angel_type_id']] = $needed_angeltype['count'];
} else
@ -85,7 +85,7 @@ function admin_rooms() {
if ($ok) {
if (isset($id)) {
sql_query("UPDATE `Room` SET `Name`='" . sql_escape($name) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($public) . "', `Number`='" . sql_escape($number) . "' WHERE `RID`=" . sql_escape($id) . " LIMIT 1");
sql_query("UPDATE `Room` SET `Name`='" . sql_escape($name) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($public) . "', `Number`='" . sql_escape($number) . "' WHERE `RID`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("Room updated: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number);
} else {
sql_query("INSERT INTO `Room` SET `Name`='" . sql_escape($name) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($public) . "', `Number`='" . sql_escape($number) . "'");
@ -93,12 +93,12 @@ function admin_rooms() {
engelsystem_log("Room created: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number);
}
sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`=" . sql_escape($id));
sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($id) . "'");
$needed_angeltype_info = array();
foreach ($angeltypes_count as $angeltype_id => $angeltype_count) {
$angeltype_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`=" . sql_escape($angeltype_id) . " LIMIT 1");
$angeltype_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($angeltype_id) . "' LIMIT 1");
if (count($angeltype_source) > 0) {
sql_query("INSERT INTO `NeededAngelTypes` SET `room_id`=" . sql_escape($id) . ", `angel_type_id`=" . sql_escape($angeltype_id) . ", `count`=" . sql_escape($angeltype_count));
sql_query("INSERT INTO `NeededAngelTypes` SET `room_id`='" . sql_escape($id) . "', `angel_type_id`='" . sql_escape($angeltype_id) . "', `count`='" . sql_escape($angeltype_count) . "'");
$needed_angeltype_info[] = $angeltypes_source[0]['name'] . ": " . $angeltype_count;
}
}
@ -139,8 +139,8 @@ function admin_rooms() {
));
} elseif ($_REQUEST['show'] == 'delete') {
if (isset($_REQUEST['ack'])) {
sql_query("DELETE FROM `Room` WHERE `RID`=" . sql_escape($id) . " LIMIT 1");
sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`=" . sql_escape($id) . " LIMIT 1");
sql_query("DELETE FROM `Room` WHERE `RID`='" . sql_escape($id) . "' LIMIT 1");
sql_query("DELETE FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($id) . "' LIMIT 1");
engelsystem_log("Room deleted: " . $name);
success(sprintf(_("Room %s deleted."), $name));

6
includes/pages/admin_shifts.php
Unescape Escape View File

@ -143,7 +143,7 @@ function admin_shifts() {
if ($ok) {
if ($angelmode == 'location') {
$needed_angel_types = array();
$needed_angel_types_location = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`=" . sql_escape($rid));
$needed_angel_types_location = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($rid) . "'");
foreach ($needed_angel_types_location as $type)
$needed_angel_types[$type['angel_type_id']] = $type['count'];
}
@ -272,9 +272,9 @@ function admin_shifts() {
engelsystem_log("Shift created: " . $shifttypes[$shift['shifttype_id']] . " with title " . $shift['title'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']));
$needed_angel_types_info = array();
foreach ($_SESSION['admin_shifts_types'] as $type_id => $count) {
$angel_type_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`=" . sql_escape($type_id) . " LIMIT 1");
$angel_type_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($type_id) . "' LIMIT 1");
if (count($angel_type_source) > 0) {
sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`=" . sql_escape($shift_id) . ", `angel_type_id`=" . sql_escape($type_id) . ", `count`=" . sql_escape($count));
sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`='" . sql_escape($shift_id) . "', `angel_type_id`='" . sql_escape($type_id) . "', `count`='" . sql_escape($count) . "'");
$needed_angel_types_info[] = $angel_type_source[0]['name'] . ": " . $count;
}
}

24
includes/pages/admin_user.php
Unescape Escape View File

@ -93,11 +93,11 @@ function admin_user() {
$html .= "<hr />";
$my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($user['UID']) . " ORDER BY `uid` LIMIT 1");
$my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `uid` LIMIT 1");
if (count($my_highest_group) > 0)
$my_highest_group = $my_highest_group[0]['group_id'];
$his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($id) . " ORDER BY `uid` LIMIT 1");
$his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "' ORDER BY `uid` LIMIT 1");
if (count($his_highest_group) > 0)
$his_highest_group = $his_highest_group[0]['group_id'];
@ -105,7 +105,7 @@ function admin_user() {
$html .= "Hier kannst Du die Benutzergruppen des Engels festlegen:<form action=\"" . page_link_to("admin_user") . "&action=save_groups&id=" . $id . "\" method=\"post\">\n";
$html .= '<table>';
$groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group) . " ORDER BY `Groups`.`Name`");
$groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group) . "' ORDER BY `Groups`.`Name`");
foreach ($groups as $group)
$html .= '<tr><td><input type="checkbox" name="groups[]" value="' . $group['UID'] . '"' . ($group['group_id'] != "" ? ' checked="checked"' : '') . ' /></td><td>' . $group['Name'] . '</td></tr>';
@ -126,11 +126,11 @@ function admin_user() {
switch ($_REQUEST['action']) {
case 'save_groups':
if ($id != $user['UID']) {
$my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($user['UID']) . " ORDER BY `group_id`");
$his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($id) . " ORDER BY `group_id`");
$my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `group_id`");
$his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "' ORDER BY `group_id`");
if (count($my_highest_group) > 0 && (count($his_highest_group) == 0 || ($my_highest_group[0]['group_id'] <= $his_highest_group[0]['group_id']))) {
$groups_source = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group[0]['group_id']) . " ORDER BY `Groups`.`Name`");
$groups_source = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group[0]['group_id']) . "' ORDER BY `Groups`.`Name`");
$groups = array();
$grouplist = array();
foreach ($groups_source as $group) {
@ -141,11 +141,11 @@ function admin_user() {
if (! is_array($_REQUEST['groups']))
$_REQUEST['groups'] = array();
sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id));
sql_query("DELETE FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "'");
$user_groups_info = array();
foreach ($_REQUEST['groups'] as $group) {
if (in_array($group, $grouplist)) {
sql_query("INSERT INTO `UserGroups` SET `uid`=" . sql_escape($id) . ", `group_id`=" . sql_escape($group));
sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($id) . "', `group_id`='" . sql_escape($group) . "'");
$user_groups_info[] = $groups[$group]['Name'];
}
}
@ -163,8 +163,8 @@ function admin_user() {
case 'delete':
if ($user['UID'] != $id) {
$user_source = sql_select("SELECT `Nick`, `UID` FROM `User` WHERE `UID` = '" . sql_escape($id) . "' LIMIT 1");
sql_query("DELETE FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id));
sql_query("DELETE FROM `User` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
sql_query("DELETE FROM `UserGroups` WHERE `uid`='" . sql_escape($id) . "'");
engelsystem_log("Deleted user " . User_Nick_render($user_source));
$html .= success("Benutzer gelöscht!", true);
} else {
@ -185,7 +185,7 @@ function admin_user() {
`Alter` = '" . sql_escape($_POST["eAlter"]) . "',
`DECT` = '" . sql_escape($_POST["eDECT"]) . "',
`email` = '" . sql_escape($_POST["eemail"]) . "',
`email_shiftinfo` = " . sql_escape(isset($_REQUEST['email_shiftinfo']) ? 'TRUE' : 'FALSE') . ",
`email_shiftinfo` = " . sql_bool(isset($_REQUEST['email_shiftinfo'])) . ",
`jabber` = '" . sql_escape($_POST["ejabber"]) . "',
`Size` = '" . sql_escape($_POST["eSize"]) . "',
`Gekommen`= '" . sql_escape($_POST["eGekommen"]) . "',
@ -194,7 +194,7 @@ function admin_user() {
`Tshirt` = '" . sql_escape($_POST["eTshirt"]) . "',
`Hometown` = '" . sql_escape($_POST["Hometown"]) . "'
WHERE `UID` = '" . sql_escape($id) . "'
LIMIT 1;";
LIMIT 1";
sql_query($SQL);
engelsystem_log("Updated user: " . $_POST["eNick"] . ", " . $_POST["eSize"] . ", arrived: " . $_POST["eGekommen"] . ", active: " . $_POST["eAktiv"] . ", tshirt: " . $_POST["eTshirt"]);
$html .= success("Änderung wurde gespeichert...\n", true);

8
includes/pages/guest_login.php
Unescape Escape View File

@ -122,7 +122,7 @@ function guest_register() {
if ($ok) {
sql_query("
INSERT INTO `User` SET
`color`=" . sql_escape($default_theme) . ",
`color`='" . sql_escape($default_theme) . "',
`Nick`='" . sql_escape($nick) . "',
`Vorname`='" . sql_escape($prename) . "',
`Name`='" . sql_escape($lastname) . "',
@ -131,7 +131,7 @@ function guest_register() {
`DECT`='" . sql_escape($dect) . "',
`Handy`='" . sql_escape($mobile) . "',
`email`='" . sql_escape($mail) . "',
`email_shiftinfo`=" . sql_escape($email_shiftinfo ? 'TRUE' : 'FALSE') . ",
`email_shiftinfo`='" . sql_escape($email_shiftinfo ? 'TRUE' : 'FALSE') . "',
`jabber`='" . sql_escape($jabber) . "',
`Size`='" . sql_escape($tshirt_size) . "',
`Passwort`='" . sql_escape($password_hash) . "',
@ -142,13 +142,13 @@ function guest_register() {
// Assign user-group and set password
$user_id = sql_id();
sql_query("INSERT INTO `UserGroups` SET `uid`=" . sql_escape($user_id) . ", `group_id`=-2");
sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($user_id) . "', `group_id`=-2");
set_password($user_id, $_REQUEST['password']);
// Assign angel-types
$user_angel_types_info = array();
foreach ($selected_angel_types as $selected_angel_type_id) {
sql_query("INSERT INTO `UserAngelTypes` SET `user_id`=" . sql_escape($user_id) . ", `angeltype_id`=" . sql_escape($selected_angel_type_id));
sql_query("INSERT INTO `UserAngelTypes` SET `user_id`='" . sql_escape($user_id) . "', `angeltype_id`='" . sql_escape($selected_angel_type_id) . "'");
$user_angel_types_info[] = $angel_types[$selected_angel_type_id];
}
engelsystem_log("User " . $nick . " signed up as: " . join(", ", $user_angel_types_info));

2
includes/pages/user_ical.php
Unescape Escape View File

@ -28,7 +28,7 @@ function user_ical() {
INNER JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`)
JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
INNER JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`)
WHERE `UID`=" . sql_escape($user['UID']) . "
WHERE `UID`='" . sql_escape($user['UID']) . "'
ORDER BY `start`");
}

14
includes/pages/user_messages.php
Unescape Escape View File

@ -7,7 +7,7 @@ function user_unread_messages() {
global $user;
if (isset($user)) {
$new_messages = sql_num_query("SELECT * FROM `Messages` WHERE isRead='N' AND `RUID`=" . sql_escape($user['UID']));
$new_messages = sql_num_query("SELECT * FROM `Messages` WHERE isRead='N' AND `RUID`='" . sql_escape($user['UID']) . "'");
if ($new_messages > 0)
return ' <span class="badge danger">' . $new_messages . '</span>';
}
@ -18,7 +18,7 @@ function user_messages() {
global $user;
if (! isset($_REQUEST['action'])) {
$users = sql_select("SELECT * FROM `User` WHERE NOT `UID`=" . sql_escape($user['UID']) . " ORDER BY `Nick`");
$users = sql_select("SELECT * FROM `User` WHERE NOT `UID`='" . sql_escape($user['UID']) . "' ORDER BY `Nick`");
$to_select_data = array(
"" => _("Select recipient...")
@ -29,7 +29,7 @@ function user_messages() {
$to_select = html_select_key('to', 'to', $to_select_data, '');
$messages = sql_select("SELECT * FROM `Messages` WHERE `SUID`=" . sql_escape($user['UID']) . " OR `RUID`=" . sql_escape($user['UID']) . " ORDER BY `isRead`,`Datum` DESC");
$messages = sql_select("SELECT * FROM `Messages` WHERE `SUID`='" . sql_escape($user['UID']) . "' OR `RUID`='" . sql_escape($user['UID']) . "' ORDER BY `isRead`,`Datum` DESC");
foreach ($messages as $message) {
$sender_user_source = User($message['SUID']);
if ($sender_user_source === false)
@ -84,9 +84,9 @@ function user_messages() {
else
return error(_("Incomplete call, missing Message ID."), true);
$message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
$message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) {
sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`=" . sql_escape($id) . " LIMIT 1");
sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
redirect(page_link_to("user_messages"));
} else
return error(_("No Message found."), true);
@ -98,9 +98,9 @@ function user_messages() {
else
return error(_("Incomplete call, missing Message ID."), true);
$message = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
$message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) {
sql_query("DELETE FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
sql_query("DELETE FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
redirect(page_link_to("user_messages"));
} else
return error(_("No Message found."), true);

10
includes/pages/user_myshifts.php
Unescape Escape View File

@ -10,13 +10,13 @@ function user_myshifts() {
global $user, $privileges;
$msg = "";
if (isset($_REQUEST['id']) && in_array("user_shifts_admin", $privileges) && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($_REQUEST['id'])) > 0) {
if (isset($_REQUEST['id']) && in_array("user_shifts_admin", $privileges) && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($_REQUEST['id']) . "'") > 0) {
$id = $_REQUEST['id'];
} else {
$id = $user['UID'];
}
list($shifts_user) = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
list($shifts_user) = sql_select("SELECT * FROM `User` WHERE `UID`='" . sql_escape($id) . "' LIMIT 1");
if (isset($_REQUEST['reset'])) {
if ($_REQUEST['reset'] == "ack") {
@ -44,8 +44,8 @@ function user_myshifts() {
JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`)
JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`)
WHERE `ShiftEntry`.`id`=" . sql_escape($id) . "
AND `UID`=" . sql_escape($shifts_user['UID']) . " LIMIT 1");
WHERE `ShiftEntry`.`id`='" . sql_escape($id) . "'
AND `UID`='" . sql_escape($shifts_user['UID']) . "' LIMIT 1");
if (count($shift) > 0) {
$shift = $shift[0];
@ -82,7 +82,7 @@ function user_myshifts() {
SELECT `Shifts`.`start`
FROM `Shifts`
INNER JOIN `ShiftEntry` USING (`SID`)
WHERE `ShiftEntry`.`id`=" . sql_escape($id) . " AND `UID`=" . sql_escape($shifts_user['UID']));
WHERE `ShiftEntry`.`id`='" . sql_escape($id) . "' AND `UID`='" . sql_escape($shifts_user['UID']) . "'");
if (count($shift) > 0) {
$shift = $shift[0];
if (($shift['start'] > time() + $LETZTES_AUSTRAGEN * 3600) || in_array('user_shifts_admin', $privileges)) {

4
includes/pages/user_news.php
Unescape Escape View File

@ -73,9 +73,9 @@ function user_news_comments() {
global $user;
$html = '<div class="col-md-12"><h1>' . user_news_comments_title() . '</h1>';
if (isset($_REQUEST["nid"]) && preg_match("/^[0-9]{1,}$/", $_REQUEST['nid']) && sql_num_query("SELECT * FROM `News` WHERE `ID`=" . sql_escape($_REQUEST['nid']) . " LIMIT 1") > 0) {
if (isset($_REQUEST["nid"]) && preg_match("/^[0-9]{1,}$/", $_REQUEST['nid']) && sql_num_query("SELECT * FROM `News` WHERE `ID`='" . sql_escape($_REQUEST['nid']) . "' LIMIT 1") > 0) {
$nid = $_REQUEST["nid"];
list($news) = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($nid) . " LIMIT 1");
list($news) = sql_select("SELECT * FROM `News` WHERE `ID`='" . sql_escape($nid) . "' LIMIT 1");
if (isset($_REQUEST["text"])) {
$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text']));
sql_query("INSERT INTO `NewsComments` (`Refid`, `Datum`, `Text`, `UID`) VALUES ('" . sql_escape($nid) . "', '" . date("Y-m-d H:i:s") . "', '" . sql_escape($text) . "', '" . sql_escape($user["UID"]) . "')");

10
includes/pages/user_questions.php
Unescape Escape View File

@ -7,9 +7,9 @@ function user_questions() {
global $user;
if (! isset($_REQUEST['action'])) {
$open_questions = sql_select("SELECT * FROM `Questions` WHERE `AID` IS NULL AND `UID`=" . sql_escape($user['UID']));
$open_questions = sql_select("SELECT * FROM `Questions` WHERE `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'");
$answered_questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL AND `UID`=" . sql_escape($user['UID']));
$answered_questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'");
foreach ($answered_questions as &$question) {
$answer_user_source = User($question['AID']);
if ($answer_user_source === false)
@ -23,7 +23,7 @@ function user_questions() {
case 'ask':
$question = strip_request_item_nl('question');
if ($question != "") {
$result = sql_query("INSERT INTO `Questions` SET `UID`=" . sql_escape($user['UID']) . ", `Question`='" . sql_escape($question) . "'");
$result = sql_query("INSERT INTO `Questions` SET `UID`='" . sql_escape($user['UID']) . "', `Question`='" . sql_escape($question) . "'");
if ($result === false)
engelsystem_error(_("Unable to save question."));
success(_("You question was saved."));
@ -39,9 +39,9 @@ function user_questions() {
else
return error(_("Incomplete call, missing Question ID."), true);
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
$question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
if (count($question) > 0 && $question[0]['UID'] == $user['UID']) {
sql_query("DELETE FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1");
sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1");
redirect(page_link_to("user_questions"));
} else
return page_with_title(questions_title(), array(

8
includes/pages/user_settings.php
Unescape Escape View File

@ -82,11 +82,11 @@ function user_settings() {
`DECT`='" . sql_escape($dect) . "',
`Handy`='" . sql_escape($mobile) . "',
`email`='" . sql_escape($mail) . "',
`email_shiftinfo`=" . sql_escape($email_shiftinfo ? 'TRUE' : 'FALSE') . ",
`email_shiftinfo`='" . sql_escape($email_shiftinfo ? 'TRUE' : 'FALSE') . "',
`jabber`='" . sql_escape($jabber) . "',
`Size`='" . sql_escape($tshirt_size) . "',
`Hometown`='" . sql_escape($hometown) . "'
WHERE `UID`=" . sql_escape($user['UID']));
WHERE `UID`='" . sql_escape($user['UID']) . "'");
success(_("Settings saved."));
redirect(page_link_to('user_settings'));
@ -114,7 +114,7 @@ function user_settings() {
$ok = false;
if ($ok) {
sql_query("UPDATE `User` SET `color`='" . sql_escape($selected_theme) . "' WHERE `UID`=" . sql_escape($user['UID']));
sql_query("UPDATE `User` SET `color`='" . sql_escape($selected_theme) . "' WHERE `UID`='" . sql_escape($user['UID']) . "'");
success(_("Theme changed."));
redirect(page_link_to('user_settings'));
@ -128,7 +128,7 @@ function user_settings() {
$ok = false;
if ($ok) {
sql_query("UPDATE `User` SET `Sprache`='" . sql_escape($selected_language) . "' WHERE `UID`=" . sql_escape($user['UID']));
sql_query("UPDATE `User` SET `Sprache`='" . sql_escape($selected_language) . "' WHERE `UID`='" . sql_escape($user['UID']) . "'");
$_SESSION['locale'] = $selected_language;
success("Language changed.");

46
includes/pages/user_shifts.php
Unescape Escape View File

@ -31,7 +31,7 @@ function user_shifts() {
JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`)
JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`)
WHERE `ShiftEntry`.`id`=" . sql_escape($entry_id));
WHERE `ShiftEntry`.`id`='" . sql_escape($entry_id) . "'");
if (count($shift_entry_source) > 0) {
$shift_entry_source = $shift_entry_source[0];
@ -58,7 +58,7 @@ function user_shifts() {
SELECT `ShiftTypes`.`name`, `Shifts`.*, `Room`.* FROM `Shifts`
JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`)
JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)
WHERE `SID`=" . sql_escape($shift_id));
WHERE `SID`='" . sql_escape($shift_id) . "'");
if (count($shift) == 0)
redirect(page_link_to('user_shifts'));
$shift = $shift[0];
@ -78,14 +78,14 @@ function user_shifts() {
$shifttypes[$shifttype['id']] = $shifttype['name'];
// Benötigte Engeltypen vom Raum
$needed_angel_types_source = sql_select("SELECT `AngelTypes`.*, `NeededAngelTypes`.`count` FROM `AngelTypes` LEFT JOIN `NeededAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id` AND `NeededAngelTypes`.`room_id`=" . sql_escape($shift['RID']) . ") ORDER BY `AngelTypes`.`name`");
$needed_angel_types_source = sql_select("SELECT `AngelTypes`.*, `NeededAngelTypes`.`count` FROM `AngelTypes` LEFT JOIN `NeededAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id` AND `NeededAngelTypes`.`room_id`='" . sql_escape($shift['RID']) . "') ORDER BY `AngelTypes`.`name`");
foreach ($needed_angel_types_source as $type) {
if ($type['count'] != "")
$needed_angel_types[$type['id']] = $type['count'];
}
// Benötigte Engeltypen von der Schicht
$needed_angel_types_source = sql_select("SELECT `AngelTypes`.*, `NeededAngelTypes`.`count` FROM `AngelTypes` LEFT JOIN `NeededAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id` AND `NeededAngelTypes`.`shift_id`=" . sql_escape($shift_id) . ") ORDER BY `AngelTypes`.`name`");
$needed_angel_types_source = sql_select("SELECT `AngelTypes`.*, `NeededAngelTypes`.`count` FROM `AngelTypes` LEFT JOIN `NeededAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id` AND `NeededAngelTypes`.`shift_id`='" . sql_escape($shift_id) . "') ORDER BY `AngelTypes`.`name`");
foreach ($needed_angel_types_source as $type) {
if ($type['count'] != "")
$needed_angel_types[$type['id']] = $type['count'];
@ -154,10 +154,10 @@ function user_shifts() {
$result = Shift_update($shift);
if ($result === false)
engelsystem_error('Unable to update shift.');
sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`=" . sql_escape($shift_id));
sql_query("DELETE FROM `NeededAngelTypes` WHERE `shift_id`='" . sql_escape($shift_id) . "'");
$needed_angel_types_info = array();
foreach ($needed_angel_types as $type_id => $count) {
sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`=" . sql_escape($shift_id) . ", `angel_type_id`=" . sql_escape($type_id) . ", `count`=" . sql_escape($count));
sql_query("INSERT INTO `NeededAngelTypes` SET `shift_id`='" . sql_escape($shift_id) . "', `angel_type_id`='" . sql_escape($type_id) . "', `count`='" . sql_escape($count) . "'");
$needed_angel_types_info[] = $angel_types[$type_id]['name'] . ": " . $count;
}
@ -247,7 +247,7 @@ function user_shifts() {
if (! in_array('user_shifts_admin', $privileges) && sql_num_query("
SELECT `Shifts`.`SID`
FROM `Shifts`
INNER JOIN `ShiftEntry` ON (`Shifts`.`SID` = `ShiftEntry`.`SID` AND `ShiftEntry`.`UID` = " . sql_escape($user['UID']) . ")
INNER JOIN `ShiftEntry` ON (`Shifts`.`SID` = `ShiftEntry`.`SID` AND `ShiftEntry`.`UID` = '" . sql_escape($user['UID']) . "')
WHERE `start` < '" . sql_escape($shift['end']) . "' AND `end` > '" . sql_escape($shift['start']) . "'") > 0) {
error(_("You already subscribed to shift in the same timeslot. Please contact a dispatcher to join the shift."));
redirect(shift_link($shift));
@ -266,9 +266,9 @@ function user_shifts() {
}
if (in_array('user_shifts_admin', $privileges))
$type = sql_select("SELECT * FROM `AngelTypes` WHERE `id`=" . sql_escape($type_id) . " LIMIT 1");
$type = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($type_id) . "' LIMIT 1");
else
$type = sql_select("SELECT * FROM `UserAngelTypes` JOIN `AngelTypes` ON (`UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`) WHERE `AngelTypes`.`id` = " . sql_escape($type_id) . " AND (`AngelTypes`.`restricted` = 0 OR (`UserAngelTypes`.`user_id` = " . sql_escape($user['UID']) . " AND NOT `UserAngelTypes`.`confirm_user_id` IS NULL)) LIMIT 1");
$type = sql_select("SELECT * FROM `UserAngelTypes` JOIN `AngelTypes` ON (`UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`) WHERE `AngelTypes`.`id` = '" . sql_escape($type_id) . "' AND (`AngelTypes`.`restricted` = 0 OR (`UserAngelTypes`.`user_id` = '" . sql_escape($user['UID']) . "' AND NOT `UserAngelTypes`.`confirm_user_id` IS NULL)) LIMIT 1");
if (count($type) == 0)
redirect(page_link_to('user_shifts'));
@ -282,10 +282,10 @@ function user_shifts() {
else
$user_id = $user['UID'];
if (sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($user_id) . " LIMIT 1") == 0)
if (sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1") == 0)
redirect(page_link_to('user_shifts'));
if (isset($_REQUEST['angeltype_id']) && test_request_int('angeltype_id') && sql_num_query("SELECT * FROM `AngelTypes` WHERE `id`=" . sql_escape($_REQUEST['angeltype_id']) . " LIMIT 1") > 0)
if (isset($_REQUEST['angeltype_id']) && test_request_int('angeltype_id') && sql_num_query("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($_REQUEST['angeltype_id']) . "' LIMIT 1") > 0)
$selected_type_id = $_REQUEST['angeltype_id'];
} else
$user_id = $user['UID'];
@ -370,7 +370,7 @@ function view_user_shifts() {
if (in_array('user_shifts_admin', $privileges))
$types = sql_select("SELECT `id`, `name` FROM `AngelTypes` ORDER BY `AngelTypes`.`name`");
else
$types = sql_select("SELECT `AngelTypes`.`id`, `AngelTypes`.`name`, (`AngelTypes`.`restricted`=0 OR (NOT `UserAngelTypes`.`confirm_user_id` IS NULL OR `UserAngelTypes`.`id` IS NULL)) as `enabled` FROM `AngelTypes` LEFT JOIN `UserAngelTypes` ON (`UserAngelTypes`.`angeltype_id`=`AngelTypes`.`id` AND `UserAngelTypes`.`user_id`=" . sql_escape($user['UID']) . ") ORDER BY `AngelTypes`.`name`");
$types = sql_select("SELECT `AngelTypes`.`id`, `AngelTypes`.`name`, (`AngelTypes`.`restricted`=0 OR (NOT `UserAngelTypes`.`confirm_user_id` IS NULL OR `UserAngelTypes`.`id` IS NULL)) as `enabled` FROM `AngelTypes` LEFT JOIN `UserAngelTypes` ON (`UserAngelTypes`.`angeltype_id`=`AngelTypes`.`id` AND `UserAngelTypes`.`user_id`='" . sql_escape($user['UID']) . "') ORDER BY `AngelTypes`.`name`");
if (empty($types))
$types = sql_select("SELECT `id`, `name` FROM `AngelTypes` WHERE `restricted` = 0");
$filled = array(
@ -471,10 +471,10 @@ function view_user_shifts() {
if (count($_SESSION['user_shifts']['filled']) == 1) {
if ($_SESSION['user_shifts']['filled'][0] == 0)
$SQL .= "
AND (nat.`count` > entries.`count` OR entries.`count` IS NULL OR EXISTS (SELECT `SID` FROM `ShiftEntry` WHERE `UID` = " . sql_escape($user['UID']) . " AND `ShiftEntry`.`SID` = `Shifts`.`SID`))";
AND (nat.`count` > entries.`count` OR entries.`count` IS NULL OR EXISTS (SELECT `SID` FROM `ShiftEntry` WHERE `UID` = '" . sql_escape($user['UID']) . "' AND `ShiftEntry`.`SID` = `Shifts`.`SID`))";
elseif ($_SESSION['user_shifts']['filled'][0] == 1)
$SQL .= "
AND (nat.`count` <= entries.`count` OR EXISTS (SELECT `SID` FROM `ShiftEntry` WHERE `UID` = " . sql_escape($user['UID']) . " AND `ShiftEntry`.`SID` = `Shifts`.`SID`))";
AND (nat.`count` <= entries.`count` OR EXISTS (SELECT `SID` FROM `ShiftEntry` WHERE `UID` = '" . sql_escape($user['UID']) . "' AND `ShiftEntry`.`SID` = `Shifts`.`SID`))";
}
$SQL .= "
ORDER BY `start`";
@ -601,14 +601,14 @@ function view_user_shifts() {
$query = "SELECT `NeededAngelTypes`.`count`, `AngelTypes`.`id`, `AngelTypes`.`restricted`, `UserAngelTypes`.`confirm_user_id`, `AngelTypes`.`name`, `UserAngelTypes`.`user_id`
FROM `NeededAngelTypes`
JOIN `AngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id`)
LEFT JOIN `UserAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `UserAngelTypes`.`angeltype_id`AND `UserAngelTypes`.`user_id`=" . sql_escape($user['UID']) . ")
LEFT JOIN `UserAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `UserAngelTypes`.`angeltype_id`AND `UserAngelTypes`.`user_id`='" . sql_escape($user['UID']) . "')
WHERE
`count` > 0
AND ";
if ($shift['has_special_needs'])
$query .= "`shift_id` = " . sql_escape($shift['SID']);
$query .= "`shift_id` = '" . sql_escape($shift['SID']) . "'";
else
$query .= "`room_id` = " . sql_escape($shift['RID']);
$query .= "`room_id` = '" . sql_escape($shift['RID']) . "'";
if (! empty($_SESSION['user_shifts']['types']))
$query .= " AND `angel_type_id` IN (" . implode(',', $_SESSION['user_shifts']['types']) . ") ";
$query .= " ORDER BY `AngelTypes`.`name`";
@ -616,7 +616,7 @@ function view_user_shifts() {
if (count($angeltypes) > 0) {
foreach ($angeltypes as $angeltype) {
$entries = sql_select("SELECT * FROM `ShiftEntry` JOIN `User` ON (`ShiftEntry`.`UID` = `User`.`UID`) WHERE `SID`=" . sql_escape($shift['SID']) . " AND `TID`=" . sql_escape($angeltype['id']) . " ORDER BY `Nick`");
$entries = sql_select("SELECT * FROM `ShiftEntry` JOIN `User` ON (`ShiftEntry`.`UID` = `User`.`UID`) WHERE `SID`='" . sql_escape($shift['SID']) . "' AND `TID`='" . sql_escape($angeltype['id']) . "' ORDER BY `Nick`");
$entry_list = array();
$freeloader = 0;
foreach ($entries as $entry) {
@ -732,22 +732,22 @@ function view_user_shifts() {
$query = "SELECT `NeededAngelTypes`.`count`, `AngelTypes`.`id`, `AngelTypes`.`restricted`, `UserAngelTypes`.`confirm_user_id`, `AngelTypes`.`name`, `UserAngelTypes`.`user_id`
FROM `NeededAngelTypes`
JOIN `AngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `AngelTypes`.`id`)
LEFT JOIN `UserAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `UserAngelTypes`.`angeltype_id`AND `UserAngelTypes`.`user_id`=" . sql_escape($user['UID']) . ")
LEFT JOIN `UserAngelTypes` ON (`NeededAngelTypes`.`angel_type_id` = `UserAngelTypes`.`angeltype_id`AND `UserAngelTypes`.`user_id`='" . sql_escape($user['UID']) . "')
WHERE ";
if ($shift_has_special_needs)
$query .= "`shift_id` = " . sql_escape($shift['SID']);
$query .= "`shift_id` = '" . sql_escape($shift['SID']) . "'";
else
$query .= "`room_id` = " . sql_escape($shift['RID']);
$query .= "`room_id` = '" . sql_escape($shift['RID']) . "'";
$query .= " AND `count` > 0 ";
if (! empty($_SESSION['user_shifts']['types']))
$query .= "AND `angel_type_id` IN (" . implode(',', $_SESSION['user_shifts']['types']) . ") ";
$query .= "ORDER BY `AngelTypes`.`name`";
$angeltypes = sql_select($query);
if (count($angeltypes) > 0) {
$my_shift = sql_num_query("SELECT * FROM `ShiftEntry` WHERE `SID`=" . sql_escape($shift['SID']) . " AND `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0;
$my_shift = sql_num_query("SELECT * FROM `ShiftEntry` WHERE `SID`='" . sql_escape($shift['SID']) . "' AND `UID`='" . sql_escape($user['UID']) . "' LIMIT 1") > 0;
foreach ($angeltypes as &$angeltype) {
$entries = sql_select("SELECT * FROM `ShiftEntry` JOIN `User` ON (`ShiftEntry`.`UID` = `User`.`UID`) WHERE `SID`=" . sql_escape($shift['SID']) . " AND `TID`=" . sql_escape($angeltype['id']) . " ORDER BY `Nick`");
$entries = sql_select("SELECT * FROM `ShiftEntry` JOIN `User` ON (`ShiftEntry`.`UID` = `User`.`UID`) WHERE `SID`='" . sql_escape($shift['SID']) . "' AND `TID`='" . sql_escape($angeltype['id']) . "' ORDER BY `Nick`");
$entry_list = array();
$freeloader = 0;
foreach ($entries as $entry) {

8
includes/sys_auth.php
Unescape Escape View File

@ -6,7 +6,7 @@ function load_auth() {
$user = null;
if (isset($_SESSION['uid'])) {
$user = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($_SESSION['uid']) . " LIMIT 1");
$user = sql_select("SELECT * FROM `User` WHERE `UID`='" . sql_escape($_SESSION['uid']) . "' LIMIT 1");
if (count($user) > 0) {
// User ist eingeloggt, Datensatz zur Verfügung stellen und Timestamp updaten
list ($user) = $user;
@ -70,7 +70,7 @@ function json_auth_service() {
if (count($Erg) == 1) {
$Erg = $Erg[0];
if (verify_password($Pass, $Erg["Passwort"], $Erg["UID"])) {
$user_privs = sql_select("SELECT `Privileges`.`name` FROM `User` JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`) JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`) JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `User`.`UID`=" . sql_escape($UID) . ";");
$user_privs = sql_select("SELECT `Privileges`.`name` FROM `User` JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`) JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`) JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `User`.`UID`='" . sql_escape($UID) . "'");
foreach ($user_privs as $user_priv)
$privileges[] = $user_priv['name'];
@ -93,7 +93,7 @@ function json_auth_service() {
function privileges_for_user($user_id) {
$privileges = array ();
$user_privs = sql_select("SELECT `Privileges`.`name` FROM `User` JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`) JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`) JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `User`.`UID`=" . sql_escape($user_id) . ";");
$user_privs = sql_select("SELECT `Privileges`.`name` FROM `User` JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`) JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`) JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `User`.`UID`='" . sql_escape($user_id) . "'");
foreach ($user_privs as $user_priv)
$privileges[] = $user_priv['name'];
return $privileges;
@ -101,7 +101,7 @@ function privileges_for_user($user_id) {
function privileges_for_group($group_id) {
$privileges = array ();
$groups_privs = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`=" . sql_escape($group_id));
$groups_privs = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`='" . sql_escape($group_id) . "'");
foreach ($groups_privs as $guest_priv)
$privileges[] = $guest_priv['name'];
return $privileges;

Write Preview
Loading…
Cancel
Save