?> <?php function addVideo() { if (isLoggedIn()) { if (hasCurrentUserRight("video")) {
//echo($sql); $result = mysql_query($sql); $errorno = mysql_errno(); if (mysql_affected_rows() != 1 || $errorno != 0) { echo "<center class=\"error\">Löschen fehlgeschlagen</center>"; } else { echo "<center class=\"successful\">Löschen erfolgreich</center>"; } } } function storeTermin() { if (hasCurrentUserRight("termine") && isset($_POST["speichern"])) { $db = getDB(); $sql = "INSERT INTO termin (terminq, vondateprimary, bisdateprimary, vontimeprimary, bistimeprimary, what, `where`, infos, createuserid, createdate) " . "VALUES ('TERMIN', '" . mysql_real_escape_string(trim($_POST["DatumVonPrimary"])) . "','" . mysql_real_escape_string(trim($_POST["DatumBisPrimary"])) . "','" . mysql_real_escape_string(trim($_POST["ZeitVonPrimary"])) . "','" . mysql_real_escape_string(trim($_POST["ZeitBisPrimary"])) . "','" . mysql_real_escape_string(trim($_POST["Was"])) . "','" . mysql_real_escape_string(trim($_POST["Wo"])) . "','" . mysql_real_escape_string(trim($_POST["Infos"])) . "'," . $_SESSION['userid'] . ", now() )"; //echo($sql); $result = mysql_query($sql); $errorno = mysql_errno(); if (mysql_affected_rows() != 1 || $errorno != 0) { echo "<center class=\"error\">Eintrag fehlgeschlagen</center>"; } else { echo "<center class=\"successful\">Eintrag erfolgreich</center>"; } } } function updateTermin() { if (hasCurrentUserRight("termine") && isset($_POST["update"])) { $db = getDB(); $sql = "UPDATE termin set " . "vondateprimary = '" . mysql_real_escape_string(trim($_POST["DatumVonPrimary"])) . "', " . "bisdateprimary = '" . mysql_real_escape_string(trim($_POST["DatumBisPrimary"])) . "', " . "vontimeprimary = '" . mysql_real_escape_string(trim($_POST["ZeitVonPrimary"])) . "', " . "bistimeprimary = '" . mysql_real_escape_string(trim($_POST["ZeitBisPrimary"])) . "', " . "what = '" . mysql_real_escape_string(trim($_POST["Was"])) . "', " . "`where` = '" . mysql_real_escape_string(trim($_POST["Wo"])) . "', " . "infos = '" . mysql_real_escape_string(trim($_POST["Infos"])) . "', " . "changeuserid=" . $_SESSION['userid'] . ", " . "changedate = now() " . "WHERE terminid = " . mysql_real_escape_string(trim($_POST["terminid"])); //echo($sql); $result = mysql_query($sql); $errorno = mysql_errno(); if (mysql_affected_rows() != 1 || $errorno != 0) { echo "<center class=\"error\">Änderung fehlgeschlagen</center>"; } else { echo "<center class=\"successful\">Änderung erfolgreich</center>"; } } } function initTermine() { if (hasCurrentUserRight("termine")) { ?> <script language="JavaScript" type="text/javascript"> function askDelete() {