diff options
Diffstat (limited to 'action.php')
| -rw-r--r-- | action.php | 32 |
1 files changed, 13 insertions, 19 deletions
@@ -23,8 +23,9 @@ switch($_GET["task"]){ if ( ! isset($_POST["name"]) || $_POST["name"] == "" || ! isset($_POST["password"]) || $_POST["password"] == "" ){ print_login("missing"); } else if ( $user->login($_POST["name"], $_POST["password"]) ){ + $goto = preg_replace("/;/", "&", $_GET["goto"]); header($_SERVER["SERVER_PROTOCOL"] . " 302 Moved"); - header("Location: /?page=" . $_GET["goto"]); + header("Location: /?page=" . $goto); ob_clean(); exit; } else { @@ -118,7 +119,6 @@ switch($_GET["task"]){ if ( $result = $db->doQuery($sql) ){ header($_SERVER["SERVER_PROTOCOL"] . " 302 Moved"); header("Location: /?page=" . $_GET["goto"]); - //$c->flush($_GET["_flush"]); $c->flush(); } break; @@ -133,9 +133,6 @@ switch($_GET["task"]){ if ( ! isset($_GET["id"]) || $_GET["id"] == 0 || $_GET["id"] == "" ){ print_list("update"); } else { - //$sql = $db->prepare("UPDATE " . DBPREFIX . "member SET name = %s, adresse = %s, telefonnummer = %s, handynummer = %s, email = %s, geburtstag = %s WHERE member_id = %d;", - // $_POST["name"], $_POST["adresse"], $_POST["telefonnummer"], $_POST["handynummer"], $_POST["email"], $_POST["geburtstag"], $_GET["id"] - //); $sql = $db->prepare("DELETE FROM " . DBPREFIX . "member WHERE member_id = %d;", $_GET["id"]); if ( ! $sql ){ ob_clean(); @@ -144,7 +141,6 @@ switch($_GET["task"]){ } if ( $result = $db->doQuery($sql) ){ header($_SERVER["SERVER_PROTOCOL"] . " 302 Moved"); - //header("Location: /?page=" . $_GET["goto"]); header("Location: /?page=liste"); $c->flush(); exit; @@ -250,25 +246,25 @@ JG Adlershof"; } break; case("download"): - lredirect("liste"); - $file = '/tmp/jg_data.txt'; - $fp=fopen($file, 'w'); if( ! isset($_GET["type"]) || $_GET["type"] == "" || $_GET["type"] == "plain" ){ $content = "Adressliste der JG \n"; $content .= "# | Name | Adresse | Telefon | Handy | E-Mail | Geburtstag\n"; + $type = "plain"; + $suffix = ".txt"; } else { $content = "Adressliste der JG \n"; + $type = "csv"; + $suffix = ".csv"; } + lredirect("download;type=".$type); $res = $db->doQuery("SELECT * FROM " . DBPREFIX . "member;"); $content .= "\n"; $count = 1; - //while ($row = $res->fetch_array(MYSQLI_ASSOC) ){ while ($row = $res->fetch_array() ){ - if( ! isset($_GET["type"]) || $_GET["type"] == "" || $_GET["type"] == "plain" ){ + if ( $type == "plain" ){ $content .= $count . " | " . $row["name"] . " | " . $row["adresse"] . " | " . $row["telefonnummer"] . " | " . $row["handynummer"] . " | " . $row["email"] . " | " . $row["geburtstag"] . "\n"; - - }else if(($_GET["type"] == "csv")){ + } else { $content .= $count; for ( $i=1;$i<7;$i++){ $content .= ';' . $row[$i]; @@ -278,13 +274,11 @@ JG Adlershof"; $count++; } - fputs($fp, $content); - fclose($fp); ob_clean(); - header("Content-Type: text/plain; Charset=UTF-8"); - header("Content-Disposition: attachment; filename=\"JG Adressliste ".time().".txt\""); - readfile($file); - unlink($file); + header("Content-Type: text/".$type."; Charset=UTF-8"); + header("Content-Disposition: attachment; filename=\"JG Adressliste ".date("j.n.Y", time()).$suffix."\""); + echo $content; + ob_end_flush(); exit; break; default: |