[Mapbender-commits] r1988 - branches/2.5/http/javascripts
svn_mapbender at osgeo.org
svn_mapbender at osgeo.org
Sat Jan 19 04:47:08 EST 2008
Author: christoph
Date: 2008-01-19 04:47:08 -0500 (Sat, 19 Jan 2008)
New Revision: 1988
Modified:
branches/2.5/http/javascripts/mod_addWMSfromList.php
branches/2.5/http/javascripts/mod_addWMSfromfilteredList.php
branches/2.5/http/javascripts/mod_addWMSfromfilteredListDB.php
branches/2.5/http/javascripts/mod_sandclock2.php
branches/2.5/http/javascripts/mod_setPOI2Scale.php
branches/2.5/http/javascripts/mod_wfs_SpatialRequest.php
branches/2.5/http/javascripts/mod_zoomCoords.php
branches/2.5/http/javascripts/mod_zoomFull.php
branches/2.5/http/javascripts/mod_zoomOut1.php
Log:
prepared statements
Modified: branches/2.5/http/javascripts/mod_addWMSfromList.php
===================================================================
--- branches/2.5/http/javascripts/mod_addWMSfromList.php 2008-01-18 10:52:56 UTC (rev 1987)
+++ branches/2.5/http/javascripts/mod_addWMSfromList.php 2008-01-19 09:47:08 UTC (rev 1988)
@@ -110,14 +110,18 @@
$arrayGuis=mb_getGUIs($logged_user_id);
$sql_gui = "SELECT * FROM gui WHERE gui_id IN (";
-
-for($i=0; $i<count($arrayGuis); $i++){
- if($i>0){ $sql_gui .= ",";}
- $sql_gui .= "'".$arrayGuis[$i]."'";
+$v = $arrayGuis;
+$t = array();
+for ($i = 0; $i < count($arrayGuis); $i++){
+ if ($i > 0) {
+ $sql_gui .= ",";
+ }
+ $sql_gui .= "$" . $i;
+ array_push($t, "s");
}
$sql_gui.= ") ORDER BY gui_name";
-$res_gui = db_query($sql_gui);
+$res_gui = db_prep_query($sql_gui, $v, $t);
while($row = db_fetch_array($res_gui)){
$gui_id[$cnt_gui] = $row["gui_id"];
$gui_name[$cnt_gui] = $row["gui_name"];
@@ -127,14 +131,18 @@
/*get allocated wms from allocated gui ********************************************************************************************/
$sql_gui_wms = "SELECT DISTINCT fkey_wms_id FROM gui_wms WHERE fkey_gui_id IN (";
-
-for($i=0; $i<count($arrayGuis); $i++){
- if($i>0){ $sql_gui_wms .= ",";}
- $sql_gui_wms .= "'".$arrayGuis[$i]."'";
+$v = $arrayGuis;
+$t = array();
+for ($i = 0; $i < count($arrayGuis); $i++){
+ if ($i > 0) {
+ $sql_gui_wms .= ",";
+ }
+ $sql_gui_wms .= "$".$i;
+ array_push($t, "s");
}
$sql_gui_wms.= ") ORDER BY fkey_wms_id";
-$res_gui_wms = db_query($sql_gui_wms);
+$res_gui_wms = db_prep_query($sql_gui_wms, $v, $t);
while($row = db_fetch_array($res_gui_wms)){
$fkey_gui_id[$cnt_gui_wms] = $row["fkey_gui_id"];
$fkey_wms_id[$cnt_gui_wms] = $row["fkey_wms_id"];
@@ -144,15 +152,19 @@
/*get allocated wms-Abstract and wms-Capabilities from allocated gui ********************************************************************************************/
$sql_wms = "SELECT DISTINCT wms_title, wms_abstract, wms_getcapabilities,wms_version FROM wms WHERE wms_id IN (";
-
-for($i=0; $i<count($fkey_wms_id); $i++){
- if($i>0){ $sql_wms .= ",";}
- $sql_wms .= "'".$fkey_wms_id[$i]."'";
+$v = $fkey_wms_id;
+$t = array();
+for ($i = 0; $i < count($fkey_wms_id); $i++){
+ if ($i > 0) {
+ $sql_wms .= ",";
+ }
+ $sql_wms .= "$" . $i;
+ array_push($t, "s");
}
#$sql_wms.= ") ORDER BY wms_id";
$sql_wms.= ") ORDER BY wms_title";
-$res_wms = db_query($sql_wms);
+$res_wms = db_prep_query($sql_wms, $v, $t);
while($row = db_fetch_array($res_wms)){
$wms_title[$cnt_wms] = $row["wms_title"];
$wms_abstract[$cnt_wms] = $row["wms_abstract"];
Modified: branches/2.5/http/javascripts/mod_addWMSfromfilteredList.php
===================================================================
--- branches/2.5/http/javascripts/mod_addWMSfromfilteredList.php 2008-01-18 10:52:56 UTC (rev 1987)
+++ branches/2.5/http/javascripts/mod_addWMSfromfilteredList.php 2008-01-19 09:47:08 UTC (rev 1988)
@@ -247,14 +247,20 @@
$arrayGuis=mb_getGUIs($logged_user_id);
$sql_gui = "SELECT * FROM gui WHERE gui_id IN (";
+$v = $arrayGuis;
+$t = array();
-for($i=0; $i<count($arrayGuis); $i++){
- if($i>0){ $sql_gui .= ",";}
- $sql_gui .= "'".$arrayGuis[$i]."'";
+for ($i = 1; $i <= count($arrayGuis); $i++){
+ if ($i > 0) {
+ $sql_gui .= ",";
+ }
+ $sql_gui .= "$" . $i;
+ array_push($t, "s");
}
$sql_gui.= ") ORDER BY gui_name";
-$res_gui = db_query($sql_gui);
+
+$res_gui = db_prep_query($sql_gui, $v, $t);
while($row = db_fetch_array($res_gui)){
$gui_id[$cnt_gui] = $row["gui_id"];
$gui_name[$cnt_gui] = $row["gui_name"];
@@ -266,14 +272,18 @@
/*get allocated wms from allocated gui ********************************************************************************************/
$sql_gui_wms = "SELECT DISTINCT fkey_wms_id, fkey_gui_id FROM gui_wms WHERE fkey_gui_id IN (";
-
-for($i=0; $i<count($arrayGuis); $i++){
- if($i>0){ $sql_gui_wms .= ",";}
- $sql_gui_wms .= "'".$arrayGuis[$i]."'";
+$v = $arrayGuis;
+$t = array();
+for ($i = 0; $i < count($arrayGuis); $i++){
+ if ($i > 0) {
+ $sql_gui_wms .= ",";
+ }
+ $sql_gui_wms .= "$".$i;
+ array_push($t, "s");
}
$sql_gui_wms.= ") ORDER BY fkey_wms_id";
-$res_gui_wms = db_query($sql_gui_wms);
+$res_gui_wms = db_prep_query($sql_gui_wms, $v, $t);
while($row = db_fetch_array($res_gui_wms)){
$fkey_gui_id[$cnt_gui_wms] = $row["fkey_gui_id"];
$fkey_wms_id[$cnt_gui_wms] = $row["fkey_wms_id"];
@@ -283,14 +293,18 @@
/*get allocated wms-Abstract and wms-Capabilities from allocated gui ********************************************************************************************/
$sql_wms = "SELECT DISTINCT wms_title, wms_abstract, wms_getcapabilities, wms_version FROM wms WHERE wms_id IN (";
-
-for($i=0; $i<count($fkey_wms_id); $i++){
- if($i>0){ $sql_wms .= ",";}
- $sql_wms .= "'".$fkey_wms_id[$i]."'";
+$v = $fkey_wms_id;
+$t = array();
+for ($i = 0; $i < count($fkey_wms_id); $i++){
+ if ($i > 0) {
+ $sql_wms .= ",";
+ }
+ $sql_wms .= "$".$i;
+ array_push($t, "s");
}
$sql_wms.= ") ORDER BY wms_title";
-$res_wms = db_query($sql_wms);
+$res_wms = db_prep_query($sql_wms, $v, $t);
while($row = db_fetch_array($res_wms)){
$wms_title[$cnt_wms] = $row["wms_title"];
$wms_abstract[$cnt_wms] = $row["wms_abstract"];
@@ -324,8 +338,10 @@
#if (isset($show_group_wms))
if (!empty($show_group_wms)){
/*get gui goup ********************************************************************************************/
- $sql_gui_mb_group = "SELECT fkey_gui_id, fkey_mb_group_id FROM gui_mb_group WHERE fkey_mb_group_id='".$show_group_wms."'";
- $res_gui_mb_group = db_query($sql_gui_mb_group);
+ $sql_gui_mb_group = "SELECT fkey_gui_id, fkey_mb_group_id FROM gui_mb_group WHERE fkey_mb_group_id=$1";
+ $v = array($show_group_wms);
+ $t = array("s");
+ $res_gui_mb_group = db_prep_query($sql_gui_mb_group, $v, $t);
while($row = db_fetch_array($res_gui_mb_group)){
$group_gui_id[$cnt_gui_mb_group] = $row["fkey_gui_id"];
@@ -339,13 +355,18 @@
/*get group gui WMS ********************************************************************************************/
if(count($group_gui_id)>0) {
$sql_fkey_group_gui_wms = "SELECT DISTINCT fkey_wms_id, fkey_gui_id FROM gui_wms WHERE fkey_gui_id IN (";
- for($i=0; $i<count($group_gui_id); $i++){
- if($i>0){ $sql_fkey_group_gui_wms .= ",";}
- $sql_fkey_group_gui_wms .= "'".$group_gui_id[$i]."'";
+ $v = $group_gui_id;
+ $t = array();
+ for ($i = 0; $i < count($group_gui_id); $i++){
+ if ($i > 0) {
+ $sql_fkey_group_gui_wms .= ",";
+ }
+ $sql_fkey_group_gui_wms .= "$".$i;
+ array_push($t, "s");
}
$sql_fkey_group_gui_wms.= ") ORDER BY fkey_wms_id";
- $res_fkey_group_gui_wms = db_query($sql_fkey_group_gui_wms);
+ $res_fkey_group_gui_wms = db_prep_query($sql_fkey_group_gui_wms, $v, $t);
while($row = db_fetch_array($res_fkey_group_gui_wms)){
$fkey_group_gui_gui_id[$cnt_fkey_group_gui_wms] = $row["fkey_gui_id"];
$fkey_group_gui_wms_id[$cnt_fkey_group_gui_wms] = $row["fkey_wms_id"];
@@ -358,14 +379,18 @@
/*group: get allocated wms-Abstract and wms-Capabilities from allocated gui ********************************************************************************************/
if(count($fkey_group_gui_wms_id)>0){
$sql_group_gui_wms = "SELECT DISTINCT wms_title, wms_abstract, wms_getcapabilities, wms_version FROM wms WHERE wms_id IN (";
-
- for($i=0; $i<count($fkey_group_gui_wms_id); $i++){
- if($i>0){ $sql_group_gui_wms .= ",";}
- $sql_group_gui_wms .= "'".$fkey_group_gui_wms_id[$i]."'";
+ $v = $fkey_group_gui_wms_id;
+ $t = array();
+ for ($i = 0; $i < count($fkey_group_gui_wms_id); $i++){
+ if ($i > 0) {
+ $sql_group_gui_wms .= ",";
+ }
+ $sql_group_gui_wms .= "$".$i;
+ array_push($t, "s");
}
$sql_group_gui_wms.= ") ORDER BY wms_title";
- $res_group_gui_wms = db_query($sql_group_gui_wms);
+ $res_group_gui_wms = db_prep_query($sql_group_gui_wms, $v, $t);
while($row = db_fetch_array($res_group_gui_wms)){
$group_wms_title[$cnt_group_gui_wms] = $row["wms_title"];
$group_wms_abstract[$cnt_group_gui_wms] = $row["wms_abstract"];
@@ -383,8 +408,10 @@
#if ($show_group_wms > 0)
if ($cnt_group_gui_wms > 0){
/*get goup name for showing in the table ********************************************************************************************/
- $sql_group_name = "SELECT mb_group_id, mb_group_name FROM mb_group WHERE mb_group_id ='".$show_group_wms."'";
- $res_group_name = db_query($sql_group_name);
+ $sql_group_name = "SELECT mb_group_id, mb_group_name FROM mb_group WHERE mb_group_id = $1";
+ $v = array($show_group_wms);
+ $t = array("s");
+ $res_group_name = db_prep_query($sql_group_name, $v, $t);
while($row = db_fetch_array($res_group_name)){
$group_name_table[$cnt_group_name] = $row["mb_group_name"];
$my_group_id_table[$cnt_group_name] = $row["mb_group_id"];
@@ -426,10 +453,12 @@
/*show gui wms ********************************************************************************************/
if (!empty($show_gui_wms)){
/*get group gui WMS ********************************************************************************************/
- $sql_fkey_show_gui_wms = "SELECT DISTINCT fkey_wms_id, fkey_gui_id FROM gui_wms WHERE fkey_gui_id ='".$show_gui_wms."'";
+ $sql_fkey_show_gui_wms = "SELECT DISTINCT fkey_wms_id, fkey_gui_id FROM gui_wms WHERE fkey_gui_id = $1";
+ $v = array($show_gui_wms);
+ $t = array("s");
#$sql_fkey_show_gui_wms.= ") ORDER BY fkey_wms_id";
- $res_fkey_show_gui_wms = db_query($sql_fkey_show_gui_wms);
+ $res_fkey_show_gui_wms = db_prep_query($sql_fkey_show_gui_wms, $v, $t);
while($row = db_fetch_array($res_fkey_show_gui_wms)){
$fkey_show_gui_gui_id[$cnt_fkey_show_gui_wms] = $row["fkey_gui_id"];
$fkey_show_gui_wms_id[$cnt_fkey_show_gui_wms] = $row["fkey_wms_id"];
@@ -441,14 +470,18 @@
/*gui: get allocated wms-Abstract and wms-Capabilities from allocated gui ********************************************************************************************/
if(count($fkey_show_gui_wms_id)>0){
$sql_show_gui_wms = "SELECT DISTINCT wms_title, wms_abstract, wms_getcapabilities, wms_id, wms_version FROM wms WHERE wms_id IN (";
-
- for($i=0; $i<count($fkey_show_gui_wms_id); $i++){
- if($i>0){ $sql_show_gui_wms .= ",";}
- $sql_show_gui_wms .= "'".$fkey_show_gui_wms_id[$i]."'";
+ $v = $fkey_show_gui_wms_id;
+ $t = array();
+ for ($i = 0; $i < count($fkey_show_gui_wms_id); $i++){
+ if ($i > 0) {
+ $sql_show_gui_wms .= ",";
+ }
+ $sql_show_gui_wms .= "$".$i;
+ array_push($t, "s");
}
$sql_show_gui_wms.= ") ORDER BY wms_title";
- $res_show_gui_wms = db_query($sql_show_gui_wms);
+ $res_show_gui_wms = db_prep_query($sql_show_gui_wms, $v, $t);
while($row = db_fetch_array($res_show_gui_wms)){
$gui_wms_id[$cnt_show_gui_wms] = $row["wms_id"];
$gui_wms_title[$cnt_show_gui_wms] = $row["wms_title"];
@@ -466,8 +499,10 @@
if ($cnt_show_gui_wms > 0){
/*get selected gui name for table caption ********************************************************************************************/
- $sql_gui_table = "SELECT * FROM gui WHERE gui_id ='".$show_gui_wms."'";
- $res_gui_table = db_query($sql_gui_table);
+ $sql_gui_table = "SELECT * FROM gui WHERE gui_id = $1";
+ $v = array($show_gui_wms);
+ $t = array("s");
+ $res_gui_table = db_prep_query($sql_gui_table, $v, $t);
while($row = db_fetch_array($res_gui_table)){
$gui_id_table[$cnt_gui_table] = $row["gui_id"];
$gui_name_table[$cnt_gui_table] = $row["gui_name"];
@@ -513,10 +548,11 @@
/*show gui wms ********************************************************************************************/
if (!empty($show_gui_configured_wms)){
/*get group gui WMS ********************************************************************************************/
- $sql_fkey_show_gui_wms = "SELECT DISTINCT fkey_wms_id, fkey_gui_id FROM gui_wms WHERE fkey_gui_id ='".$show_gui_configured_wms."'";
+ $sql_fkey_show_gui_wms = "SELECT DISTINCT fkey_wms_id, fkey_gui_id FROM gui_wms WHERE fkey_gui_id = $1";
#$sql_fkey_show_gui_wms.= ") ORDER BY fkey_wms_id";
-
- $res_fkey_show_gui_wms = db_query($sql_fkey_show_gui_wms);
+ $v = array($show_gui_configured_wms);
+ $t = array("s");
+ $res_fkey_show_gui_wms = db_prep_query($sql_fkey_show_gui_wms, $v, $t);
while($row = db_fetch_array($res_fkey_show_gui_wms)){
$fkey_show_gui_gui_id[$cnt_fkey_show_gui_wms] = $row["fkey_gui_id"];
$fkey_show_gui_wms_id[$cnt_fkey_show_gui_wms] = $row["fkey_wms_id"];
@@ -528,14 +564,18 @@
/*gui: get allocated wms-Abstract and wms-Capabilities from allocated gui ********************************************************************************************/
if(count($fkey_show_gui_wms_id)>0){
$sql_show_gui_wms = "SELECT DISTINCT wms_title, wms_abstract, wms_getcapabilities, wms_id, wms_version FROM wms WHERE wms_id IN (";
-
- for($i=0; $i<count($fkey_show_gui_wms_id); $i++){
- if($i>0){ $sql_show_gui_wms .= ",";}
- $sql_show_gui_wms .= "'".$fkey_show_gui_wms_id[$i]."'";
+ $v = $fkey_show_gui_wms_id;
+ $t = array();
+ for ($i = 0; $i < count($fkey_show_gui_wms_id); $i++){
+ if ($i > 0) {
+ $sql_show_gui_wms .= ",";
+ }
+ $sql_show_gui_wms .= "$".$i;
+ array_push($t, "s");
}
$sql_show_gui_wms.= ") ORDER BY wms_title";
- $res_show_gui_wms = db_query($sql_show_gui_wms);
+ $res_show_gui_wms = db_prep_query($sql_show_gui_wms, $v, $t);
while($row = db_fetch_array($res_show_gui_wms)){
$gui_wms_id[$cnt_show_gui_wms] = $row["wms_id"];
$gui_wms_title[$cnt_show_gui_wms] = $row["wms_title"];
@@ -553,8 +593,10 @@
if ($cnt_show_gui_wms > 0){
/*get selected gui name for table caption ********************************************************************************************/
- $sql_gui_table = "SELECT * FROM gui WHERE gui_id ='".$show_gui_configured_wms."'";
- $res_gui_table = db_query($sql_gui_table);
+ $sql_gui_table = "SELECT * FROM gui WHERE gui_id = $1";
+ $v = array($show_gui_configured_wms);
+ $t = array("s");
+ $res_gui_table = db_prep_query($sql_gui_table, $v, $t);
while($row = db_fetch_array($res_gui_table)){
$gui_id_table[$cnt_gui_table] = $row["gui_id"];
$gui_name_table[$cnt_gui_table] = $row["gui_name"];
Modified: branches/2.5/http/javascripts/mod_addWMSfromfilteredListDB.php
===================================================================
--- branches/2.5/http/javascripts/mod_addWMSfromfilteredListDB.php 2008-01-18 10:52:56 UTC (rev 1987)
+++ branches/2.5/http/javascripts/mod_addWMSfromfilteredListDB.php 2008-01-19 09:47:08 UTC (rev 1988)
@@ -101,14 +101,18 @@
$arrayGuis=mb_getGUIs($logged_user_id);
$sql_gui = "SELECT * FROM gui WHERE gui_id IN (";
-
-for($i=0; $i<count($arrayGuis); $i++){
- if($i>0){ $sql_gui .= ",";}
- $sql_gui .= "'".$arrayGuis[$i]."'";
+$v = $arrayGuis;
+$t = array();
+for ($i = 0; $i < count($arrayGuis); $i++){
+ if ($i > 0) {
+ $sql_gui .= ",";
+ }
+ $sql_gui .= "$" . $i;
+ array_push($t, "s");
}
$sql_gui.= ") ORDER BY gui_name";
-$res_gui = db_query($sql_gui);
+$res_gui = db_prep_query($sql_gui, $v, $t);
while($row = db_fetch_array($res_gui)){
$gui_id[$cnt_gui] = $row["gui_id"];
$gui_name[$cnt_gui] = $row["gui_name"];
@@ -120,14 +124,18 @@
/*get allocated wms from allocated gui ********************************************************************************************/
$sql_gui_wms = "SELECT DISTINCT fkey_wms_id, fkey_gui_id FROM gui_wms WHERE fkey_gui_id IN (";
-
-for($i=0; $i<count($arrayGuis); $i++){
- if($i>0){ $sql_gui_wms .= ",";}
- $sql_gui_wms .= "'".$arrayGuis[$i]."'";
+$v = $arrayGuis;
+$t = array();
+for ($i = 0; $i < count($arrayGuis); $i++) {
+ if ($i > 0) {
+ $sql_gui_wms .= ",";
+ }
+ $sql_gui_wms .= "$".$i;
+ array_push($t, "s");
}
$sql_gui_wms.= ") ORDER BY fkey_wms_id";
-$res_gui_wms = db_query($sql_gui_wms);
+$res_gui_wms = db_prep_query($sql_gui_wms, $v, $t);
while($row = db_fetch_array($res_gui_wms)){
$fkey_gui_id[$cnt_gui_wms] = $row["fkey_gui_id"];
$fkey_wms_id[$cnt_gui_wms] = $row["fkey_wms_id"];
@@ -137,14 +145,18 @@
/*get allocated wms-Abstract and wms-Capabilities from allocated gui ********************************************************************************************/
$sql_wms = "SELECT DISTINCT wms_title, wms_abstract, wms_getcapabilities, wms_version FROM wms WHERE wms_id IN (";
-
-for($i=0; $i<count($fkey_wms_id); $i++){
- if($i>0){ $sql_wms .= ",";}
- $sql_wms .= "'".$fkey_wms_id[$i]."'";
+$v = $fkey_wms_id;
+$t = array();
+for ($i = 0; $i < count($fkey_wms_id); $i++){
+ if ($i > 0) {
+ $sql_wms .= ",";
+ }
+ $sql_wms .= "$" . $i;
+ array_push($t, "s");
}
$sql_wms.= ") ORDER BY wms_title";
-$res_wms = db_query($sql_wms);
+$res_wms = db_prep_query($sql_wms, $v, $t);
while($row = db_fetch_array($res_wms)){
$wms_title[$cnt_wms] = $row["wms_title"];
$wms_abstract[$cnt_wms] = $row["wms_abstract"];
@@ -181,10 +193,12 @@
echo "<input type='button' class='wms_button' name='wms2' value='" . $selectOtherGuiText . "' onclick = 'mod_show_gui()'></td>";
/*get group gui WMS ********************************************************************************************/
- $sql_fkey_show_gui_wms = "SELECT DISTINCT fkey_wms_id, fkey_gui_id FROM gui_wms WHERE fkey_gui_id ='".$wms_show."'";
+ $sql_fkey_show_gui_wms = "SELECT DISTINCT fkey_wms_id, fkey_gui_id FROM gui_wms WHERE fkey_gui_id = $1";
#$sql_fkey_show_gui_wms.= ") ORDER BY fkey_wms_id";
- $res_fkey_show_gui_wms = db_query($sql_fkey_show_gui_wms);
+ $v = array($wms_show);
+ $t = array("s");
+ $res_fkey_show_gui_wms = db_prep_query($sql_fkey_show_gui_wms, $v, $t);
while($row = db_fetch_array($res_fkey_show_gui_wms)){
$fkey_show_gui_gui_id[$cnt_fkey_show_gui_wms] = $row["fkey_gui_id"];
$fkey_show_gui_wms_id[$cnt_fkey_show_gui_wms] = $row["fkey_wms_id"];
@@ -196,14 +210,18 @@
/*gui: get allocated wms-Abstract and wms-Capabilities from allocated gui ********************************************************************************************/
if(count($fkey_show_gui_wms_id)>0){
$sql_show_gui_wms = "SELECT DISTINCT wms_title, wms_abstract, wms_getcapabilities, wms_id, wms_version FROM wms WHERE wms_id IN (";
-
- for($i=0; $i<count($fkey_show_gui_wms_id); $i++){
- if($i>0){ $sql_show_gui_wms .= ",";}
- $sql_show_gui_wms .= "'".$fkey_show_gui_wms_id[$i]."'";
+ $v = $fkey_show_gui_wms_id;
+ $t = array();
+ for ($i = 0; $i < count($fkey_show_gui_wms_id); $i++){
+ if ($i > 0) {
+ $sql_show_gui_wms .= ",";
+ }
+ $sql_show_gui_wms .= "$".$i;
+ array_push($t, "s");
}
$sql_show_gui_wms.= ") ORDER BY wms_title";
- $res_show_gui_wms = db_query($sql_show_gui_wms);
+ $res_show_gui_wms = db_prep_query($sql_show_gui_wms, $v, $t);
while($row = db_fetch_array($res_show_gui_wms)){
$gui_wms_id[$cnt_show_gui_wms] = $row["wms_id"];
$gui_wms_title[$cnt_show_gui_wms] = $row["wms_title"];
@@ -221,8 +239,10 @@
if ($cnt_show_gui_wms > 0){
/*get selected gui name for table caption ********************************************************************************************/
- $sql_gui_table = "SELECT * FROM gui WHERE gui_id ='".$wms_show."'";
- $res_gui_table = db_query($sql_gui_table);
+ $sql_gui_table = "SELECT * FROM gui WHERE gui_id = $1";
+ $v = array($wms_show);
+ $t = array("s");
+ $res_gui_table = db_prep_query($sql_gui_table, $v, $t);
while($row = db_fetch_array($res_gui_table)){
$gui_id_table[$cnt_gui_table] = $row["gui_id"];
$gui_name_table[$cnt_gui_table] = $row["gui_name"];
Modified: branches/2.5/http/javascripts/mod_sandclock2.php
===================================================================
--- branches/2.5/http/javascripts/mod_sandclock2.php 2008-01-18 10:52:56 UTC (rev 1987)
+++ branches/2.5/http/javascripts/mod_sandclock2.php 2008-01-19 09:47:08 UTC (rev 1988)
@@ -25,7 +25,7 @@
$sql = "SELECT e_src, e_target FROM gui_element WHERE e_id = 'sandclock2' AND fkey_gui_id = $1";
$v = array($gui_id);
$t = array('s');
-$res = db_query($sql, $v, $t);
+$res = db_prep_query($sql, $v, $t);
$cnt = 0;
while($row = db_fetch_array($res)){
$e_target = db_result($res,0,"e_target");
Modified: branches/2.5/http/javascripts/mod_setPOI2Scale.php
===================================================================
--- branches/2.5/http/javascripts/mod_setPOI2Scale.php 2008-01-18 10:52:56 UTC (rev 1987)
+++ branches/2.5/http/javascripts/mod_setPOI2Scale.php 2008-01-19 09:47:08 UTC (rev 1988)
@@ -21,8 +21,10 @@
include(dirname(__FILE__) . "/../../conf/mapbender.conf");
$con = db_connect($DBSERVER,$OWNER,$PW);
db_select_db(DB,$con);
-$sql = "SELECT e_target FROM gui_element WHERE e_id = 'setPOI2Scale' AND fkey_gui_id = '".$gui_id."'";
-$res = db_query($sql);
+$sql = "SELECT e_target FROM gui_element WHERE e_id = 'setPOI2Scale' AND fkey_gui_id = $1";
+$v = array($gui_id);
+$t = array("s");
+$res = db_prep_query($sql, $v, $t);
$cnt = 0;
while($row = db_fetch_array($res)){
Modified: branches/2.5/http/javascripts/mod_wfs_SpatialRequest.php
===================================================================
--- branches/2.5/http/javascripts/mod_wfs_SpatialRequest.php 2008-01-18 10:52:56 UTC (rev 1987)
+++ branches/2.5/http/javascripts/mod_wfs_SpatialRequest.php 2008-01-19 09:47:08 UTC (rev 1988)
@@ -32,8 +32,10 @@
include(dirname(__FILE__) . "/../../conf/" . $wfs_conf_filename);
include '../include/dyn_js.php';
-$sql = "SELECT e_src, e_target FROM gui_element WHERE e_id = 'setSpatialRequest' AND fkey_gui_id = '".$gui_id."'";
-$res = db_query($sql);
+$sql = "SELECT e_src, e_target FROM gui_element WHERE e_id = 'setSpatialRequest' AND fkey_gui_id = $1";
+$v = array($gui_id);
+$t = array("s");
+$res = db_prep_query($sql);
$cnt = 0;
while($row = db_fetch_array($res)){
$e_src = $row["e_src"];
Modified: branches/2.5/http/javascripts/mod_zoomCoords.php
===================================================================
--- branches/2.5/http/javascripts/mod_zoomCoords.php 2008-01-18 10:52:56 UTC (rev 1987)
+++ branches/2.5/http/javascripts/mod_zoomCoords.php 2008-01-19 09:47:08 UTC (rev 1988)
@@ -70,8 +70,10 @@
$con = db_connect($DBSERVER,$OWNER,$PW);
db_select_db(DB,$con);
-$sql = "SELECT e_target FROM gui_element WHERE e_id = 'zoomCoords' AND fkey_gui_id = '".$_SESSION["mb_user_gui"]."'";
-$res = db_query($sql);
+$sql = "SELECT e_target FROM gui_element WHERE e_id = 'zoomCoords' AND fkey_gui_id = $1";
+$v = array($_SESSION["mb_user_gui"]);
+$t = array("s");
+$res = db_prep_query($sql, $v, $t);
$cnt = 0;
while($row = db_fetch_array($res)){
$e_target = $row["e_target"];
Modified: branches/2.5/http/javascripts/mod_zoomFull.php
===================================================================
--- branches/2.5/http/javascripts/mod_zoomFull.php 2008-01-18 10:52:56 UTC (rev 1987)
+++ branches/2.5/http/javascripts/mod_zoomFull.php 2008-01-19 09:47:08 UTC (rev 1988)
@@ -5,8 +5,10 @@
require_once(dirname(__FILE__)."/../../conf/mapbender.conf");
$con = db_connect($DBSERVER,$OWNER,$PW);
db_select_db(DB,$con);
-$sql = "SELECT e_src, e_target FROM gui_element WHERE e_id = 'zoomFull' AND fkey_gui_id = '".$gui_id."'";
-$res = db_query($sql);
+$sql = "SELECT e_src, e_target FROM gui_element WHERE e_id = 'zoomFull' AND fkey_gui_id = $1";
+$v = array($gui_id);
+$t = array("s");
+$res = db_prep_query($sql, $v, $t);
$cnt = 0;
while($row = db_fetch_array($res)){
$e_src = $row["e_src"];
Modified: branches/2.5/http/javascripts/mod_zoomOut1.php
===================================================================
--- branches/2.5/http/javascripts/mod_zoomOut1.php 2008-01-18 10:52:56 UTC (rev 1987)
+++ branches/2.5/http/javascripts/mod_zoomOut1.php 2008-01-19 09:47:08 UTC (rev 1988)
@@ -6,8 +6,10 @@
require_once(dirname(__FILE__)."/../../conf/mapbender.conf");
$con = db_connect($DBSERVER,$OWNER,$PW);
db_select_db(DB,$con);
-$sql = "SELECT e_src, e_target FROM gui_element WHERE e_id = 'zoomOut1' AND fkey_gui_id = '".$gui_id."'";
-$res = db_query($sql);
+$sql = "SELECT e_src, e_target FROM gui_element WHERE e_id = 'zoomOut1' AND fkey_gui_id = $1";
+$v = array($gui_id);
+$t = array("s");
+$res = db_prep_query($sql, $v, $t);
$cnt = 0;
while($row = db_fetch_array($res)){
$e_src = $row["e_src"];
More information about the Mapbender_commits
mailing list