svn commit: r218 - trunk/mapbender/http/include/dyn_css.php

uli at osgeo.org uli at osgeo.org
Wed May 10 09:48:57 EDT 2006 

Author: uli
Date: 2006-05-10 13:48:57+0000
New Revision: 218

Modified:
   trunk/mapbender/http/include/dyn_css.php

Log:
db_prep_query conversion


Modified: trunk/mapbender/http/include/dyn_css.php
Url: https://mapbender.osgeo.org/source/browse/mapbender/trunk/mapbender/http/include/dyn_css.php?view=diff&rev=218&p1=trunk/mapbender/http/include/dyn_css.php&p2=trunk/mapbender/http/include/dyn_css.php&r1=217&r2=218
==============================================================================
--- trunk/mapbender/http/include/dyn_css.php	(original)
+++ trunk/mapbender/http/include/dyn_css.php	2006-05-10 13:48:57+0000
@@ -1,14 +1,25 @@
 <?php
+if(!isset($gui_id) && isset($_REQUEST["guiID"])){
+	$gui_id = $_REQUEST["guiID"];
+}
+if(!isset($_REQUEST["e_id_css"]) && isset($_REQUEST["elementID"])){
+	$e_id_css = $_REQUEST["elementID"];
+}
+if(isset($_REQUEST["e_id_css"])){
+	$e_id_css = $_REQUEST["e_id_css"];
+}
 if(isset($gui_id) && $gui_id != ""){
 	#echo $gui_id. " - ".$_REQUEST["e_id_css"];
-	if (isset($_REQUEST["e_id_css"]) && $_REQUEST["e_id_css"] != '') {
+	if (isset($e_id_css) && $e_id_css != '') {
 		#
 		#
 		# css file
 		#
 		#
-		$sql = "SELECT * FROM gui_element_vars WHERE fkey_e_id = '".$_REQUEST["e_id_css"]."' AND fkey_gui_id = '".$gui_id."' and var_type='file/css'";
-		$res = db_query($sql);
+		$sql = "SELECT * FROM gui_element_vars WHERE fkey_e_id = $1 AND fkey_gui_id = $2 and var_type='file/css'";
+		$v = array($e_id_css,$gui_id);
+		$t = array('s','s');
+		$res = db_prep_query($sql,$v,$t);
 		$cnt = 0;
 		while($row = db_fetch_array($res)){		
 			echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"".$row["var_value"]."\" />\n";   
@@ -23,8 +34,10 @@
 		#
 		
 	
-		$sql = "SELECT * FROM gui_element_vars WHERE fkey_e_id = '".$_REQUEST["e_id_css"]."' AND fkey_gui_id = '".$gui_id."' and var_type='text/css'";   
-		$res = db_query($sql);
+		$sql = "SELECT * FROM gui_element_vars WHERE fkey_e_id = $1 AND fkey_gui_id = $2 and var_type='text/css'";
+		$v = array($e_id_css,$gui_id);
+		$t = array('s','s');
+		$res = db_prep_query($sql,$v,$t);
 		$cnt = 0;
 		$style = "";
 		while($row = db_fetch_array($res)){
@@ -44,8 +57,10 @@
 	# php variables
 	#
 	#
-	$sql = "SELECT * FROM gui_element_vars WHERE fkey_e_id = '".$_REQUEST["e_id_css"]."' AND fkey_gui_id = '".$gui_id."' and var_type='php_var'";
-   	$res = db_query($sql);
+	$sql = "SELECT * FROM gui_element_vars WHERE fkey_e_id = $1 AND fkey_gui_id = $2 and var_type='php_var'";
+   	$v = array($e_id_css,$gui_id);
+	$t = array('s','s');
+	$res = db_prep_query($sql,$v,$t);
 
 	echo "\n";
 	while($row = db_fetch_array($res))
@@ -61,8 +76,10 @@
 	# JavaScript variables
 	#
 	#
-	$sql = "SELECT * FROM gui_element_vars WHERE fkey_e_id = '".$_REQUEST["e_id_css"]."' AND fkey_gui_id = '".$gui_id."' and var_type='var'";
-   	$res = db_query($sql);
+	$sql = "SELECT * FROM gui_element_vars WHERE fkey_e_id = $1 AND fkey_gui_id = $2 and var_type='var'";
+   	$v = array($e_id_css,$gui_id);
+	$t = array('s','s');
+	$res = db_prep_query($sql,$v,$t);
 
 	echo "\n";
 	echo "<script type=\"text/javascript\">\n";

More information about the Mapbender_commits mailing list