svn commit: r290 - trunk/mapbender/http/php/mod_loadCapabilities.php

uli at osgeo.org uli at osgeo.org
Mon May 15 09:13:41 EDT 2006 

Author: uli
Date: 2006-05-15 13:13:41+0000
New Revision: 290

Modified:
   trunk/mapbender/http/php/mod_loadCapabilities.php

Log:
db_prep_query included

Modified: trunk/mapbender/http/php/mod_loadCapabilities.php
Url: https://mapbender.osgeo.org/source/browse/mapbender/trunk/mapbender/http/php/mod_loadCapabilities.php?view=diff&rev=290&p1=trunk/mapbender/http/php/mod_loadCapabilities.php&p2=trunk/mapbender/http/php/mod_loadCapabilities.php&r1=289&r2=290
==============================================================================
--- trunk/mapbender/http/php/mod_loadCapabilities.php	(original)
+++ trunk/mapbender/http/php/mod_loadCapabilities.php	2006-05-15 13:13:41+0000
@@ -18,9 +18,10 @@
 # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 
 session_start();
-
-include("../php/mb_validateSession.php");
 include("../../conf/mapbender.conf");
+$con = db_connect(DBSERVER,OWNER,PW);
+db_select_db(DB,$con);
+include("../php/mb_validateSession.php");
 import_request_variables("PG");
 ?>
 
@@ -70,18 +71,18 @@
 </style>
 <script language="JavaScript">
 function validate(wert){
-   if(wert == 'guiList'){
-      var listIndex = document.form1.guiList.selectedIndex;
-      if(listIndex<0){
-		   alert("Please select a GUI.");
+	if(wert == 'guiList'){
+		var listIndex = document.form1.guiList.selectedIndex;
+		if(listIndex<0){
+			alert("Please select a GUI.");
 			return false;
-      }
-      else{
-         var gui_id=document.form1.guiList.options[listIndex].value;
+		}
+		else{
+			var gui_id=document.form1.guiList.options[listIndex].value;
 			document.form1.action='../php/mod_loadwms.php';
 			document.form1.submit();
-      }
-   }
+		}
+	}
 }
 </script>
 </head>
@@ -89,73 +90,67 @@
 
 <?php
 
-$con = db_connect($DBSERVER,$OWNER,$PW);
-db_select_db(DB,$con);
+
 require_once("../classes/class_administration.php");
 $admin = new administration();
 $ownguis = $admin->getGuisByOwner($_SESSION["mb_user_id"]);
 
 echo "<form name='form1' action='" . $PHP_SELF . "?".SID."' method='post'>";
-
 echo "<table cellpadding='0' cellspacing='0' border='0'>";
 echo "<tr>";
 echo "<td>";
 if (count($ownguis)>0){
 	echo"GUI";
 	echo"<br>";
+	$v = array();
+	$t = array();
 	$sql = "SELECT * FROM gui WHERE gui_id IN ("; 
 	for($i=0; $i<count($ownguis); $i++){
-	if($i>0){ $sql .= ",";}
-		$sql .= "'".$ownguis[$i]."'";
+		if($i>0){ $sql .= ",";}
+		$sql .= "$".($i+1);
+		array_push($v,$ownguis[$i]);
+		array_push($t,'s');
 	}
 	$sql .= ") ORDER BY gui_name";
-	
-	
-	$res = db_query($sql);
-	#echo $res;
-	#echo $sql;
-	#echo db_numrows($res);
-	#$count=0;
+	$res = db_prep_query($sql,$v,$t);
 	echo"<select size='8' name='guiList' style='width:200px' onClick='submit()'>";
 	while($row = db_fetch_array($res)){
-		#$gui_id[$count]=$row["gui_id"];
-		#$gui_name[$count]=$row["gui_name"];
-		#$gui_description[$count]=$row["gui_description"];
-		
 		echo "<option value='".$row["gui_id"]."' ";
-		   if($guiList && $guiList == $row["gui_name"]){
-	         echo "selected";}
-	          echo ">".$row["gui_name"]."</option>";
-	          #$count++;
+		if($guiList && $guiList == $row["gui_name"]){
+			echo "selected";
+		}
+		echo ">".$row["gui_name"]."</option>";
 	} 
-	  $arrayGUIs=$_SESSION["mb_user_guis"];
-	  echo count($arrayGUIs);
+	$arrayGUIs=$_SESSION["mb_user_guis"];
+	echo count($arrayGUIs);
 	echo "</select><br><br>";
-	
 	echo "</td>";
 	echo "<td>";
 	echo"WMS";
 	echo"<br>";
-	###
-	
 	
-	If (isset($guiList) && $guiList!=""){
-	  $sql="SELECT Distinct wms.wms_title,gui_wms_position from gui_wms JOIN gui on gui_wms.fkey_gui_id=gui.gui_id JOIN wms ON gui_wms.fkey_wms_id=wms.wms_id and gui_wms.fkey_gui_id=gui.gui_id where gui.gui_name='".$guiList."' order by gui_wms_position";
-	  $res = db_query($sql);
-	  $count=0;
-	  echo"<select size='8' name='wmsList' style='width:200px'>";
-	
-	  while($row = db_fetch_array($res)){
-	  	if ($row["wms_title"]!=""){
-		echo "<option value='' ";
-	    echo ">".$row["wms_title"]."</option>";
+	if(isset($guiList) && $guiList!=""){
+		$sql = "SELECT DISTINCT wms.wms_title,gui_wms_position from gui_wms JOIN ";
+		$sql .= "gui on gui_wms.fkey_gui_id = gui.gui_id JOIN wms ON gui_wms.fkey_wms_id = wms.wms_id ";
+		$sql .= "and gui_wms.fkey_gui_id = gui.gui_id where gui.gui_name = $1 order by gui_wms_position";
+		$v = array($guiList);
+		$t = array('s');
+		$res = db_prep_query($sql,$v,$t);
+		$count=0;
+		echo"<select size='8' name='wmsList' style='width:200px'>";
+	
+		while($row = db_fetch_array($res)){
+			if ($row["wms_title"]!=""){
+				echo "<option value='' ";
+				echo ">".$row["wms_title"]."</option>";
+			}
+			$count++;
 		}
-		$count++;
-	  }
 	    echo "</select><br><br>";
-	}else{
-	  echo"<select size='8' name='wmsList' style='width:200px' on Click='submit()'>";
-	  echo "</select><br><br>";
+	}
+	else{
+		echo"<select size='8' name='wmsList' style='width:200px' on Click='submit()'>";
+		echo "</select><br><br>";
 	}
 	echo "</td>";
 	echo "<tr></table><br>";
@@ -174,10 +169,10 @@
 	}
 	echo"<input type='button' name='loadCap' value='Load' onClick='validate(\"guiList\")'>";
 	echo "</form>";
-}else{
+}
+else{
 	echo "There are no guis available for this user. Please create a gui first.";
 }
-
 ?>
 </body>
 </html>
\ No newline at end of file

More information about the Mapbender_commits mailing list