update for php7

This commit is contained in:
Manuel Weiser 2018-08-04 11:50:40 +02:00
parent 8495e84989
commit 9f7da5deb9
12 changed files with 108 additions and 99 deletions

View File

@ -39,7 +39,7 @@ if( $_SESSION["admin"] != 1 ) exit;
if( $_GET["show"] == 'dme' && !$_GET["do"] ) if( $_GET["show"] == 'dme' && !$_GET["do"] )
{ {
// Alle DME ohne Organisation holen // Alle DME ohne Organisation holen
$result = mysqli_query("SELECT id, adresse, bezeichnung, rec_typ FROM ric_zvei WHERE org_id = '0' ORDER BY bezeichnung ASC") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT id, adresse, bezeichnung, rec_typ FROM ric_zvei WHERE org_id = '0' ORDER BY bezeichnung ASC") or die (mysqli_error());
while($row = mysqli_fetch_array($result)) while($row = mysqli_fetch_array($result))
{ {
$show_all .= ' $show_all .= '
@ -61,7 +61,7 @@ if( $_GET["show"] == 'dme' && !$_GET["do"] )
elseif( $_GET["show"] == 'dme' && $_GET["do"] == 'update' ) elseif( $_GET["show"] == 'dme' && $_GET["do"] == 'update' )
{ {
// Zusammenstellung bekannter Organisationen // Zusammenstellung bekannter Organisationen
$result = mysqli_query("SELECT id, org_name, org FROM organisation ORDER BY org ASC, org_name ASC") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT id, org_name, org FROM organisation ORDER BY org ASC, org_name ASC") or die (mysqli_error());
while($row = mysqli_fetch_array($result)) while($row = mysqli_fetch_array($result))
{ {
if( $_REQUEST["org"] == $row["id"] ) { $selected = 'selected'; } else { $selected = ''; } if( $_REQUEST["org"] == $row["id"] ) { $selected = 'selected'; } else { $selected = ''; }
@ -69,7 +69,7 @@ elseif( $_GET["show"] == 'dme' && $_GET["do"] == 'update' )
} }
// Zusammenstellung der Formatierungen // Zusammenstellung der Formatierungen
$result = mysqli_query("SELECT id, beschreibung FROM formatierung ORDER BY beschreibung ASC") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT id, beschreibung FROM formatierung ORDER BY beschreibung ASC") or die (mysqli_error());
while($row = mysqli_fetch_array($result)) while($row = mysqli_fetch_array($result))
{ {
if( $_REQUEST["form"] == $row["id"] ) { $selected = 'selected'; } else { $selected = ''; } if( $_REQUEST["form"] == $row["id"] ) { $selected = 'selected'; } else { $selected = ''; }
@ -77,7 +77,7 @@ elseif( $_GET["show"] == 'dme' && $_GET["do"] == 'update' )
} }
// Abfrage des verlangten Datensatzes // Abfrage des verlangten Datensatzes
$result = mysqli_query("SELECT id, adresse, bezeichnung, rec_typ FROM ric_zvei WHERE id = '$_GET[id]'") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT id, adresse, bezeichnung, rec_typ FROM ric_zvei WHERE id = '$_GET[id]'") or die (mysqli_error());
$row = mysqli_fetch_array($result); $row = mysqli_fetch_array($result);
// Seiteninhalt ausgeben // Seiteninhalt ausgeben
@ -88,13 +88,13 @@ elseif( $_GET["show"] == 'dme' && $_GET["do"] == 'update' )
// Wenn dme l<>schen // Wenn dme l<>schen
elseif( $_GET["show"] == 'dme' && $_GET["do"] == 'delete' ) elseif( $_GET["show"] == 'dme' && $_GET["do"] == 'delete' )
{ {
$result = mysqli_query("DELETE FROM ric_zvei WHERE id = '$_GET[id]'") or die (mysqli_error()); $result = mysqli_query($dbconn, "DELETE FROM ric_zvei WHERE id = '$_GET[id]'") or die (mysqli_error());
$result = mysqli_query("DELETE FROM alarm2mail WHERE adresse = '$_GET[adresse]'") or die (mysqli_error()); $result = mysqli_query($dbconn, "DELETE FROM alarm2mail WHERE adresse = '$_GET[adresse]'") or die (mysqli_error());
// Pr<50>fen ob noch weitere Eintr<74>ge zur Org da sind, wenn nicht l<>schen // Pr<50>fen ob noch weitere Eintr<74>ge zur Org da sind, wenn nicht l<>schen
if( $_GET["org"] ) if( $_GET["org"] )
{ {
$result = mysqli_query("SELECT a.id AS dme_id, b.id AS kfz_id $result = mysqli_query($dbconn, "SELECT a.id AS dme_id, b.id AS kfz_id
FROM ric_zvei a FROM ric_zvei a
LEFT JOIN kfz_fms b ON b.org_id = $_GET[org] LEFT JOIN kfz_fms b ON b.org_id = $_GET[org]
WHERE a.org_id = '$_GET[org]' OR b.org_id = '$_GET[org]'") or die (mysqli_error()); WHERE a.org_id = '$_GET[org]' OR b.org_id = '$_GET[org]'") or die (mysqli_error());
@ -102,7 +102,7 @@ elseif( $_GET["show"] == 'dme' && $_GET["do"] == 'delete' )
if( !$row["dme_id"] && !$row["kfz_id"] ) if( !$row["dme_id"] && !$row["kfz_id"] )
{ {
$result = mysqli_query("DELETE FROM organisation WHERE id = '$_GET[org]'") or die (mysqli_error()); $result = mysqli_query($dbconn, "DELETE FROM organisation WHERE id = '$_GET[org]'") or die (mysqli_error());
} }
} }
@ -127,7 +127,7 @@ elseif( $_GET["show"] == 'dme' && $_GET["do"] == 'setupdate' )
/////////////////$organisation = $_REQUEST["new_org"]; /////////////////$organisation = $_REQUEST["new_org"];
// Pr<50>fen ob die Org schon existiert, wenn ja update kein eintrag // Pr<50>fen ob die Org schon existiert, wenn ja update kein eintrag
$result = mysqli_query("SELECT id FROM organisation WHERE org_name = '$_REQUEST[new_org]' AND org = '$_REQUEST[new_org_typ]'") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT id FROM organisation WHERE org_name = '$_REQUEST[new_org]' AND org = '$_REQUEST[new_org_typ]'") or die (mysqli_error());
$row = mysqli_fetch_array($result); $row = mysqli_fetch_array($result);
if( $row["id"] ) if( $row["id"] )
@ -137,9 +137,9 @@ elseif( $_GET["show"] == 'dme' && $_GET["do"] == 'setupdate' )
if( !$org_id ) if( !$org_id )
{ {
$result = mysqli_query("INSERT INTO organisation (org_name, org) VALUES ('$_REQUEST[new_org]', '$_REQUEST[new_org_typ]')"); $result = mysqli_query($dbconn, "INSERT INTO organisation (org_name, org) VALUES ('$_REQUEST[new_org]', '$_REQUEST[new_org_typ]')");
$result = mysqli_query("SELECT MAX(id) as new_id FROM organisation"); $result = mysqli_query($dbconn, "SELECT MAX(id) as new_id FROM organisation");
$row = mysql_fetch_row($result); $row = mysql_fetch_row($result);
$org_id = $row[0]; $org_id = $row[0];
} }
@ -149,12 +149,12 @@ elseif( $_GET["show"] == 'dme' && $_GET["do"] == 'setupdate' )
$org_id = $_REQUEST["select_org"]; $org_id = $_REQUEST["select_org"];
} }
$result = mysqli_query("UPDATE ric_zvei SET bezeichnung = '$_REQUEST[bezeichnung]', formatierung_id = '$_REQUEST[formatierung]', org_id = '$org_id' WHERE id='$_REQUEST[id]'") or die (mysqli_error()); $result = mysqli_query($dbconn, "UPDATE ric_zvei SET bezeichnung = '$_REQUEST[bezeichnung]', formatierung_id = '$_REQUEST[formatierung]', org_id = '$org_id' WHERE id='$_REQUEST[id]'") or die (mysqli_error());
// Pr<50>fen ob noch weitere Eintr<74>ge zur Org da sind, wenn nicht l<>schen // Pr<50>fen ob noch weitere Eintr<74>ge zur Org da sind, wenn nicht l<>schen
if( $_REQUEST["old_org"] ) if( $_REQUEST["old_org"] )
{ {
$result = mysqli_query("SELECT a.id AS dme_id, b.id AS kfz_id $result = mysqli_query($dbconn, "SELECT a.id AS dme_id, b.id AS kfz_id
FROM ric_zvei a FROM ric_zvei a
LEFT JOIN kfz_fms b ON b.org_id = $_REQUEST[old_org] LEFT JOIN kfz_fms b ON b.org_id = $_REQUEST[old_org]
WHERE a.org_id = '$_REQUEST[old_org]' OR b.org_id = '$_REQUEST[old_org]'") or die (mysqli_error()); WHERE a.org_id = '$_REQUEST[old_org]' OR b.org_id = '$_REQUEST[old_org]'") or die (mysqli_error());
@ -162,7 +162,7 @@ elseif( $_GET["show"] == 'dme' && $_GET["do"] == 'setupdate' )
if( !$row["dme_id"] && !$row["kfz_id"] ) if( !$row["dme_id"] && !$row["kfz_id"] )
{ {
$result = mysqli_query("DELETE FROM organisation WHERE id = '$_REQUEST[old_org]'") or die (mysqli_error()); $result = mysqli_query($dbconn, "DELETE FROM organisation WHERE id = '$_REQUEST[old_org]'") or die (mysqli_error());
} }
} }
@ -174,7 +174,7 @@ elseif( $_GET["show"] == 'dme' && $_GET["do"] == 'setupdate' )
elseif( $_GET["show"] == 'kfz' && !$_GET["do"] ) elseif( $_GET["show"] == 'kfz' && !$_GET["do"] )
{ {
// Alle DME ohne Organisation holen // Alle DME ohne Organisation holen
$result = mysqli_query("SELECT id, bezeichnung FROM kfz_fms WHERE org_id = '0' ORDER BY bezeichnung ASC") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT id, bezeichnung FROM kfz_fms WHERE org_id = '0' ORDER BY bezeichnung ASC") or die (mysqli_error());
while($row = mysqli_fetch_array($result)) while($row = mysqli_fetch_array($result))
{ {
$show_all .= ' $show_all .= '
@ -195,7 +195,7 @@ elseif( $_GET["show"] == 'kfz' && !$_GET["do"] )
elseif( $_GET["show"] == 'kfz' && $_GET["do"] == 'update' ) elseif( $_GET["show"] == 'kfz' && $_GET["do"] == 'update' )
{ {
// Zusammenstellung bekannter Organisationen // Zusammenstellung bekannter Organisationen
$result = mysqli_query("SELECT id, org_name, org FROM organisation ORDER BY org ASC, org_name ASC") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT id, org_name, org FROM organisation ORDER BY org ASC, org_name ASC") or die (mysqli_error());
while($row = mysqli_fetch_array($result)) while($row = mysqli_fetch_array($result))
{ {
if( $_REQUEST["org"] == $row["id"] ) { $selected = 'selected'; } else { $selected = ''; } if( $_REQUEST["org"] == $row["id"] ) { $selected = 'selected'; } else { $selected = ''; }
@ -203,7 +203,7 @@ elseif( $_GET["show"] == 'kfz' && $_GET["do"] == 'update' )
} }
// Abfrage des verlangten Datensatzes // Abfrage des verlangten Datensatzes
$result = mysqli_query("SELECT id, bezeichnung FROM kfz_fms WHERE id = '$_GET[id]'") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT id, bezeichnung FROM kfz_fms WHERE id = '$_GET[id]'") or die (mysqli_error());
$row = mysqli_fetch_array($result); $row = mysqli_fetch_array($result);
// Seiteninhalt ausgeben // Seiteninhalt ausgeben
@ -214,12 +214,12 @@ elseif( $_GET["show"] == 'kfz' && $_GET["do"] == 'update' )
// Wenn kfz l<>schen // Wenn kfz l<>schen
elseif( $_GET["show"] == 'kfz' && $_GET["do"] == 'delete' ) elseif( $_GET["show"] == 'kfz' && $_GET["do"] == 'delete' )
{ {
$result = mysqli_query("DELETE FROM kfz_fms WHERE id = '$_GET[id]'") or die (mysqli_error()); $result = mysqli_query($dbconn, "DELETE FROM kfz_fms WHERE id = '$_GET[id]'") or die (mysqli_error());
// Pr<50>fen ob noch weitere Eintr<74>ge zur Org da sind, wenn nicht l<>schen // Pr<50>fen ob noch weitere Eintr<74>ge zur Org da sind, wenn nicht l<>schen
if( $_GET["org"] ) if( $_GET["org"] )
{ {
$result = mysqli_query("SELECT a.id AS dme_id, b.id AS kfz_id $result = mysqli_query($dbconn, "SELECT a.id AS dme_id, b.id AS kfz_id
FROM ric_zvei a FROM ric_zvei a
LEFT JOIN kfz_fms b ON b.org_id = $_GET[org] LEFT JOIN kfz_fms b ON b.org_id = $_GET[org]
WHERE a.org_id = '$_GET[org]' OR b.org_id = '$_GET[org]'") or die (mysqli_error()); WHERE a.org_id = '$_GET[org]' OR b.org_id = '$_GET[org]'") or die (mysqli_error());
@ -227,7 +227,7 @@ elseif( $_GET["show"] == 'kfz' && $_GET["do"] == 'delete' )
if( !$row["dme_id"] && !$row["kfz_id"] ) if( !$row["dme_id"] && !$row["kfz_id"] )
{ {
$result = mysqli_query("DELETE FROM organisation WHERE id = '$_GET[org]'") or die (mysqli_error()); $result = mysqli_query($dbconn, "DELETE FROM organisation WHERE id = '$_GET[org]'") or die (mysqli_error());
} }
} }
@ -250,9 +250,9 @@ elseif( $_GET["show"] == 'kfz' && $_GET["do"] == 'setupdate' )
if( $_REQUEST["new_org"] ) if( $_REQUEST["new_org"] )
{ {
$organisation = $_REQUEST["new_org"]; $organisation = $_REQUEST["new_org"];
$result = mysqli_query("INSERT INTO organisation (org_name, org) VALUES ('$organisation', '$_REQUEST[new_org_typ]')"); $result = mysqli_query($dbconn, "INSERT INTO organisation (org_name, org) VALUES ('$organisation', '$_REQUEST[new_org_typ]')");
$result = mysqli_query("SELECT MAX(id) as new_id FROM organisation"); $result = mysqli_query($dbconn, "SELECT MAX(id) as new_id FROM organisation");
$row = mysql_fetch_row($result); $row = mysql_fetch_row($result);
$organisation = $row[0]; $organisation = $row[0];
} }
@ -261,12 +261,12 @@ elseif( $_GET["show"] == 'kfz' && $_GET["do"] == 'setupdate' )
$organisation = $_REQUEST["select_org"]; $organisation = $_REQUEST["select_org"];
} }
$result = mysqli_query("UPDATE kfz_fms SET bezeichnung = '$_REQUEST[bezeichnung]', org_id = '$organisation' WHERE id='$_REQUEST[id]'") or die (mysqli_error()); $result = mysqli_query($dbconn, "UPDATE kfz_fms SET bezeichnung = '$_REQUEST[bezeichnung]', org_id = '$organisation' WHERE id='$_REQUEST[id]'") or die (mysqli_error());
// Pr<50>fen ob noch weitere Eintr<74>ge zur Org da sind, wenn nicht l<>schen // Pr<50>fen ob noch weitere Eintr<74>ge zur Org da sind, wenn nicht l<>schen
if( $_REQUEST["old_org"] ) if( $_REQUEST["old_org"] )
{ {
$result = mysqli_query("SELECT a.id AS dme_id, b.id AS kfz_id $result = mysqli_query($dbconn, "SELECT a.id AS dme_id, b.id AS kfz_id
FROM ric_zvei a FROM ric_zvei a
LEFT JOIN kfz_fms b ON b.org_id = $_REQUEST[old_org] LEFT JOIN kfz_fms b ON b.org_id = $_REQUEST[old_org]
WHERE a.org_id = '$_REQUEST[old_org]' OR b.org_id = '$_REQUEST[old_org]'") or die (mysqli_error()); WHERE a.org_id = '$_REQUEST[old_org]' OR b.org_id = '$_REQUEST[old_org]'") or die (mysqli_error());
@ -274,7 +274,7 @@ elseif( $_GET["show"] == 'kfz' && $_GET["do"] == 'setupdate' )
if( !$row["dme_id"] && !$row["kfz_id"] ) if( !$row["dme_id"] && !$row["kfz_id"] )
{ {
$result = mysqli_query("DELETE FROM organisation WHERE id = '$_REQUEST[old_org]'") or die (mysqli_error()); $result = mysqli_query($dbconn, "DELETE FROM organisation WHERE id = '$_REQUEST[old_org]'") or die (mysqli_error());
} }
} }
@ -286,7 +286,7 @@ elseif( $_GET["show"] == 'kfz' && $_GET["do"] == 'setupdate' )
elseif( $_GET["show"] == 'user' && !$_GET["do"] ) elseif( $_GET["show"] == 'user' && !$_GET["do"] )
{ {
// Alle DME ohne Organisation holen // Alle DME ohne Organisation holen
$result = mysqli_query("SELECT id, a_name, real_name, a_admin, a_mail FROM admin_users ORDER BY a_admin DESC, a_name ASC") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT id, a_name, real_name, a_admin, a_mail FROM admin_users ORDER BY a_admin DESC, a_name ASC") or die (mysqli_error());
while($row = mysqli_fetch_array($result)) while($row = mysqli_fetch_array($result))
{ {
if( $row["a_admin"] == '0' ) $status = '<b>(User)</b> '; if( $row["a_admin"] == '0' ) $status = '<b>(User)</b> ';
@ -340,12 +340,12 @@ elseif( $_GET["show"] == 'user' && $_GET["do"] == 'insert' )
list($vorname, $nachname) = explode(" ", trim($_REQUEST["ins_name"])); list($vorname, $nachname) = explode(" ", trim($_REQUEST["ins_name"]));
$ins_user_name = trim($vorname) .".". substr(trim($nachname),0,1); $ins_user_name = trim($vorname) .".". substr(trim($nachname),0,1);
$result = mysqli_query("SELECT id FROM admin_users WHERE a_name = '$ins_user_name'"); $result = mysqli_query($dbconn, "SELECT id FROM admin_users WHERE a_name = '$ins_user_name'");
$row = mysqli_fetch_array($result); $row = mysqli_fetch_array($result);
if (!empty($row["id"])) $ins_user_name = trim($vorname) .".". substr(trim($nachname),0,1) ."". rand(1,99); if (!empty($row["id"])) $ins_user_name = trim($vorname) .".". substr(trim($nachname),0,1) ."". rand(1,99);
$result = mysqli_query("INSERT INTO admin_users (a_name, real_name, a_mail, pm_allow) VALUES ('$ins_user_name', '$_REQUEST[ins_name]', '$_REQUEST[ins_mail]', '1')") or die(mysqli_error); $result = mysqli_query($dbconn, "INSERT INTO admin_users (a_name, real_name, a_mail, pm_allow) VALUES ('$ins_user_name', '$_REQUEST[ins_name]', '$_REQUEST[ins_mail]', '1')") or die(mysqli_error);
echo gohome($_SERVER["PHP_SELF"].'?show=user'); echo gohome($_SERVER["PHP_SELF"].'?show=user');
} }
@ -354,9 +354,9 @@ elseif( $_GET["show"] == 'user' && $_GET["do"] == 'insert' )
// Wenn user l<>schen // Wenn user l<>schen
elseif( $_GET["show"] == 'user' && $_GET["do"] == 'delete' ) elseif( $_GET["show"] == 'user' && $_GET["do"] == 'delete' )
{ {
$result = mysqli_query("DELETE FROM messages WHERE userid_to = '$_GET[id]'") or die (mysqli_error()); $result = mysqli_query($dbconn, "DELETE FROM messages WHERE userid_to = '$_GET[id]'") or die (mysqli_error());
$result = mysqli_query("DELETE FROM alarm2mail WHERE userid = '$_GET[id]'") or die (mysqli_error()); $result = mysqli_query($dbconn, "DELETE FROM alarm2mail WHERE userid = '$_GET[id]'") or die (mysqli_error());
$result = mysqli_query("DELETE FROM admin_users WHERE id = '$_GET[id]'") or die (mysqli_error()); $result = mysqli_query($dbconn, "DELETE FROM admin_users WHERE id = '$_GET[id]'") or die (mysqli_error());
echo gohome($_SERVER["PHP_SELF"].'?show=user'); echo gohome($_SERVER["PHP_SELF"].'?show=user');
} }
@ -366,18 +366,18 @@ elseif( $_GET["show"] == 'user' && $_GET["do"] == 'delete' )
else else
{ {
// Wir schauen nach dme die keiner Org zugeordnet sind // Wir schauen nach dme die keiner Org zugeordnet sind
$result = mysqli_query("SELECT id FROM ric_zvei WHERE org_id = '0'") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT id FROM ric_zvei WHERE org_id = '0'") or die (mysqli_error());
$num_dme = mysql_num_rows($result); $num_dme = mysqli_num_rows($result);
// Wir schauen nach kfz die keiner Org zugeordnet sind // Wir schauen nach kfz die keiner Org zugeordnet sind
$result = mysqli_query("SELECT id FROM kfz_fms WHERE org_id = '0'") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT id FROM kfz_fms WHERE org_id = '0'") or die (mysqli_error());
$num_kfz = mysql_num_rows($result); $num_kfz = mysql_num_rows($result);
// Wir schauen nach der Userzahl // Wir schauen nach der Userzahl
$result = mysqli_query("SELECT id FROM admin_users") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT id FROM admin_users") or die (mysqli_error());
$num_user = mysql_num_rows($result); $num_user = mysql_num_rows($result);
$result = mysqli_query("SELECT id FROM admin_users WHERE a_admin = '2'") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT id FROM admin_users WHERE a_admin = '2'") or die (mysqli_error());
$num_new_user = mysql_num_rows($result); $num_new_user = mysql_num_rows($result);
// Ausklappmenu erstellen // Ausklappmenu erstellen
@ -385,7 +385,7 @@ else
<select name="search_org" id="search_org"> <select name="search_org" id="search_org">
<option value="">--- w&auml;hle Org. zum bearbeiten ---</option>'; <option value="">--- w&auml;hle Org. zum bearbeiten ---</option>';
$result = mysqli_query("SELECT id, org_name, org FROM organisation WHERE org != '' ORDER BY org ASC, org_name ASC") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT id, org_name, org FROM organisation WHERE org != '' ORDER BY org ASC, org_name ASC") or die (mysqli_error());
while($row = mysqli_fetch_array($result)) while($row = mysqli_fetch_array($result))
{ {
if( $_REQUEST["search_org"] == $row["id"] ) { $selected = 'selected'; } else { $selected = ''; } if( $_REQUEST["search_org"] == $row["id"] ) { $selected = 'selected'; } else { $selected = ''; }
@ -411,7 +411,7 @@ else
$show_ric .= '<br>--- <b>KFZ/FMS</b> ----------<br>'; $show_ric .= '<br>--- <b>KFZ/FMS</b> ----------<br>';
$result = mysqli_query("SELECT id, kennung, bezeichnung, org_id FROM kfz_fms WHERE org_id = '$_REQUEST[search_org]' ORDER BY kennung ASC") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT id, kennung, bezeichnung, org_id FROM kfz_fms WHERE org_id = '$_REQUEST[search_org]' ORDER BY kennung ASC") or die (mysqli_error());
while($row = mysqli_fetch_array($result)) while($row = mysqli_fetch_array($result))
{ {
$show_ric .= '&nbsp;<a href="'.$_SERVER["PHP_SELF"].'?do=update&id='.$row["id"].'&show=kfz&org='.$row["org_id"].'">'.$row["kennung"].'</a> | '.$row["bezeichnung"].'<br>'; $show_ric .= '&nbsp;<a href="'.$_SERVER["PHP_SELF"].'?do=update&id='.$row["id"].'&show=kfz&org='.$row["org_id"].'">'.$row["kennung"].'</a> | '.$row["bezeichnung"].'<br>';

View File

@ -21,12 +21,12 @@
*/ */
// Done in Haupttabelle updaten // Done in Haupttabelle updaten
$result_check_ins = mysqli_query("UPDATE dme SET zeit='$row[zeit]', done='1' WHERE num='$row[num]'") or die (mysqli_error()); $result_check_ins = mysqli_query($dbconn, "UPDATE dme SET zeit='$row[zeit]', done='1' WHERE num='$row[num]'") or die (mysqli_error());
if( trim($row["funktion"]) != 'Klartext' && trim($row["funktion"]) != 'Info' && $amenable == 1 ) if( trim($row["funktion"]) != 'Klartext' && trim($row["funktion"]) != 'Info' && $amenable == 1 )
{ {
$result_alarm_mail = mysqli_query("SELECT a.userid, a.time_from, a.time_to, a.stiwo, b.id, b.a_mail, b.a_alarmmail, b.a_alarmmail2sms, b.amail_count, b.ft_allow $result_alarm_mail = mysqli_query($dbconn, "SELECT a.userid, a.time_from, a.time_to, a.stiwo, b.id, b.a_mail, b.a_alarmmail, b.a_alarmmail2sms, b.amail_count, b.ft_allow
FROM alarm2mail a FROM alarm2mail a
LEFT JOIN admin_users b ON b.id = a.userid LEFT JOIN admin_users b ON b.id = a.userid
WHERE adresse=".$row["adresse_neu"]) or die(mysqli_error()); WHERE adresse=".$row["adresse_neu"]) or die(mysqli_error());
@ -61,7 +61,7 @@ if( trim($row["funktion"]) != 'Klartext' && trim($row["funktion"]) != 'Info' &&
} }
// Mailcounter // Mailcounter
$result_counter = mysqli_query("UPDATE admin_users SET amail_count='$amail_count' WHERE id='$row_alarm_mail[id]'"); $result_counter = mysqli_query($dbconn, "UPDATE admin_users SET amail_count='$amail_count' WHERE id='$row_alarm_mail[id]'");
} }
// Meldung im SMSformat senden // Meldung im SMSformat senden
@ -80,7 +80,7 @@ if( trim($row["funktion"]) != 'Klartext' && trim($row["funktion"]) != 'Info' &&
} }
// Mailcounter // Mailcounter
$result_counter = mysqli_query("UPDATE admin_users SET amail_count='$amail_count' WHERE id='$row_alarm_mail[id]'"); $result_counter = mysqli_query($dbconn, "UPDATE admin_users SET amail_count='$amail_count' WHERE id='$row_alarm_mail[id]'");
} }
} }
@ -91,6 +91,6 @@ if( trim($row["funktion"]) != 'Klartext' && trim($row["funktion"]) != 'Info' &&
if( ($row["zeit"] - $row["last_alarm"]) > 1000 ) if( ($row["zeit"] - $row["last_alarm"]) > 1000 )
{ {
$alarmcount = $row["alarm_count"] + 1; $alarmcount = $row["alarm_count"] + 1;
$result_check_ins = mysqli_query("UPDATE organisation SET alarm_count='$alarmcount', last_alarm='$row[zeit]' WHERE id='$row[org_id]'") or die (mysqli_error()); $result_check_ins = mysqli_query($dbconn, "UPDATE organisation SET alarm_count='$alarmcount', last_alarm='$row[zeit]' WHERE id='$row[org_id]'") or die (mysqli_error());
} }
?> ?>

View File

@ -24,7 +24,7 @@ require('config.inc.php');
$show_filter = ' Where a.done = "0" '; $show_filter = ' Where a.done = "0" ';
$result = mysqli_query("SELECT a.num, a.adresse AS adresse_neu, a.bezeichnung AS bezeichnung_neu, a.text, DATE_FORMAT(a.zeit, '%Y%m%d%H%i%s') AS zeit, a.funktion, a.REC_TYP, a.done, $result = mysqli_query($dbconn, "SELECT a.num, a.adresse AS adresse_neu, a.bezeichnung AS bezeichnung_neu, a.text, DATE_FORMAT(a.zeit, '%Y%m%d%H%i%s') AS zeit, a.funktion, a.REC_TYP, a.done,
b.adresse, b.formatierung_id, b.bezeichnung, b.adresse, b.formatierung_id, b.bezeichnung,
d.id AS org_id, d.org_name, d.org, d.alarm_count, d.last_alarm d.id AS org_id, d.org_name, d.org, d.alarm_count, d.last_alarm
FROM dme a FROM dme a
@ -46,12 +46,12 @@ require('config.inc.php');
if( $update_adresse_monrc && !$bezeichnung ) if( $update_adresse_monrc && !$bezeichnung )
{ {
// prfen ob die ric schon vorhanden ist, wenn nicht eintragen // prfen ob die ric schon vorhanden ist, wenn nicht eintragen
$result_check = mysqli_query("SELECT id FROM ric_zvei WHERE adresse=".$row["adresse_neu"]); $result_check = mysqli_query($dbconn, "SELECT id FROM ric_zvei WHERE adresse=".$row["adresse_neu"]);
$row_check = mysqli_fetch_array($result_check); $row_check = mysqli_fetch_array($result_check);
if( !$row_check["id"] ) if( !$row_check["id"] )
{ {
$result_check = mysqli_query("INSERT INTO ric_zvei (adresse, bezeichnung, rec_typ, formatierung_id) VALUES ('$row[adresse_neu]', '$row[bezeichnung_neu]', '$row[REC_TYP]', '0')") or die(mysqli_error()); $result_check = mysqli_query($dbconn, "INSERT INTO ric_zvei (adresse, bezeichnung, rec_typ, formatierung_id) VALUES ('$row[adresse_neu]', '$row[bezeichnung_neu]', '$row[REC_TYP]', '0')") or die(mysqli_error());
$bezeichnung = $row["bezeichnung_neu"]; $bezeichnung = $row["bezeichnung_neu"];
} }
} }
@ -63,7 +63,7 @@ require('config.inc.php');
} }
// Unwetter Check // Unwetter Check
$result = mysqli_query("SELECT u_meldung, u_text, u_farbe, DATE_FORMAT(u_lastcheck, '%Y%m%d%H%i%s') AS u_lastcheck, DATE_FORMAT(u_lastchange, '%Y%m%d%H%i%s') AS u_lastchange FROM unwetter WHERE id = '1'") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT u_meldung, u_text, u_farbe, DATE_FORMAT(u_lastcheck, '%Y%m%d%H%i%s') AS u_lastcheck, DATE_FORMAT(u_lastchange, '%Y%m%d%H%i%s') AS u_lastchange FROM unwetter WHERE id = '1'") or die (mysqli_error());
$row = mysqli_fetch_array($result); $row = mysqli_fetch_array($result);
if( ($timestampnow - $row["u_lastcheck"]) > ($uw_checktime * 100) ) if( ($timestampnow - $row["u_lastcheck"]) > ($uw_checktime * 100) )
@ -116,17 +116,17 @@ if( ($timestampnow - $row["u_lastcheck"]) > ($uw_checktime * 100) )
// Wenn noch kein Eintrag in DB existiert // Wenn noch kein Eintrag in DB existiert
if( empty($row["u_lastcheck"]) ) if( empty($row["u_lastcheck"]) )
{ {
mysqli_query("INSERT INTO unwetter (id, u_meldung, u_text, u_farbe, u_lastchange) VALUES ('1', '$unwetter_status', '$unwetter_meldung', '$unwetter_farbe', '$timestampnow')") or die(mysqli_error()); mysqli_query($dbconn, "INSERT INTO unwetter (id, u_meldung, u_text, u_farbe, u_lastchange) VALUES ('1', '$unwetter_status', '$unwetter_meldung', '$unwetter_farbe', '$timestampnow')") or die(mysqli_error());
} }
// Wenn bereits Eintrag vorhanden und Checktime erreicht // Wenn bereits Eintrag vorhanden und Checktime erreicht
if( $unwetter_meldung == $row["u_text"] ) if( $unwetter_meldung == $row["u_text"] )
{ {
mysqli_query("UPDATE unwetter SET u_lastcheck='$timestampnow' WHERE id = '1'") or die(mysqli_error()); mysqli_query($dbconn, "UPDATE unwetter SET u_lastcheck='$timestampnow' WHERE id = '1'") or die(mysqli_error());
} }
else else
{ {
mysqli_query("UPDATE unwetter SET u_meldung='$unwetter_status', u_text='$unwetter_meldung', u_farbe='$unwetter_farbe', u_lastcheck='$timestampnow', u_lastchange='$timestampnow' WHERE id = '1'") or die(mysqli_error()); mysqli_query($dbconn, "UPDATE unwetter SET u_meldung='$unwetter_status', u_text='$unwetter_meldung', u_farbe='$unwetter_farbe', u_lastcheck='$timestampnow', u_lastchange='$timestampnow' WHERE id = '1'") or die(mysqli_error());
} }
} }

View File

@ -101,9 +101,9 @@ $ip_ende = '192.168.1.250';
// UserID für IP // UserID für IP
$ip_users = array( $ip_users = array(
"192.168.2.81" => 1, "192.168.1.81" => 1,
"192.168.2.21" => 1, "192.168.1.21" => 1,
"192.168.2.38" => 1, "192.168.1.38" => 1,
); );
// Alarmmails enable/disable // Alarmmails enable/disable
@ -301,8 +301,8 @@ $orgcolor["D"] = 'green'; // RD sonstige
// //
// Datenbankserververbindung aufbauen und Datenbank auswhlen // Datenbankserververbindung aufbauen und Datenbank auswhlen
// //
$dbconn = mysqli_connect($dbhost, $dbuser, $dbpass) or die (mysqli_error()); $dbconn = mysqli_connect($dbhost, $dbuser, $dbpass, $dbname) or die (mysqli_error());
$dbselect = mysqli_select_db($dbname, $dbconn) or die (mysqli_error()); //$dbselect = mysqli_select_db($dbname, $dbconn) or die (mysqli_error());
// //
// Sessions starten // Sessions starten
@ -324,7 +324,7 @@ if( $_SESSION["name"] )
{ {
$tn = date("YmdHis"); $tn = date("YmdHis");
$_SESSION["last_seen"] = $tn; $_SESSION["last_seen"] = $tn;
mysqli_query("UPDATE admin_users SET last_seen='$tn' WHERE id='$_SESSION[userid]'"); mysqli_query($dbconn, "UPDATE admin_users SET last_seen='$tn' WHERE id='$_SESSION[userid]'");
} }
// Navigationsleiste // Navigationsleiste

View File

@ -171,7 +171,16 @@ function get_hour($time) {
} }
function ip2str($ip) { function ip2str($ip) {
$ip = preg_replace("/(\d{1,3})\.?/e", 'sprintf("%03d", \1)', $ip); //$ip = preg_replace("/(\d{1,3})\.?/e", 'sprintf("%03d", \1)', $ip);
$ip = preg_replace_callback(
"/(\d{1,3})\.?/",
function($matches){
foreach($matches as $match){
return sprintf("%03d", $match);
}
},
$ip
);
return (string)$ip; return (string)$ip;
} }
@ -326,7 +335,7 @@ function split_kfz($kfz) {
} }
function count_total($tocount) { function count_total($tocount) {
$result = mysqli_query("SELECT Count(*) as $tocount FROM $tocount"); $result = mysqli_query($dbconn, "SELECT Count(*) as $tocount FROM $tocount");
$result = mysqli_fetch_array($result); $result = mysqli_fetch_array($result);
return $result[$tocount]; return $result[$tocount];
} }

View File

@ -81,7 +81,7 @@ elseif( $show_filter != 1 )
// Daten f¸r Formatierung holen und in array->session schreiben // Daten f¸r Formatierung holen und in array->session schreiben
if( !$_SESSION["formatierung"] && !$_GET["nooutput"] ) if( !$_SESSION["formatierung"] && !$_GET["nooutput"] )
{ {
$result = mysqli_query("SELECT id, bg_farbe, text_farbe, text_format, text_groesse, text_groesse_text FROM formatierung ORDER BY id ASC") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT id, bg_farbe, text_farbe, text_format, text_groesse, text_groesse_text FROM formatierung ORDER BY id ASC") or die (mysqli_error());
while($row = mysqli_fetch_array($result)) while($row = mysqli_fetch_array($result))
{ {
$formatierung[$row["id"]] = array( $formatierung[$row["id"]] = array(
@ -101,7 +101,7 @@ elseif( $show_filter != 1 )
// //
// Auslesen pocsag // Auslesen pocsag
// //
$result = mysqli_query("SELECT a.num, a.adresse AS adresse_neu, a.bezeichnung AS bezeichnung_neu, a.text, DATE_FORMAT(a.zeit, '%Y%m%d%H%i%s') AS zeit, a.funktion, a.REC_TYP, a.done, $result = mysqli_query($dbconn, "SELECT a.num, a.adresse AS adresse_neu, a.bezeichnung AS bezeichnung_neu, a.text, DATE_FORMAT(a.zeit, '%Y%m%d%H%i%s') AS zeit, a.funktion, a.REC_TYP, a.done,
b.adresse, b.formatierung_id, b.bezeichnung, b.adresse, b.formatierung_id, b.bezeichnung,
d.id AS org_id, d.org_name, d.org, d.alarm_count, d.last_alarm d.id AS org_id, d.org_name, d.org, d.alarm_count, d.last_alarm
FROM dme a FROM dme a
@ -141,12 +141,12 @@ elseif( $show_filter != 1 )
if( $update_adresse_monrc && !$bezeichnung ) if( $update_adresse_monrc && !$bezeichnung )
{ {
// prfen ob die ric schon vorhanden ist, wenn nicht eintragen // prfen ob die ric schon vorhanden ist, wenn nicht eintragen
$result_check = mysqli_query("SELECT id FROM ric_zvei WHERE adresse=".$row["adresse_neu"]); $result_check = mysqli_query($dbconn, "SELECT id FROM ric_zvei WHERE adresse=".$row["adresse_neu"]);
$row_check = mysqli_fetch_array($result_check); $row_check = mysqli_fetch_array($result_check);
if( !$row_check["id"] ) if( !$row_check["id"] )
{ {
$result_check = mysqli_query("INSERT INTO ric_zvei (adresse, bezeichnung, rec_typ, formatierung_id) VALUES ('$row[adresse_neu]', '$row[bezeichnung_neu]', '$row[REC_TYP]', '0')") or die(mysqli_error()); $result_check = mysqli_query($dbconn, "INSERT INTO ric_zvei (adresse, bezeichnung, rec_typ, formatierung_id) VALUES ('$row[adresse_neu]', '$row[bezeichnung_neu]', '$row[REC_TYP]', '0')") or die(mysqli_error());
$bezeichnung = $row["bezeichnung_neu"]; $bezeichnung = $row["bezeichnung_neu"];
} }
} }

View File

@ -2,14 +2,14 @@
require_once("config.inc.php"); require_once("config.inc.php");
// Check User online // Check User online
$result = mysqli_query("SELECT id, a_name, real_name FROM admin_users where last_seen > '$useronlinetime' ORDER BY a_name ASC") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT id, a_name, real_name FROM admin_users where last_seen > '$useronlinetime' ORDER BY a_name ASC") or die (mysqli_error());
while($row = mysqli_fetch_array($result)) while($row = mysqli_fetch_array($result))
{ {
$show_online_users .= '<a href="javascript:oeffnefenster(\'pmfunctions.inc.php?pmdo=write&msg_to='.$row["id"].'\');" title="Nachricht an: '.$row["real_name"].'"><i>'.$row["a_name"].'</i></a>,'; $show_online_users .= '<a href="javascript:oeffnefenster(\'pmfunctions.inc.php?pmdo=write&msg_to='.$row["id"].'\');" title="Nachricht an: '.$row["real_name"].'"><i>'.$row["a_name"].'</i></a>,';
} }
// Check Wetter // Check Wetter
$result = mysqli_query("SELECT u_meldung, u_text, u_farbe, DATE_FORMAT(u_lastcheck, '%Y%m%d%H%i%s') AS u_lastcheck, DATE_FORMAT(u_lastchange, '%Y%m%d%H%i%s') AS u_lastchange FROM unwetter WHERE id = '1'") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT u_meldung, u_text, u_farbe, DATE_FORMAT(u_lastcheck, '%Y%m%d%H%i%s') AS u_lastcheck, DATE_FORMAT(u_lastchange, '%Y%m%d%H%i%s') AS u_lastchange FROM unwetter WHERE id = '1'") or die (mysqli_error());
$row = mysqli_fetch_array($result); $row = mysqli_fetch_array($result);
if( !empty($row["u_meldung"]) ) if( !empty($row["u_meldung"]) )
@ -25,7 +25,7 @@ require_once("config.inc.php");
} }
// Check PM // Check PM
$result = mysqli_query("SELECT a.*, DATE_FORMAT(a.pm_date, '%Y%m%d%H%i%s') AS date, b.real_name $result = mysqli_query($dbconn, "SELECT a.*, DATE_FORMAT(a.pm_date, '%Y%m%d%H%i%s') AS date, b.real_name
FROM messages a FROM messages a
LEFT JOIN admin_users b ON b.id = a.userid_from LEFT JOIN admin_users b ON b.id = a.userid_from
WHERE a.userid_to = '$_SESSION[userid]' ORDER BY pm_date ASC") or die (mysqli_error()); WHERE a.userid_to = '$_SESSION[userid]' ORDER BY pm_date ASC") or die (mysqli_error());

View File

@ -33,7 +33,7 @@ if ( (ip2str($ip_start) <= ip2str($_SERVER["REMOTE_ADDR"]) && ip2str($_SERVER["R
$_SESSION["userid"] = $ip_users[$_SERVER["REMOTE_ADDR"]]; $_SESSION["userid"] = $ip_users[$_SERVER["REMOTE_ADDR"]];
} }
$zack = $ip_users[$_SERVER["REMOTE_ADDR"]]; $zack = $ip_users[$_SERVER["REMOTE_ADDR"]];
$result = mysqli_query("SELECT a_name, DATE_FORMAT(last_seen, '%Y%m%d%H%i%s') AS last_seen FROM admin_users WHERE id = '$zack'") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT a_name, DATE_FORMAT(last_seen, '%Y%m%d%H%i%s') AS last_seen FROM admin_users WHERE id = '$zack'") or die (mysqli_error());
$row = mysqli_fetch_array($result); $row = mysqli_fetch_array($result);
$_SESSION["name"] = $row["a_name"]; $_SESSION["name"] = $row["a_name"];
$_SESSION["last_seen"] = ($row["last_seen"] - 200 ); $_SESSION["last_seen"] = ($row["last_seen"] - 200 );
@ -47,7 +47,7 @@ elseif ( $_GET["iam"] == "manuelw" )
$_SESSION["userid"] = 1; $_SESSION["userid"] = 1;
$result = mysqli_query("SELECT a_name, DATE_FORMAT(last_seen, '%Y%m%d%H%i%s') AS last_seen FROM admin_users WHERE id = '1'") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT a_name, DATE_FORMAT(last_seen, '%Y%m%d%H%i%s') AS last_seen FROM admin_users WHERE id = '1'") or die (mysqli_error());
$row = mysqli_fetch_array($result); $row = mysqli_fetch_array($result);
$_SESSION["name"] = $row["a_name"]; $_SESSION["name"] = $row["a_name"];
$_SESSION["last_seen"] = ($row["last_seen"] - 200 ); $_SESSION["last_seen"] = ($row["last_seen"] - 200 );
@ -116,7 +116,7 @@ elseif( $wap == 1 )
if( !$row["wap_handy"] ) if( !$row["wap_handy"] )
{ {
$result = mysqli_query("UPDATE admin_users SET wap_handy='$HTTP_USER_AGENT' WHERE a_name = '$_REQUEST[a_name]' AND wap_pass = '$_REQUEST[a_pass]'"); $result = mysqli_query($dbconn, "UPDATE admin_users SET wap_handy='$HTTP_USER_AGENT' WHERE a_name = '$_REQUEST[a_name]' AND wap_pass = '$_REQUEST[a_pass]'");
} }
else else
{ {
@ -140,10 +140,10 @@ elseif( $wap == 1 )
$timenow = date("G:i"); $timenow = date("G:i");
$ip = $_SERVER["REMOTE_ADDR"]; $ip = $_SERVER["REMOTE_ADDR"];
$agent = $HTTP_USER_AGENT; $agent = $HTTP_USER_AGENT;
$result = mysqli_query("INSERT INTO pocsag_logins (name, zeit, datum, ip, agent) VALUES ('$row[real_name]', '$timenow', '$datnow', '$ip', '$agent')"); $result = mysqli_query($dbconn, "INSERT INTO pocsag_logins (name, zeit, datum, ip, agent) VALUES ('$row[real_name]', '$timenow', '$datnow', '$ip', '$agent')");
$row["login_count"]++; $row["login_count"]++;
$result = mysqli_query("UPDATE admin_users SET login_count = '$row[login_count]' WHERE id = '$row[id]' ") or die(mysqli_error()); $result = mysqli_query($dbconn, "UPDATE admin_users SET login_count = '$row[login_count]' WHERE id = '$row[id]' ") or die(mysqli_error());
} }
else else
{ {
@ -207,7 +207,7 @@ else
} }
elseif (!$_SESSION["name"] && $_GET["mode"] == 'login') elseif (!$_SESSION["name"] && $_GET["mode"] == 'login')
{ {
$result = mysqli_query("SELECT id, a_name, a_admin, a_mail FROM admin_users WHERE a_name = '$_POST[a_name]'") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT id, a_name, a_admin, a_mail FROM admin_users WHERE a_name = '$_POST[a_name]'") or die (mysqli_error());
$row = mysqli_fetch_array($result); $row = mysqli_fetch_array($result);
if( $row[a_name] && $row["a_admin"] != '2' ) if( $row[a_name] && $row["a_admin"] != '2' )
@ -219,7 +219,7 @@ else
mail_pass($row["a_mail"], $pass); mail_pass($row["a_mail"], $pass);
$result = mysqli_query("UPDATE admin_users SET login_pass='$pass' WHERE id='$row[id]'") or die(mysqli_error()); $result = mysqli_query($dbconn, "UPDATE admin_users SET login_pass='$pass' WHERE id='$row[id]'") or die(mysqli_error());
echo'<center><br><br><br>Eine EMail mit deinem Zugang wurde an <b>'.$row[a_mail].'</b> versand.'; echo'<center><br><br><br>Eine EMail mit deinem Zugang wurde an <b>'.$row[a_mail].'</b> versand.';
@ -274,7 +274,7 @@ exit;
if( !empty($_GET["login"]) ) if( !empty($_GET["login"]) )
{ {
$result = mysqli_query("SELECT id, a_name, a_admin, a_mail, real_name, login_count, pm_allow, DATE_FORMAT(last_seen, '%Y%m%d%H%i%s') AS last_seen FROM admin_users WHERE login_pass = '$_GET[login]'") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT id, a_name, a_admin, a_mail, real_name, login_count, pm_allow, DATE_FORMAT(last_seen, '%Y%m%d%H%i%s') AS last_seen FROM admin_users WHERE login_pass = '$_GET[login]'") or die (mysqli_error());
$row = mysqli_fetch_array($result); $row = mysqli_fetch_array($result);
if( !empty($row["a_name"]) ) if( !empty($row["a_name"]) )
@ -291,10 +291,10 @@ exit;
$timenow = date("G:i"); $timenow = date("G:i");
$ip = $_SERVER["REMOTE_ADDR"]; $ip = $_SERVER["REMOTE_ADDR"];
$agent = $HTTP_USER_AGENT; $agent = $HTTP_USER_AGENT;
$result = mysqli_query("INSERT INTO pocsag_logins (name, zeit, datum, ip, agent) VALUES ('$row[real_name]', '$timenow', '$datnow', '$ip', '$agent')"); $result = mysqli_query($dbconn, "INSERT INTO pocsag_logins (name, zeit, datum, ip, agent) VALUES ('$row[real_name]', '$timenow', '$datnow', '$ip', '$agent')");
$row["login_count"]++; $row["login_count"]++;
$result = mysqli_query("UPDATE admin_users SET login_pass='', login_count='$row[login_count]' WHERE id='$row[id]'") or die(mysqli_error()); $result = mysqli_query($dbconn, "UPDATE admin_users SET login_pass='', login_count='$row[login_count]' WHERE id='$row[id]'") or die(mysqli_error());
echo gohome("index.php"); echo gohome("index.php");
} }

View File

@ -24,7 +24,7 @@ require_once("config.inc.php");
if( $_GET["pmdo"] == "reply" ) if( $_GET["pmdo"] == "reply" )
{ {
$result = mysqli_query("SELECT real_name FROM admin_users WHERE id = '$_GET[to]'") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT real_name FROM admin_users WHERE id = '$_GET[to]'") or die (mysqli_error());
$row = mysqli_fetch_array($result); $row = mysqli_fetch_array($result);
eval ("\$message_field .= \"".gettemplate($template_dir."body_message_reply")."\";"); eval ("\$message_field .= \"".gettemplate($template_dir."body_message_reply")."\";");
@ -32,8 +32,8 @@ if( $_GET["pmdo"] == "reply" )
} }
elseif( $_GET["pmdo"] == "doreply" ) elseif( $_GET["pmdo"] == "doreply" )
{ {
$result = mysqli_query("INSERT INTO messages (userid_from, userid_to, message) VALUES ('$_SESSION[userid]', '$_REQUEST[userid_to]', '$_REQUEST[msg_text]')"); $result = mysqli_query($dbconn, "INSERT INTO messages (userid_from, userid_to, message) VALUES ('$_SESSION[userid]', '$_REQUEST[userid_to]', '$_REQUEST[msg_text]')");
$result = mysqli_query("DELETE FROM messages WHERE id = '$_REQUEST[msg_id]'")or die(mysqli_error()); $result = mysqli_query($dbconn, "DELETE FROM messages WHERE id = '$_REQUEST[msg_id]'")or die(mysqli_error());
echo gohome($_SERVER["PHP_SELF"]); echo gohome($_SERVER["PHP_SELF"]);
} }
@ -46,7 +46,7 @@ elseif( $_GET["pmdo"] == "write" )
<option>--------------------</option> <option>--------------------</option>
<option value="0">Alle</option>'; <option value="0">Alle</option>';
$result = mysqli_query("SELECT id, real_name FROM admin_users WHERE pm_allow = '1' ORDER BY real_name ASC") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT id, real_name FROM admin_users WHERE pm_allow = '1' ORDER BY real_name ASC") or die (mysqli_error());
while($row = mysqli_fetch_array($result)) while($row = mysqli_fetch_array($result))
{ {
if( $_GET["msg_to"] == $row["id"] ) { $selected = 'selected'; $can_pm = '1'; } else { $selected = ''; } if( $_GET["msg_to"] == $row["id"] ) { $selected = 'selected'; $can_pm = '1'; } else { $selected = ''; }
@ -77,15 +77,15 @@ elseif( $_GET["pmdo"] == "dowrite" )
if( $_REQUEST["userid_to"] != '0' ) if( $_REQUEST["userid_to"] != '0' )
{ {
// an einen bestimmten User // an einen bestimmten User
$result = mysqli_query("INSERT INTO messages (userid_from, userid_to, message) VALUES ('$_SESSION[userid]', '$_REQUEST[userid_to]', '$_REQUEST[msg_text]')"); $result = mysqli_query($dbconn, "INSERT INTO messages (userid_from, userid_to, message) VALUES ('$_SESSION[userid]', '$_REQUEST[userid_to]', '$_REQUEST[msg_text]')");
} }
else else
{ {
// an alle User die PM d<>rfen // an alle User die PM d<>rfen
$result = mysqli_query("SELECT id FROM admin_users WHERE pm_allow = '1'") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT id FROM admin_users WHERE pm_allow = '1'") or die (mysqli_error());
while($row = mysqli_fetch_array($result)) while($row = mysqli_fetch_array($result))
{ {
$result_msg = mysqli_query("INSERT INTO messages (userid_from, userid_to, message) VALUES ('$_SESSION[userid]', '$row[id]', '$_REQUEST[msg_text]')"); $result_msg = mysqli_query($dbconn, "INSERT INTO messages (userid_from, userid_to, message) VALUES ('$_SESSION[userid]', '$row[id]', '$_REQUEST[msg_text]')");
} }
} }
@ -94,6 +94,6 @@ elseif( $_GET["pmdo"] == "dowrite" )
elseif( $_GET["pmdo"] == "deletepm" ) elseif( $_GET["pmdo"] == "deletepm" )
{ {
$result = mysqli_query("DELETE FROM messages WHERE id = '$_GET[msg_id]'")or die(mysqli_error()); $result = mysqli_query($dbconn, "DELETE FROM messages WHERE id = '$_GET[msg_id]'")or die(mysqli_error());
} }
?> ?>

View File

@ -35,7 +35,7 @@ $_SESSION["online_users"] = "";
if( !$_GET["do"] ) if( !$_GET["do"] )
{ {
$result = mysqli_query("SELECT a_alarmmail, a_alarmmail2sms, wap_pass, wap_show, wap_rows, wap_def_orgfilter, wap_def_statfilter FROM admin_users WHERE id = '$_SESSION[userid]'") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT a_alarmmail, a_alarmmail2sms, wap_pass, wap_show, wap_rows, wap_def_orgfilter, wap_def_statfilter FROM admin_users WHERE id = '$_SESSION[userid]'") or die (mysqli_error());
$row = mysqli_fetch_array($result); $row = mysqli_fetch_array($result);
$wap_pass = $row["wap_pass"]; $wap_pass = $row["wap_pass"];
@ -86,7 +86,7 @@ if( !$_GET["do"] )
<select name="search_ric" id="search_ric">' <select name="search_ric" id="search_ric">'
; ;
$result = mysqli_query("SELECT id, org_name, org FROM organisation WHERE org != '' ORDER BY org ASC, org_name ASC") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT id, org_name, org FROM organisation WHERE org != '' ORDER BY org ASC, org_name ASC") or die (mysqli_error());
while($row = mysqli_fetch_array($result)) while($row = mysqli_fetch_array($result))
{ {
$select_search_ric .= ' $select_search_ric .= '
@ -98,7 +98,7 @@ if( !$_GET["do"] )
</select> </select>
'; ';
$result = mysqli_query("SELECT a.*, $result = mysqli_query($dbconn, "SELECT a.*,
b.adresse, b.formatierung_id, b.bezeichnung, b.rec_typ, b.adresse, b.formatierung_id, b.bezeichnung, b.rec_typ,
c.bg_farbe, c.text_farbe, c.text_format, c.text_groesse, c.text_groesse_text, c.bg_farbe, c.text_farbe, c.text_format, c.text_groesse, c.text_groesse_text,
d.org_name, d.org d.org_name, d.org
@ -146,14 +146,14 @@ elseif( $_GET["do"] == 'abodet' )
'; ';
} }
$result = mysqli_query("SELECT id, org_name, org FROM organisation WHERE id = '$_REQUEST[search_ric]'") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT id, org_name, org FROM organisation WHERE id = '$_REQUEST[search_ric]'") or die (mysqli_error());
$row = mysqli_fetch_array($result); $row = mysqli_fetch_array($result);
$org_id = $row["id"]; $org_id = $row["id"];
$org = $row["org"]; $org = $row["org"];
$org_name = $row["org_name"]; $org_name = $row["org_name"];
$result = mysqli_query("SELECT id, adresse, bezeichnung, rec_typ FROM ric_zvei WHERE org_id = '$org_id'") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT id, adresse, bezeichnung, rec_typ FROM ric_zvei WHERE org_id = '$org_id'") or die (mysqli_error());
while($row = mysqli_fetch_array($result)) while($row = mysqli_fetch_array($result))
{ {
$select_ric .= '<input name="abo_ric['.$i++.']" type="checkbox" value="'.$row["adresse"].'"> <b>'.$org.' '.$org_name.' '.$row["bezeichnung"].'</b> - '.$row["rec_typ"].'<br>'; $select_ric .= '<input name="abo_ric['.$i++.']" type="checkbox" value="'.$row["adresse"].'"> <b>'.$org.' '.$org_name.' '.$row["bezeichnung"].'</b> - '.$row["rec_typ"].'<br>';
@ -171,12 +171,12 @@ elseif( $_GET["do"] == 'aboins' )
foreach( $_REQUEST["abo_ric"] AS $v ) foreach( $_REQUEST["abo_ric"] AS $v )
{ {
// pr<70>fen ob der User diese Ric bereits Abonniert hat // pr<70>fen ob der User diese Ric bereits Abonniert hat
$result = mysqli_query("SELECT id FROM alarm2mail WHERE userid = '$_SESSION[userid]' AND adresse = '$v'") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT id FROM alarm2mail WHERE userid = '$_SESSION[userid]' AND adresse = '$v'") or die (mysqli_error());
$row = mysqli_fetch_array($result); $row = mysqli_fetch_array($result);
if( empty($row["id"]) ) if( empty($row["id"]) )
{ {
$result = mysqli_query("INSERT INTO alarm2mail (adresse, userid, time_from, time_to, stiwo) VALUES ('$v', '$_SESSION[userid]', '$_REQUEST[alarm_time_filter_from]', '$_REQUEST[alarm_time_filter_to]', '$_REQUEST[alarm_stiwo]')") or die(mysqli_error()); $result = mysqli_query($dbconn, "INSERT INTO alarm2mail (adresse, userid, time_from, time_to, stiwo) VALUES ('$v', '$_SESSION[userid]', '$_REQUEST[alarm_time_filter_from]', '$_REQUEST[alarm_time_filter_to]', '$_REQUEST[alarm_stiwo]')") or die(mysqli_error());
} }
} }
@ -188,7 +188,7 @@ elseif( $_GET["do"] == 'aboins' )
elseif( $_GET["do"] == 'abodel' ) elseif( $_GET["do"] == 'abodel' )
{ {
$result = mysqli_query("DELETE FROM alarm2mail WHERE id = '$_GET[id]' AND userid = '$_SESSION[userid]'") or die(mysqli_error()); $result = mysqli_query($dbconn, "DELETE FROM alarm2mail WHERE id = '$_GET[id]' AND userid = '$_SESSION[userid]'") or die(mysqli_error());
echo gohome($_SERVER["PHP_SELF"]); echo gohome($_SERVER["PHP_SELF"]);
@ -199,7 +199,7 @@ elseif( $_GET["do"] == 'setmailform' )
{ {
if( $_REQUEST["mail2sms"] == 1 ) { $setto = 1; } else { $setto = 0; } if( $_REQUEST["mail2sms"] == 1 ) { $setto = 1; } else { $setto = 0; }
$result = mysqli_query("UPDATE admin_users SET a_alarmmail2sms='$setto', a_alarmmail='$_REQUEST[alarmmail]' WHERE id = '$_SESSION[userid]'") or die(mysqli_error()); $result = mysqli_query($dbconn, "UPDATE admin_users SET a_alarmmail2sms='$setto', a_alarmmail='$_REQUEST[alarmmail]' WHERE id = '$_SESSION[userid]'") or die(mysqli_error());
echo gohome($_SERVER["PHP_SELF"]); echo gohome($_SERVER["PHP_SELF"]);
@ -208,7 +208,7 @@ elseif( $_GET["do"] == 'setmailform' )
// Wap Einstellungen speichern // Wap Einstellungen speichern
elseif( $_GET["do"] == 'setwap' ) elseif( $_GET["do"] == 'setwap' )
{ {
$result = mysqli_query("UPDATE admin_users SET wap_show='$_REQUEST[wap_show]', wap_rows='$_REQUEST[wap_rows]', wap_pass='$_REQUEST[wap_pass]', wap_def_orgfilter='$_REQUEST[wap_orgfilter]', wap_def_statfilter='$_REQUEST[wap_statfilter]' WHERE id = '$_SESSION[userid]'") or die(mysqli_error()); $result = mysqli_query($dbconn, "UPDATE admin_users SET wap_show='$_REQUEST[wap_show]', wap_rows='$_REQUEST[wap_rows]', wap_pass='$_REQUEST[wap_pass]', wap_def_orgfilter='$_REQUEST[wap_orgfilter]', wap_def_statfilter='$_REQUEST[wap_statfilter]' WHERE id = '$_SESSION[userid]'") or die(mysqli_error());
echo gohome($_SERVER["PHP_SELF"]); echo gohome($_SERVER["PHP_SELF"]);
} }

View File

@ -44,7 +44,7 @@ require('config.inc.php');
$select_search_ric = ' $select_search_ric = '
<select name="search_ric" id="search_ric">'; <select name="search_ric" id="search_ric">';
$result = mysqli_query("SELECT id, org_name, org FROM organisation WHERE org != '' ORDER BY org ASC, org_name ASC") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT id, org_name, org FROM organisation WHERE org != '' ORDER BY org ASC, org_name ASC") or die (mysqli_error());
while($row = mysqli_fetch_array($result)) while($row = mysqli_fetch_array($result))
{ {
$select_search_ric .= ' $select_search_ric .= '
@ -153,7 +153,7 @@ require('config.inc.php');
// Auslesen pocsag // Auslesen pocsag
if( $_REQUEST["search_what"] == 'ric' && $_REQUEST["search_ric"] != '' || $_REQUEST["search_what"] == 'word' && $_REQUEST["search_word"] != '' || $_REQUEST["search_what"] == 'word' && $_REQUEST["search_word_org"] != '' ) if( $_REQUEST["search_what"] == 'ric' && $_REQUEST["search_ric"] != '' || $_REQUEST["search_what"] == 'word' && $_REQUEST["search_word"] != '' || $_REQUEST["search_what"] == 'word' && $_REQUEST["search_word_org"] != '' )
{ {
$result = mysqli_query("SELECT a.adresse AS adresse_neu, a.bezeichnung AS bezeichnung_neu, a.rec_typ, a.text, DATE_FORMAT(a.zeit, '%Y%m%d%H%i%s') AS zeit, a.funktion, $result = mysqli_query($dbconn, "SELECT a.adresse AS adresse_neu, a.bezeichnung AS bezeichnung_neu, a.rec_typ, a.text, DATE_FORMAT(a.zeit, '%Y%m%d%H%i%s') AS zeit, a.funktion,
b.adresse, b.formatierung_id, b.bezeichnung, b.adresse, b.formatierung_id, b.bezeichnung,
c.id, c.bg_farbe, c.text_farbe, c.text_format, c.text_groesse, c.text_groesse_text, c.id, c.bg_farbe, c.text_farbe, c.text_format, c.text_groesse, c.text_groesse_text,
d.org_name, d.org d.org_name, d.org

View File

@ -20,7 +20,7 @@
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/ */
$result = mysqli_query("SELECT u_meldung, u_text, u_farbe, DATE_FORMAT(u_lastcheck, '%Y%m%d%H%i%s') AS u_lastcheck, DATE_FORMAT(u_lastchange, '%Y%m%d%H%i%s') AS u_lastchange FROM unwetter WHERE id = '1'") or die (mysqli_error()); $result = mysqli_query($dbconn, "SELECT u_meldung, u_text, u_farbe, DATE_FORMAT(u_lastcheck, '%Y%m%d%H%i%s') AS u_lastcheck, DATE_FORMAT(u_lastchange, '%Y%m%d%H%i%s') AS u_lastchange FROM unwetter WHERE id = '1'") or die (mysqli_error());
$row = mysqli_fetch_array($result); $row = mysqli_fetch_array($result);
if( ($timestampnow - $row["u_lastcheck"]) > ($uw_checktime * 100) && $_GET["nooutput"] == 1 ) if( ($timestampnow - $row["u_lastcheck"]) > ($uw_checktime * 100) && $_GET["nooutput"] == 1 )
@ -73,17 +73,17 @@ if( ($timestampnow - $row["u_lastcheck"]) > ($uw_checktime * 100) && $_GET["noou
// Wenn noch kein Eintrag in DB existiert // Wenn noch kein Eintrag in DB existiert
if( empty($row["u_lastcheck"]) ) if( empty($row["u_lastcheck"]) )
{ {
mysqli_query("INSERT INTO unwetter (id, u_meldung, u_text, u_farbe, u_lastchange) VALUES ('1', '$unwetter_status', '$unwetter_meldung', '$unwetter_farbe', '$timestampnow')") or die(mysqli_error()); mysqli_query($dbconn, "INSERT INTO unwetter (id, u_meldung, u_text, u_farbe, u_lastchange) VALUES ('1', '$unwetter_status', '$unwetter_meldung', '$unwetter_farbe', '$timestampnow')") or die(mysqli_error());
} }
// Wenn bereits Eintrag vorhanden und Checktime erreicht // Wenn bereits Eintrag vorhanden und Checktime erreicht
if( $unwetter_meldung == $row["u_text"] ) if( $unwetter_meldung == $row["u_text"] )
{ {
mysqli_query("UPDATE unwetter SET u_lastcheck='$timestampnow' WHERE id = '1'") or die(mysqli_error()); mysqli_query($dbconn, "UPDATE unwetter SET u_lastcheck='$timestampnow' WHERE id = '1'") or die(mysqli_error());
} }
else else
{ {
mysqli_query("UPDATE unwetter SET u_meldung='$unwetter_status', u_text='$unwetter_meldung', u_farbe='$unwetter_farbe', u_lastcheck='$timestampnow', u_lastchange='$timestampnow' WHERE id = '1'") or die(mysqli_error()); mysqli_query($dbconn, "UPDATE unwetter SET u_meldung='$unwetter_status', u_text='$unwetter_meldung', u_farbe='$unwetter_farbe', u_lastcheck='$timestampnow', u_lastchange='$timestampnow' WHERE id = '1'") or die(mysqli_error());
} }
} }