svn commit: r321 - trunk/mapbender/http/php/mod_wfs_gazetteer.php

uli at osgeo.org uli at osgeo.org
Tue May 16 09:03:09 EDT 2006 

Author: uli
Date: 2006-05-16 13:03:09+0000
New Revision: 321

Modified:
   trunk/mapbender/http/php/mod_wfs_gazetteer.php

Log:
db_prep_query included

Modified: trunk/mapbender/http/php/mod_wfs_gazetteer.php
Url: https://mapbender.osgeo.org/source/browse/mapbender/trunk/mapbender/http/php/mod_wfs_gazetteer.php?view=diff&rev=321&p1=trunk/mapbender/http/php/mod_wfs_gazetteer.php&p2=trunk/mapbender/http/php/mod_wfs_gazetteer.php&r1=320&r2=321
==============================================================================
--- trunk/mapbender/http/php/mod_wfs_gazetteer.php	(original)
+++ trunk/mapbender/http/php/mod_wfs_gazetteer.php	2006-05-16 13:03:09+0000
@@ -37,9 +37,10 @@
 /* wfs_conf */
 $sql = "SELECT * FROM wfs_conf ";
 $sql .= "JOIN wfs ON wfs_conf.fkey_wfs_id = wfs.wfs_id ";
-$sql .= "WHERE wfs_conf.wfs_conf_id = ".$_REQUEST["wfs_conf"];
-
-$res = db_query($sql);
+$sql .= "WHERE wfs_conf.wfs_conf_id = $1";
+$v = array($_REQUEST["wfs_conf"]);
+$t = array('i');
+$res = db_prep_query($sql,$v,$t);
 if($row = db_fetch_array($res)){
 	$g_label  = $row["g_label"];
 	$g_label_id  = $row["g_label_id"];
@@ -55,8 +56,10 @@
 }else{die("wfs_conf data not available");}
 
 $sql = "SELECT * FROM wfs_featuretype ";
-$sql .= "WHERE fkey_wfs_id = ".$wfs_id." AND featuretype_id = ".$featuretype_id;
-$res = db_query($sql);
+$sql .= "WHERE fkey_wfs_id = $1 AND featuretype_id = $2";
+$v = array($wfs_id,$featuretype_id);
+$t = array('i','i');
+$res = db_prep_query($sql,$v,$t);
 if($row = db_fetch_array($res)){
 	$featuretype_name  = $row["featuretype_name"];
 	$featuretype_srs  = $row["featuretype_srs"];
@@ -69,10 +72,12 @@
 /* wfs_conf_element */
 $sql = "SELECT * FROM wfs_conf_element ";
 $sql .= "JOIN wfs_element ON wfs_conf_element.f_id = wfs_element.element_id ";
-$sql .= "WHERE wfs_conf_element.fkey_wfs_conf_id = ".$_REQUEST["wfs_conf"]." ";
+$sql .= "WHERE wfs_conf_element.fkey_wfs_conf_id = $1 ";
 $sql .= "AND wfs_conf_element.f_search = 1 ORDER BY wfs_conf_element.f_search;";
 
-$res = db_query($sql);
+$v = array($_REQUEST["wfs_conf"]);
+$t = array('i');
+$res = db_prep_query($sql,$v,$t);
 
 echo '<script type="text/javascript">';
 echo "var el = new Array();";

More information about the Mapbender_commits mailing list