This commit is contained in:
Walter Hupfeld 2024-02-21 10:29:10 +01:00
parent b746e13d3a
commit b8671a54a8
4 changed files with 23 additions and 10 deletions

View File

@ -19,14 +19,19 @@
include("../config.php");
$boolShowmap=false;
$sqlDistrict = ($boolSuperAdmin) ? "1" : "l.district='$strDistrict'";
// Eintag löschen
if (isset($_GET['delid'])) {
if($_GET['csrf'] !== $_SESSION['csrf_token']) {
die("Ungültiger Token");
}
$numDelete = (int)$_GET['delid'];
$stmt = $db->prepare("DELETE FROM location WHERE id = :id");
$stmt = $db->prepare("DELETE FROM location WHERE id = :id AND district=:district");
$stmt->bindValue(":id",$numDelete);
$stmt->bindValue(":district",$strDistrict);
$stmt->execute();
$stmt = $db->prepare("DELETE FROM comment WHERE loc_id= :loc_id");
@ -47,6 +52,7 @@
$stmt->execute();
}
// Kommentar löschen
if (isset($_GET['delcid'])) {
if($_GET['csrf'] !== $_SESSION['csrf_token']) {
die("Ungültiger Token");
@ -57,7 +63,7 @@
$stmt->execute();
}
// Bild löschen
if (isset($_GET['delfid'])) {
if($_GET['csrf'] !== $_SESSION['csrf_token']) {
die("Ungültiger Token");
@ -78,6 +84,7 @@
}
// Karte zeigen
if (isset($_GET['showmap'])) {
$numShowmap=(int)$_GET['showmap'];
$boolShowmap=$numShowmap==1;
@ -180,7 +187,10 @@
<?php
$strScript="";
//$strSQL="SELECT * FROM location ORDER BY created_at DESC";
$strSQL="SELECT l.id as lid,l.*,adr.* FROM location l LEFT JOIN address adr ON l.id=adr.loc_id ORDER BY created_at ASC";
$strSQL="SELECT l.id as lid,l.*,adr.*
FROM location l LEFT JOIN address adr ON l.id=adr.loc_id
WHERE $sqlDistrict
ORDER BY created_at ASC";
$result = $db->query($strSQL);
while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
$id = $row['lid'];

View File

@ -7,9 +7,8 @@
header("Location: login.php");
}
$dbFilename = "../db/locations.db";
include("../config.php");
$sqlDistrict = ($boolSuperAdmin) ? "1" : "l.district='$strDistrict'";
$arrTopic = array (
@ -70,7 +69,10 @@
<?php
$strScript="";
$strSQL="SELECT l.id as lid,l.*,adr.* FROM location l LEFT JOIN address adr ON l.id=adr.loc_id ORDER BY city,postcode,suburb,hamlet,road ASC";
$strSQL="SELECT l.id as lid,l.*,adr.*
FROM location l LEFT JOIN address adr ON l.id=adr.loc_id
WHERE $sqlDistrict
ORDER BY city,postcode,suburb,hamlet,road ASC";
$result = $db->query($strSQL);
while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
$id = $row['lid'];
@ -132,7 +134,6 @@ $( document ).ready(function() {
'Imagery © <a href="https://www.mapbox.com/">Mapbox</a>';
var infoMarker = L.AwesomeMarkers.icon({icon: 'info', prefix: 'fa', markerColor: 'orange'});
<?= $strScript ?>

View File

@ -11,6 +11,8 @@
require_once("config.db.php");
$boolSuperAdmin=false;
$strSQL = "select * from config";
$result = $db->query($strSQL);

View File

@ -109,7 +109,7 @@ function fillAddressTable($db,$limit=20) {
}
$strTable .= "</tr>";
sleep(0.5); //api restriction
sleep(1); //api restriction
writeAddress($db,$id,$data);
}
}