This commit is contained in:
Walter Hupfeld 2024-02-21 10:29:10 +01:00
parent b746e13d3a
commit b8671a54a8
4 changed files with 23 additions and 10 deletions

View File

@ -19,14 +19,19 @@
include("../config.php"); include("../config.php");
$boolShowmap=false; $boolShowmap=false;
$sqlDistrict = ($boolSuperAdmin) ? "1" : "l.district='$strDistrict'";
// Eintag löschen
if (isset($_GET['delid'])) { if (isset($_GET['delid'])) {
if($_GET['csrf'] !== $_SESSION['csrf_token']) { if($_GET['csrf'] !== $_SESSION['csrf_token']) {
die("Ungültiger Token"); die("Ungültiger Token");
} }
$numDelete = (int)$_GET['delid']; $numDelete = (int)$_GET['delid'];
$stmt = $db->prepare("DELETE FROM location WHERE id = :id");
$stmt = $db->prepare("DELETE FROM location WHERE id = :id AND district=:district");
$stmt->bindValue(":id",$numDelete); $stmt->bindValue(":id",$numDelete);
$stmt->bindValue(":district",$strDistrict);
$stmt->execute(); $stmt->execute();
$stmt = $db->prepare("DELETE FROM comment WHERE loc_id= :loc_id"); $stmt = $db->prepare("DELETE FROM comment WHERE loc_id= :loc_id");
@ -47,6 +52,7 @@
$stmt->execute(); $stmt->execute();
} }
// Kommentar löschen
if (isset($_GET['delcid'])) { if (isset($_GET['delcid'])) {
if($_GET['csrf'] !== $_SESSION['csrf_token']) { if($_GET['csrf'] !== $_SESSION['csrf_token']) {
die("Ungültiger Token"); die("Ungültiger Token");
@ -57,7 +63,7 @@
$stmt->execute(); $stmt->execute();
} }
// Bild löschen
if (isset($_GET['delfid'])) { if (isset($_GET['delfid'])) {
if($_GET['csrf'] !== $_SESSION['csrf_token']) { if($_GET['csrf'] !== $_SESSION['csrf_token']) {
die("Ungültiger Token"); die("Ungültiger Token");
@ -78,6 +84,7 @@
} }
// Karte zeigen
if (isset($_GET['showmap'])) { if (isset($_GET['showmap'])) {
$numShowmap=(int)$_GET['showmap']; $numShowmap=(int)$_GET['showmap'];
$boolShowmap=$numShowmap==1; $boolShowmap=$numShowmap==1;
@ -180,7 +187,10 @@
<?php <?php
$strScript=""; $strScript="";
//$strSQL="SELECT * FROM location ORDER BY created_at DESC"; //$strSQL="SELECT * FROM location ORDER BY created_at DESC";
$strSQL="SELECT l.id as lid,l.*,adr.* FROM location l LEFT JOIN address adr ON l.id=adr.loc_id ORDER BY created_at ASC"; $strSQL="SELECT l.id as lid,l.*,adr.*
FROM location l LEFT JOIN address adr ON l.id=adr.loc_id
WHERE $sqlDistrict
ORDER BY created_at ASC";
$result = $db->query($strSQL); $result = $db->query($strSQL);
while ($row = $result->fetch(PDO::FETCH_ASSOC)) { while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
$id = $row['lid']; $id = $row['lid'];

View File

@ -7,9 +7,8 @@
header("Location: login.php"); header("Location: login.php");
} }
$dbFilename = "../db/locations.db";
include("../config.php"); include("../config.php");
$sqlDistrict = ($boolSuperAdmin) ? "1" : "l.district='$strDistrict'";
$arrTopic = array ( $arrTopic = array (
@ -70,7 +69,10 @@
<?php <?php
$strScript=""; $strScript="";
$strSQL="SELECT l.id as lid,l.*,adr.* FROM location l LEFT JOIN address adr ON l.id=adr.loc_id ORDER BY city,postcode,suburb,hamlet,road ASC"; $strSQL="SELECT l.id as lid,l.*,adr.*
FROM location l LEFT JOIN address adr ON l.id=adr.loc_id
WHERE $sqlDistrict
ORDER BY city,postcode,suburb,hamlet,road ASC";
$result = $db->query($strSQL); $result = $db->query($strSQL);
while ($row = $result->fetch(PDO::FETCH_ASSOC)) { while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
$id = $row['lid']; $id = $row['lid'];
@ -132,7 +134,6 @@ $( document ).ready(function() {
'Imagery © <a href="https://www.mapbox.com/">Mapbox</a>'; 'Imagery © <a href="https://www.mapbox.com/">Mapbox</a>';
var infoMarker = L.AwesomeMarkers.icon({icon: 'info', prefix: 'fa', markerColor: 'orange'}); var infoMarker = L.AwesomeMarkers.icon({icon: 'info', prefix: 'fa', markerColor: 'orange'});
<?= $strScript ?> <?= $strScript ?>

View File

@ -11,6 +11,8 @@
require_once("config.db.php"); require_once("config.db.php");
$boolSuperAdmin=false;
$strSQL = "select * from config"; $strSQL = "select * from config";
$result = $db->query($strSQL); $result = $db->query($strSQL);

View File

@ -109,7 +109,7 @@ function fillAddressTable($db,$limit=20) {
} }
$strTable .= "</tr>"; $strTable .= "</tr>";
sleep(0.5); //api restriction sleep(1); //api restriction
writeAddress($db,$id,$data); writeAddress($db,$id,$data);
} }
} }