melder/admin/configuration_chk.php

<?php
    session_start();
    $strLoginName=(isset($_SESSION['user'])) ? $_SESSION['user'] : "" ;
    $boolLogin = (!empty($strLoginName));
    if (!$boolLogin) {
        header("Location: login.php");
    }
    require("../config.php");

    if($_POST['csrf'] !== $_SESSION['csrf_token']) {
        die("Ungültiger Token");
      }
    $boolRating   = (isset($_POST['rating'])) ? "1" : "0";
    $boolComment  = (isset($_POST['comment'])) ? "1" : "0";
    $boolUpload   = (isset($_POST['fileupload'])) ? "1" : "0";
    $boolUserinfo = (isset($_POST['userinfo'])) ? "1" : "0";
    $boolDefect   = (isset($_POST['defect'])) ? "1" : "0";
    $boolDistrictSelection =  (isset($_POST['districtSelection'])) ? "1" : "0";
    $boolApprove   = (isset($_POST['approve'])) ? "1" : "0";
    $boolSidebar   = (isset($_POST['sidebar'])) ? "1" : "0";

    $strUploaddir = $_POST['uploaddir'];
    $strTitle   = $_POST['title'];
    $strLogo     = $_POST['logo'];
    $contactEmail= $_POST['contactEmail'];
    $strImpressum= $_POST['impressum'];
    $strUrl      = $_POST['url'];
    $strUrlBez   = $_POST['urlBez'];
    $strIntroText= $_POST['introtext'];

    $strImpressum=addslashes($strImpressum);
    $strIntroText=addslashes($strIntroText);

    $db->query("UPDATE `config` SET `value`= '$strUploaddir' WHERE `key`='uploaddir'");
    $db->query("UPDATE `config` SET `value`= '$strTitle' WHERE `key`='title'");
    $db->query("UPDATE `config` SET `value`= '$strLogo' WHERE `key`='logo'");
    $db->query("UPDATE `config` SET `value`= '$contactEmail' WHERE `key`='contactEmail'");
    $db->query("UPDATE `config` SET `value`= '$strImpressum' WHERE `key`='impressum'");
    $db->query("UPDATE `config` SET `value`= '$strUrlBez' WHERE `key`='UrlBez'");
    $db->query("UPDATE `config` SET `value`= '$strUrl' WHERE `key`='url'");
    $db->query("UPDATE `config` SET `value`= '$strIntroText' WHERE `key`='IntroText'");
    $db->query("UPDATE `config` SET `value`= '$boolRating' WHERE `key`='boolRating'");
    $db->query("UPDATE `config` SET `value`= '$boolComment' WHERE `key`='boolComment'");
    $db->query("UPDATE `config` SET `value`= '$boolUserinfo' WHERE `key`='boolUserinfo'");
    $db->query("UPDATE `config` SET `value`= '$boolDefect' WHERE `key`='boolDefect'");
    $db->query("UPDATE `config` SET `value`= '$boolUpload' WHERE `key`='boolUpload'");
    $db->query("UPDATE `config` SET `value`= '$boolApprove' WHERE `key`='boolApprove'");
    $db->query("UPDATE `config` SET `value`= '$boolSidebar' WHERE `key`='boolSidebar'");
    $db->query("UPDATE `config` SET `value`= '$boolDistrictSelection' WHERE `key`='boolDistrictSelection'");
    header("Location: configuration.php");
Alter Version 2024-02-16 15:35:01 +01:00			`<?php`
			`session_start();`
			`$strLoginName=(isset($_SESSION['user'])) ? $_SESSION['user'] : "" ;`
			`$boolLogin = (!empty($strLoginName));`
			`if (!$boolLogin) {`
			`header("Location: login.php");`
			`}`
			`require("../config.php");`

			`if($_POST['csrf'] !== $_SESSION['csrf_token']) {`
			`die("Ungültiger Token");`
			`}`
			`$boolRating = (isset($_POST['rating'])) ? "1" : "0";`
			`$boolComment = (isset($_POST['comment'])) ? "1" : "0";`
			`$boolUpload = (isset($_POST['fileupload'])) ? "1" : "0";`
			`$boolUserinfo = (isset($_POST['userinfo'])) ? "1" : "0";`
			`$boolDefect = (isset($_POST['defect'])) ? "1" : "0";`
District Selection 2024-02-21 07:55:02 +01:00			`$boolDistrictSelection = (isset($_POST['districtSelection'])) ? "1" : "0";`
approve in configuration 2024-03-11 19:30:21 +01:00			`$boolApprove = (isset($_POST['approve'])) ? "1" : "0";`
sidebar 2024-03-15 19:46:25 +01:00			`$boolSidebar = (isset($_POST['sidebar'])) ? "1" : "0";`
Alter Version 2024-02-16 15:35:01 +01:00
			`$strUploaddir = $_POST['uploaddir'];`
			`$strTitle = $_POST['title'];`
			`$strLogo = $_POST['logo'];`
			`$contactEmail= $_POST['contactEmail'];`
			`$strImpressum= $_POST['impressum'];`
			`$strUrl = $_POST['url'];`
			`$strUrlBez = $_POST['urlBez'];`
			`$strIntroText= $_POST['introtext'];`

			`$strImpressum=addslashes($strImpressum);`
			`$strIntroText=addslashes($strIntroText);`

active districts 2024-02-18 18:04:28 +01:00			$db->query("UPDATE `config` SET `value`= '$strUploaddir' WHERE `key`='uploaddir'");
			$db->query("UPDATE `config` SET `value`= '$strTitle' WHERE `key`='title'");
			$db->query("UPDATE `config` SET `value`= '$strLogo' WHERE `key`='logo'");
			$db->query("UPDATE `config` SET `value`= '$contactEmail' WHERE `key`='contactEmail'");
			$db->query("UPDATE `config` SET `value`= '$strImpressum' WHERE `key`='impressum'");
			$db->query("UPDATE `config` SET `value`= '$strUrlBez' WHERE `key`='UrlBez'");
			$db->query("UPDATE `config` SET `value`= '$strUrl' WHERE `key`='url'");
			$db->query("UPDATE `config` SET `value`= '$strIntroText' WHERE `key`='IntroText'");
			$db->query("UPDATE `config` SET `value`= '$boolRating' WHERE `key`='boolRating'");
			$db->query("UPDATE `config` SET `value`= '$boolComment' WHERE `key`='boolComment'");
			$db->query("UPDATE `config` SET `value`= '$boolUserinfo' WHERE `key`='boolUserinfo'");
			$db->query("UPDATE `config` SET `value`= '$boolDefect' WHERE `key`='boolDefect'");
			$db->query("UPDATE `config` SET `value`= '$boolUpload' WHERE `key`='boolUpload'");
approve in configuration 2024-03-11 19:30:21 +01:00			$db->query("UPDATE `config` SET `value`= '$boolApprove' WHERE `key`='boolApprove'");
sidebar 2024-03-15 19:46:25 +01:00			$db->query("UPDATE `config` SET `value`= '$boolSidebar' WHERE `key`='boolSidebar'");
District Selection 2024-02-21 07:55:02 +01:00			$db->query("UPDATE `config` SET `value`= '$boolDistrictSelection' WHERE `key`='boolDistrictSelection'");
Alter Version 2024-02-16 15:35:01 +01:00			`header("Location: configuration.php");`