svn commit: r322 - trunk/mapbender/http/php/mod_wfsrequest.php

[uli at osgeo.org]

Author: uli
Date: 2006-05-16 13:29:19+0000
New Revision: 322

Modified:
   trunk/mapbender/http/php/mod_wfsrequest.php

Log:
db_prep_query included

Modified: trunk/mapbender/http/php/mod_wfsrequest.php
Url: https://mapbender.osgeo.org/source/browse/mapbender/trunk/mapbender/http/php/mod_wfsrequest.php?view=diff&rev=322&p1=trunk/mapbender/http/php/mod_wfsrequest.php&p2=trunk/mapbender/http/php/mod_wfsrequest.php&r1=321&r2=322
==============================================================================
--- trunk/mapbender/http/php/mod_wfsrequest.php	(original)
+++ trunk/mapbender/http/php/mod_wfsrequest.php	2006-05-16 13:29:19+0000
@@ -29,9 +29,11 @@
 /* wfs_conf */
 $sql = "SELECT * FROM wfs_conf ";
 $sql .= "JOIN wfs ON wfs_conf.fkey_wfs_id = wfs.wfs_id ";
-$sql .= "WHERE wfs_conf.wfs_conf_id = ".$_REQUEST['wfs_conf_id'];
+$sql .= "WHERE wfs_conf.wfs_conf_id = $1";
 
-$res = db_query($sql);
+$v = array($_REQUEST['wfs_conf_id']);
+$t = array('i');
+$res = db_prep_query($sql,$v,$t);
 if($row = db_fetch_array($res)){
         $g_res_style  = $row["g_res_style"];
         
@@ -40,10 +42,11 @@
 /* wfs_conf_element */
 $sql = "SELECT * FROM wfs_conf_element ";
 $sql .= "JOIN wfs_element ON wfs_conf_element.f_id = wfs_element.element_id ";
-$sql .= "WHERE wfs_conf_element.fkey_wfs_conf_id = ".$_REQUEST['wfs_conf_id']." ";
+$sql .= "WHERE wfs_conf_element.fkey_wfs_conf_id = $1 ";
 $sql .= "AND wfs_conf_element.f_show = 1 ORDER BY wfs_conf_element.f_respos;";
-
-$res = db_query($sql);
+$v = array($_REQUEST['wfs_conf_id']);
+$t = array('i');
+$res = db_prep_query($sql,$v,$t);
 $col = array();
 $cnt = 0;
 while($row = db_fetch_array($res)){