From 5fd594a1033a7b0f64474ad557ab6f951d4b37a7 Mon Sep 17 00:00:00 2001
From: Walter Hupfeld <Walter.Hupfeld@gmx.de>
Date: Sun, 18 Feb 2024 10:40:48 +0100
Subject: [PATCH] fixes

---
 admin/create_database.php |  4 ++--
 admin/dump.php            |  4 +++-
 admin/export.php          |  2 +-
 admin/geocoding.php       | 11 ++++++++++-
 admin/index.php           |  7 ++++---
 config.db.php             |  2 ++
 config.db.php.sample      | 14 ++++++++++++++
 lib/geocoding.php         |  9 ++++-----
 8 files changed, 40 insertions(+), 13 deletions(-)
 create mode 100644 config.db.php.sample

diff --git a/admin/create_database.php b/admin/create_database.php
index d8f84b5..9d92fed 100644
--- a/admin/create_database.php
+++ b/admin/create_database.php
@@ -1,8 +1,8 @@
 <?php
+exit();
 
 date_default_timezone_set('UTC');
-
-$db = new SQLite3($dbFilename);
+require("../config.db.php");
 
 $db->exec("CREATE TABLE IF NOT EXISTS location(
     id INTEGER PRIMARY KEY AUTOINCREMENT,
diff --git a/admin/dump.php b/admin/dump.php
index 8da3289..27e6ce8 100644
--- a/admin/dump.php
+++ b/admin/dump.php
@@ -6,6 +6,7 @@
  * E-Mail: info@hupfeld-software.de
  * Version: 1.0
  * Datum: 18.05.2021
+ * zuletzt geändert: 18.02.2024
  ******************************** */
 
   session_start();
@@ -14,7 +15,8 @@
   if (!$boolLogin) {
       header("Location: login.php");
   }
-  $dbFilename="../db/locations.db";
+  
+  require("../config.db.php");
   require ("../config.php");
 
   // Set headers to make the browser download the results as a csv file
diff --git a/admin/export.php b/admin/export.php
index 14faa2f..538aa4e 100644
--- a/admin/export.php
+++ b/admin/export.php
@@ -6,6 +6,7 @@
  * E-Mail: info@hupfeld-software.de
  * Version: 1.0
  * Datum: 18.05.2021
+ * zuletzt geändert: 18.02.2024
  ******************************** */
 
     session_start();
@@ -14,7 +15,6 @@
     if (!$boolLogin) {
         header("Location: login.php");
     }
-    $dbFilename="../db/locations.db";
     require ("../config.php");
 ?>
 <!DOCTYPE html>
diff --git a/admin/geocoding.php b/admin/geocoding.php
index 94996b4..3ae94da 100644
--- a/admin/geocoding.php
+++ b/admin/geocoding.php
@@ -1,11 +1,20 @@
 <?php
+/** *****************************
+ * Ideenmelder
+ * Autor: Walter Hupfeld, Hamm
+ * E-Mail: info@hupfeld-software.de
+ * Version: 1.0
+ * Datum: 18.05.2021
+ * zuletzt geändert: 18.02.2024
+ */
+
     session_start();
     $strLoginName=(isset($_SESSION['user'])) ? $_SESSION['user'] : "" ;
     $boolLogin = (!empty($strLoginName));
     if (!$boolLogin) {
         header("Location: login.php");
     }
-    $dbFilename="../db/locations.db";
+    require_once("../config.db.php");
     require ("../config.php");
     require ("../lib/geocoding.php");
     $boolRefresh = (isset($_GET['refresh']) & $_GET['refresh']==1);
diff --git a/admin/index.php b/admin/index.php
index 71247aa..6d66586 100644
--- a/admin/index.php
+++ b/admin/index.php
@@ -36,7 +36,6 @@
 
         $stmt = $db->prepare("SELECT * FROM files where loc_id = :loc_id");
         $stmt->bindValue(":loc_id", $numDelete, PDO::PARAM_INT);
-        $result = $stmt->execute();
 
         if ($row = $result->fetch(PDO::FETCH_ASSOC)) {
             $strFilename = $row['filename'];
@@ -64,10 +63,11 @@
         if($_GET['csrf'] !== $_SESSION['csrf_token']) {
             die("Ungültiger Token");
         }
+        
         $numDelete=(int)$_GET['delfid'];
         $stmt = $db->prepare("SELECT * FROM files where id = :id");
-        $stmt->bindValue(":id", $numDelete, SQLITE3_TEXT);
-        $result = $stmt->execute();
+        $stmt->bindParam(':id', $id);
+        //$result = $stmt->execute();
         if ($row=$result->fetch(PDO::FETCH_ASSOC)) {
             $strFilename = $row['filename'];
             $strFilename = $uploaddir . $strFilename;
@@ -76,6 +76,7 @@
         $stmt = $db->prepare("DELETE FROM files WHERE id= :id");
         $stmt->bindValue(":id",$numDelete);
         $stmt->execute();
+        
     }
 
     if (isset($_GET['showmap'])) {
diff --git a/config.db.php b/config.db.php
index 27e9d28..31bed52 100644
--- a/config.db.php
+++ b/config.db.php
@@ -7,6 +7,8 @@ $db_passwd = "g0r@w@";
 $db_name =  "nrw_melder";
 $cachetime = 0;
 
+$location_key="8b0d633d90b501";
+
 try {
     $db = new PDO('mysql:host='.$db_server.';dbname='.$db_name.';charset=utf8mb4', $db_user, $db_passwd);
 } catch (PDOException $e) {echo "Fehler: ".$e->getMessage();  die();}
diff --git a/config.db.php.sample b/config.db.php.sample
new file mode 100644
index 0000000..8eaad4f
--- /dev/null
+++ b/config.db.php.sample
@@ -0,0 +1,14 @@
+<?
+
+$db_server = "mariadb";
+$db_user   = "";
+$db_passwd = "";
+
+$db_name =  "nrw_melder";
+$cachetime = 0;
+
+$location_key="";
+
+try {
+    $db = new PDO('mysql:host='.$db_server.';dbname='.$db_name.';charset=utf8mb4', $db_user, $db_passwd);
+} catch (PDOException $e) {echo "Fehler: ".$e->getMessage();  die();}
diff --git a/lib/geocoding.php b/lib/geocoding.php
index 1371a29..110dee9 100644
--- a/lib/geocoding.php
+++ b/lib/geocoding.php
@@ -7,14 +7,14 @@
  *  Returns: data-array 
  * ----------------------------------------------------- */
 
-//$dbFilename = "../db/locations.db";
-//$db = new SQLite3($dbFilename);
 
+require("../config.db.php");
 
 function getAddress($lat,$lng) {
 
-    $key="your-key-here";
-    $url="https://us1.locationiq.com/v1/reverse.php?key=".$key."&lat=".$lat."&lon=".$lng."&format=json";
+    $key = $location_key;
+    $url = "https://us1.locationiq.com/v1/reverse.php?key=".$key."&lat=".$lat."&lon=".$lng."&format=json";
+
 
     $curl = curl_init($url);
 
@@ -102,7 +102,6 @@ function fillAddressTable($db,$limit=20) {
             $lat=$row['lat'];
             $lng=$row['lng'];
             $data=getAddress($lat,$lng);
-
             $strTable .= "<tr><td>$id</td><td>$lat</td><td>$lng</td>";
             foreach ($arrKeys as $key) {
                 $strTable .=   (isset($data[$key])) ? "<td>".$data[$key]."</td>" : "<td></td>";