diff options
| author | root | 2014-04-14 08:35:13 +0200 |
|---|---|---|
| committer | root | 2014-04-14 08:35:13 +0200 |
| commit | 12734da8826299ffd24c0a15f6dbf205892d7221 (patch) | |
| tree | 3b894dd30e332df23a564ce44e42ce164c8abd78 /www/update.php | |
| parent | 7b9d516cd3bcdb8eaa5f1eb533d71010061c681b (diff) | |
| download | jungegemeinde-12734da8826299ffd24c0a15f6dbf205892d7221.tar.gz | |
Pushed to v3
Diffstat (limited to 'www/update.php')
| -rw-r--r-- | www/update.php | 75 |
1 files changed, 24 insertions, 51 deletions
diff --git a/www/update.php b/www/update.php index e59bf8e..04df988 100644 --- a/www/update.php +++ b/www/update.php @@ -1,53 +1,26 @@ <?php -/* Copyright Maximilian Möhring, 2013 -Licensed under the GPL. Read LICENSE for more Information.*/ - -include('auth.php'); -/*error_reporting(E_ALL); - -ini_set('display_errors', '1');*/ - -$id = SQLite3::escapeString($_POST["id"]); -$name = SQLite3::escapeString($_POST["name"]); -$adresse = SQLite3::escapeString($_POST["adresse"]); -$telefonnummer = SQLite3::escapeString($_POST["telefonnummer"]); -$handynummer = SQLite3::escapeString($_POST["handynummer"]); -$email = SQLite3::escapeString($_POST["email"]); -$bday = SQLite3::escapeString($_POST["geburtstag"]); - -//echo "$name<br> $adresse<br>$telefonnummer<br>$handynummer<br>$email<br>$bday<br>$ip<br>$cryptedip"; - - - -$db = new SQLite3('../database/database.sqlite'); - -$db->exec("UPDATE member SET name='$name' where id=$id;"); -$db->exec("UPDATE member SET adresse='$adresse' where id=$id;"); -$db->exec("UPDATE member SET telefonnummer='$telefonnummer' where id=$id;"); -$db->exec("UPDATE member SET handynummer='$handynummer' where id=$id;"); -$db->exec("UPDATE member SET email='$email' where id=$id;"); -$db->exec("UPDATE member SET geburtstag='$bday' where id=$id;"); - -/*echo " -<!doctype html public '-//W3C//DTD XHTML 1.0 //EN'> - -<html> - <head> - <title>Junge Gemeinde Adlershof - Update erfolgreich!</title> - <meta http-equiv='Content-type' content='text/html; charset=utf-8' /> - <link rel='stylesheet' type='text/css' href='style.css' /> - <link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'> - </head> - - <body> -<center> -<p5>Update erfolgreich!</p5><br><br> -<a4>Weiterleitung in 3.. 2.. 1..</a4> -</center></body></html>";*/ - -header("Refresh: 0; liste.php"); - - - -?> +function update_db($db){ + + $id = SQLite3::escapeString($_POST["id"]); + $name = SQLite3::escapeString($_POST["name"]); + $adresse = SQLite3::escapeString($_POST["adresse"]); + $telefonnummer = SQLite3::escapeString($_POST["telefonnummer"]); + $handynummer = SQLite3::escapeString($_POST["handynummer"]); + $email = SQLite3::escapeString($_POST["email"]); + $bday = SQLite3::escapeString($_POST["geburtstag"]); + + if(!preg_match("/^[0-9]+$/", $id) || !preg_match("/[0-9]+$/", $telefonnummer) || !preg_match("/^.+@.+$/", $email)){ + return false; + } + + if($db->exec(" + BEGIN TRANSACTION; + UPDATE jg SET name='".$name."', adresse='".$adresse."', telefonnummer='".$telefonnummer."', handynummer='".$handynummer."', email='".$email."', geburtstag='".$bday."' WHERE id=".$id."; + COMMIT; + ")){ + return true; + } else { + return false; + } +} |