district select
This commit is contained in:
Walter Hupfeld
@@ -137,7 +137,25 @@
|
||||
<input type="submit" class="btn btn-primary" value="Konfiguration ändern">
|
||||
</form>
|
||||
<?php endif; ?>
|
||||
<br><br><br>
|
||||
<br><br><br>
|
||||
|
||||
<h2>Auswahl Kreise und kreisfreie Städte</h2>
|
||||
<form method="post" id="districtform" action="district_chk.php">
|
||||
<?php
|
||||
$strSQL="select * from district order by district";
|
||||
$result = $db->query($strSQL);
|
||||
while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
|
||||
$strChecked= ($row['active']==1) ? "checked='checked'" : "";
|
||||
$strValue=$row['active'];
|
||||
$strDistrict=$row['district'];
|
||||
echo "<input type='checkbox' $strChecked id='$strDistrict' name='$strDistrict' value='$strValue'> ";
|
||||
echo "<label for='$strDistrict'>".$row['title']."</label><br>\n";
|
||||
}
|
||||
?>
|
||||
<br>
|
||||
<input type="hidden" name="csrf" value="<?=$_SESSION['csrf_token']?>">
|
||||
<input type="submit" class="btn btn-primary" value="Auswahl ändern">
|
||||
</form>
|
||||
</div>
|
||||
</div> <!-- row -->
|
||||
</div>
|
||||
|
||||
@@ -5,7 +5,6 @@
|
||||
if (!$boolLogin) {
|
||||
header("Location: login.php");
|
||||
}
|
||||
$dbFilename="../db/locations.db";
|
||||
require("../config.php");
|
||||
|
||||
if($_POST['csrf'] !== $_SESSION['csrf_token']) {
|
||||
|
||||
29
admin/district_chk.php
Normal file
29
admin/district_chk.php
Normal file
@@ -0,0 +1,29 @@
|
||||
<?php
|
||||
session_start();
|
||||
$strLoginName=(isset($_SESSION['user'])) ? $_SESSION['user'] : "" ;
|
||||
$boolLogin = (!empty($strLoginName));
|
||||
if (!$boolLogin) {
|
||||
header("Location: login.php");
|
||||
}
|
||||
require("../config.php");
|
||||
|
||||
if($_POST['csrf'] !== $_SESSION['csrf_token']) {
|
||||
die("Ungültiger Token");
|
||||
}
|
||||
|
||||
$strSQL="SELECT * FROM district";
|
||||
$result = $db->query($strSQL);
|
||||
$numCounter=1;
|
||||
while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
|
||||
$strDistrict=$row['district'];
|
||||
if (isset($_POST[$strDistrict])) {
|
||||
$db->query("UPDATE `district` SET `active`= '1' WHERE `district`='$strDistrict'");
|
||||
} else {
|
||||
$db->query("UPDATE `district` SET `active`= '0' WHERE `district`='$strDistrict'");
|
||||
}
|
||||
}
|
||||
header("Location: configuration.php");
|
||||
//print_r($_POST);
|
||||
|
||||
|
||||
?>
|
||||
Reference in New Issue
Block a user