fix
This commit is contained in:
parent
f79819fda7
commit
beba08d4ff
@ -29,16 +29,19 @@
|
||||
$boolShowmap=false;
|
||||
|
||||
$sqlDistrict = ($boolSuperAdmin) ? "1" : "l.district='$strDistrict'";
|
||||
$strDistrictTitle = ($boolSuperAdmin) ? "" : $strDistrictTitle;
|
||||
|
||||
// Eintag löschen
|
||||
// --------- Eintag löschen -----------------
|
||||
if (isset($_GET['delid'])) {
|
||||
if($_GET['csrf'] !== $_SESSION['csrf_token']) {
|
||||
die("Ungültiger Token");
|
||||
}
|
||||
$numDelete = (int)$_GET['delid'];
|
||||
|
||||
|
||||
$stmt = $db->prepare("DELETE FROM location WHERE id = :id AND district=:district");
|
||||
if ($superAmdin) {
|
||||
$stmt = $db->prepare("DELETE FROM location WHERE id = :id AND district=:district");}
|
||||
else {
|
||||
$stmt = $db->prepare("DELETE FROM location WHERE id = :id AND district=:district");}
|
||||
$stmt->bindValue(":id",$numDelete);
|
||||
$stmt->bindValue(":district",$strDistrict);
|
||||
$stmt->execute();
|
||||
@ -61,7 +64,8 @@
|
||||
$stmt->execute();
|
||||
}
|
||||
|
||||
// Kommentar löschen
|
||||
// ------- Kommentar löschen ------------
|
||||
// keine Überprüfung - ob richtiger District
|
||||
if (isset($_GET['delcid'])) {
|
||||
if($_GET['csrf'] !== $_SESSION['csrf_token']) {
|
||||
die("Ungültiger Token");
|
||||
@ -72,6 +76,8 @@
|
||||
$stmt->execute();
|
||||
}
|
||||
|
||||
// --------- Feigabe verändern -------------
|
||||
// Keine Überprüfung, ob richtiger District
|
||||
if (isset($_GET['approvalId'])) {
|
||||
if($_GET['csrf'] !== $_SESSION['csrf_token']) {
|
||||
die("Ungültiger Token");
|
||||
@ -82,7 +88,8 @@
|
||||
$stmt->execute();
|
||||
}
|
||||
|
||||
// Bild löschen
|
||||
// ----------- Bild löschen -----------------
|
||||
// Keine Überprüfung, ob richtiger District
|
||||
if (isset($_GET['delfid'])) {
|
||||
if($_GET['csrf'] !== $_SESSION['csrf_token']) {
|
||||
die("Ungültiger Token");
|
||||
@ -206,11 +213,11 @@
|
||||
|
||||
<?php
|
||||
$strScript="";
|
||||
//$strSQL="SELECT * FROM location ORDER BY created_at DESC";
|
||||
//$strSQL="SELECT * FROM location ORDER BY appoval, created_at DESC";
|
||||
$strSQL="SELECT l.id as lid,l.*,adr.*
|
||||
FROM location l LEFT JOIN address adr ON l.id=adr.loc_id
|
||||
WHERE $sqlDistrict
|
||||
ORDER BY created_at ASC";
|
||||
ORDER BY approval, created_at ASC";
|
||||
$result = $db->query($strSQL);
|
||||
while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
|
||||
$id = $row['lid'];
|
||||
@ -242,8 +249,9 @@
|
||||
.$row['hamlet']." "
|
||||
.$row['suburb']."<br>"
|
||||
.$row['postcode']." ".$row['city']."</td>";
|
||||
$strDefect = (isset($row['defect']) && $row['defect']>0) ? $arrDefect[$row['defect']] : "";
|
||||
$strDefect = (isset($row['defect']) && $row['defect']>=0) ? $arrDefect[$row['defect']] : "";
|
||||
echo "<td id='defect_".$id."' value='".$row['defect']."'>".$strDefect."</td>\n";
|
||||
// NRW-Hindernismelder keine leere Eingabe
|
||||
|
||||
echo "<td id='img_".$id."'>";
|
||||
$strSQL = "SELECT id,filename FROM files WHERE loc_id=".$id;
|
||||
@ -254,7 +262,8 @@
|
||||
echo "<a href='".$_SERVER['PHP_SELF']."?delfid=".$file['id']."&csrf=".$_SESSION['csrf_token']."'><i class='fa fa-trash'></i></a>";
|
||||
}
|
||||
echo "</td>\n";
|
||||
// Karte einblenden
|
||||
|
||||
// Karte einblenden - Für HTML-Export
|
||||
if ($boolShowmap) {
|
||||
echo "<td><div class='tdmap' id='map_".$id."'></div></td>\n";
|
||||
}
|
||||
@ -262,15 +271,18 @@
|
||||
echo "<td>".round($row['lat'],5)." ".round($row['lng'],5)."</td>";
|
||||
}
|
||||
echo "<td>".$row['created_at']."</td>";
|
||||
|
||||
if ($boolApprove) {
|
||||
$strApproved = ($row['approval']) ? "<i class='fa fa-check' style='color:green'></i>"
|
||||
: "<i class='fa fa-circle' style='color:red'></i>" ;
|
||||
echo "<td>".$strApproved." <a href='".$_SERVER['PHP_SELF']."?approvalId=".$id."&csrf=".$_SESSION['csrf_token']."'>change</td>";
|
||||
$strApproved .= " <i class='fa fa-recycle'></i>";
|
||||
echo "<td><a href='".$_SERVER['PHP_SELF']."?approvalId=".$id."&csrf=".$_SESSION['csrf_token']."'>".$strApproved."</a></td>";
|
||||
}
|
||||
echo "<td><a class='del' href='".$_SERVER['PHP_SELF']."?delid=".$id."&csrf=".$_SESSION['csrf_token']."'><i class='fa fa-trash'></i></a> ";
|
||||
echo "<a class='edit_defect' href='#' id='edit_".$id."' value='".$id."'><i class='fa fa-pencil'></i></a>";
|
||||
echo "</td>";
|
||||
echo "</tr>\n";
|
||||
|
||||
if ($boolShowmap) {
|
||||
$strScript.="var mymap_".$id." = L.map(map_".$id.").setView([".$row['lat'].", ".$row['lng']."], 16);\n";
|
||||
$strScript.="L.tileLayer(url, {maxZoom: 18,minZoom:12,attribution: attribution,id: 'mapbox/streets-v11',tileSize: 512,zoomOffset: -1}).addTo(mymap_".$id.")\n";
|
||||
@ -288,7 +300,6 @@
|
||||
<script>
|
||||
$( document ).ready(function() {
|
||||
|
||||
|
||||
var url = 'https://api.mapbox.com/styles/v1/{id}/tiles/{z}/{x}/{y}?access_token=pk.eyJ1IjoibWFwYm94IiwiYSI6ImNpejY4NXVycTA2emYycXBndHRqcmZ3N3gifQ.rJcFIG214AriISLbB6B5aw';
|
||||
var attribution = 'Map data © <a href="https://www.openstreetmap.org/">OpenStreetMap</a> contributors, ' +
|
||||
'<a href="https://creativecommons.org/licenses/by-sa/2.0/">CC-BY-SA</a>, ' +
|
||||
@ -313,11 +324,13 @@ $( document ).ready(function() {
|
||||
return false;
|
||||
})
|
||||
|
||||
//Sicherheitsabfrage beim Löschen von Einträgen
|
||||
$(".del").click(function () {
|
||||
result=confirm("Wirklich löschen?");
|
||||
return result===true;
|
||||
})
|
||||
|
||||
|
||||
$("#editobjectform").submit(function(event){
|
||||
event.preventDefault();
|
||||
|
||||
@ -331,7 +344,6 @@ $( document ).ready(function() {
|
||||
processData: false,
|
||||
contentType: false,
|
||||
cache: false,
|
||||
|
||||
success: function(data)
|
||||
{
|
||||
$("#dialog_defect").hide();
|
||||
|
Loading…
Reference in New Issue
Block a user