From 27bc0fe2182afafee830bda8b161f67282f631c8 Mon Sep 17 00:00:00 2001
From: root
Date: Tue, 30 Sep 2014 04:39:21 +0200
Subject: fixed bug, added download page, prettified 404 page and general
 design

---
 action.php | 32 +++++++++++++-------------------
 1 file changed, 13 insertions(+), 19 deletions(-)

(limited to 'action.php')

diff --git a/action.php b/action.php
index 1b48aeb..2f1bb58 100644
--- a/action.php
+++ b/action.php
@@ -23,8 +23,9 @@ switch($_GET["task"]){
 		if ( ! isset($_POST["name"]) || $_POST["name"] == "" || ! isset($_POST["password"]) || $_POST["password"] == "" ){
 			print_login("missing");
 		} else 	if ( $user->login($_POST["name"], $_POST["password"]) ){
+			$goto = preg_replace("/;/", "&", $_GET["goto"]);
 			header($_SERVER["SERVER_PROTOCOL"] . " 302 Moved");
-			header("Location: /?page=" . $_GET["goto"]);
+			header("Location: /?page=" . $goto);
 			ob_clean();
 			exit;
 		} else {
@@ -118,7 +119,6 @@ switch($_GET["task"]){
 		if ( $result = $db->doQuery($sql) ){
 			header($_SERVER["SERVER_PROTOCOL"] . " 302 Moved");
 			header("Location: /?page=" . $_GET["goto"]);
-			//$c->flush($_GET["_flush"]);
 			$c->flush();
 		}
 		break;
@@ -133,9 +133,6 @@ switch($_GET["task"]){
 		if ( ! isset($_GET["id"]) || $_GET["id"] == 0 || $_GET["id"] == "" ){
 			print_list("update");
 		} else {
-			//$sql = $db->prepare("UPDATE " . DBPREFIX . "member SET name = %s, adresse = %s, telefonnummer = %s, handynummer = %s, email = %s, geburtstag = %s WHERE member_id = %d;", 
-			//	$_POST["name"], $_POST["adresse"], $_POST["telefonnummer"], $_POST["handynummer"], $_POST["email"], $_POST["geburtstag"], $_GET["id"]
-			//);
 			$sql = $db->prepare("DELETE FROM " . DBPREFIX . "member WHERE member_id = %d;", $_GET["id"]);
 			if ( ! $sql ){
 				ob_clean();
@@ -144,7 +141,6 @@ switch($_GET["task"]){
 			}
 			if ( $result = $db->doQuery($sql) ){
 				header($_SERVER["SERVER_PROTOCOL"] . " 302 Moved");
-				//header("Location: /?page=" . $_GET["goto"]);
 				header("Location: /?page=liste");
 				$c->flush();
 				exit;
@@ -250,25 +246,25 @@ JG Adlershof";
 		}
 		break;
 	case("download"):
-		lredirect("liste");
-		$file = '/tmp/jg_data.txt';
-		$fp=fopen($file, 'w');
 		if( ! isset($_GET["type"]) || $_GET["type"] == "" || $_GET["type"] == "plain" ){
 			$content = "Adressliste der JG \n";
 			$content .= "# | Name | Adresse | Telefon | Handy | E-Mail | Geburtstag\n";
+			$type = "plain";
+			$suffix = ".txt";
 		} else { 
 			$content = "Adressliste der JG \n";
+			$type = "csv";
+			$suffix = ".csv";
 		}
+		lredirect("download;type=".$type);
 		$res = $db->doQuery("SELECT * FROM " . DBPREFIX . "member;");
 		$content .= "\n";
 		$count = 1;
-		//while ($row = $res->fetch_array(MYSQLI_ASSOC) ){
 		while ($row = $res->fetch_array() ){
 
-			if( ! isset($_GET["type"]) || $_GET["type"] == "" || $_GET["type"] == "plain" ){
+			if ( $type == "plain" ){
 				$content .= $count . " | " . $row["name"] . " | " . $row["adresse"] . " | " . $row["telefonnummer"] . " | " . $row["handynummer"] . " | " . $row["email"] . " | " . $row["geburtstag"] . "\n";
-
-			}else if(($_GET["type"] == "csv")){
+			} else {
 				$content .= $count;
 				for ( $i=1;$i<7;$i++){
 					$content .= ';' . $row[$i];
@@ -278,13 +274,11 @@ JG Adlershof";
 			$count++;
 		}
 		
-		fputs($fp, $content);
-		fclose($fp);
 		ob_clean();
-		header("Content-Type: text/plain; Charset=UTF-8");
-		header("Content-Disposition: attachment; filename=\"JG Adressliste ".time().".txt\"");
-		readfile($file);
-		unlink($file);
+		header("Content-Type: text/".$type."; Charset=UTF-8");
+		header("Content-Disposition: attachment; filename=\"JG Adressliste ".date("j.n.Y", time()).$suffix."\"");
+		echo $content;
+		ob_end_flush();
 		exit;
 		break;
 	default:
-- 
cgit v1.2.3