#$entry = str_replace(" ", "", $entry); // siehe $fixed_entry $sqla .= ", entry"; $sqlb .= ", '" . $fixed_entry . "'"; $sql = "INSERT INTO " . $cfg["menued"]["db"]["menu"]["entries"] . " (" . $sqla . ")\n VALUES (" . $sqlb . ")"; if ($debugging["sql_enable"]) { $debugging["ausgabe"] .= "sql: " . $sql . $debugging["char"]; } $result = $db->query($sql); if (!$result) { $ausgaben["form_error"] .= $db->error("#(error_result)<br />"); } } if ($ausgaben["form_error"] == "") { // sprache hinzufuegen $lastid = $db->lastid(); if (checkext() != "") { $extenda = "extend, "; $extendb = "'" . $_POST["extend"] . "', "; } $sql = "INSERT INTO " . $cfg["menued"]["db"]["lang"]["entries"] . "\n ( mid, lang, label, " . $extenda . " exturl )\n VALUES ( '" . $lastid . "',\n '" . $_POST["lang"] . "',\n '" . $_POST["label"] . "',\n " . $extendb . "\n '" . $_POST["exturl"] . "' )"; if ($debugging["sql_enable"]) { $debugging["ausgabe"] .= "sql: " . $sql . $debugging["char"]; } $result = $db->query($sql); if (!$result) { $ausgaben["form_error"] .= $db->error("#(error_result)<br />"); } } if ($ausgaben["form_error"] == "") { // wohin schicken if ($_POST["add"]) {
} // +++ // unzugaengliche #(marken) sichtbar machen // wohin schicken # header("Location: ".$cfg["basis"]."/?.html"); // +++ // page basics #$fixed_entry = str_replace(" ", "", $HTTP_POST_VARS["entry"]); $fixed_entry = preg_replace("/[^A-Za-z_\\-\\.0-9]+/", "", $HTTP_POST_VARS["entry"]); // PREG:^[a-z_.-0-9]+$ if ($environment["parameter"][2] == "verify" && ($HTTP_POST_VARS["send"] != "" || $HTTP_POST_VARS["add"] != "" || $HTTP_POST_VARS["delete"] != "")) { // form eigaben prüfen form_errors($form_options, $HTTP_POST_VARS); // lang tabellen aenderungen if ($ausgaben["form_error"] == "") { $checkext = checkext(); $header_link = $cfg["basis"] . "/edit," . $environment["parameter"][1] . ".html"; #?referer=".$ausgaben["form_referer"]); if ($HTTP_POST_VARS["add"] && $HTTP_POST_VARS["new_lang"] != "") { $sql = "SELECT label\n FROM " . $cfg["db"]["lang"]["entries"] . "\n WHERE mid = " . $environment["parameter"][1] . "\n AND lang = '" . $HTTP_POST_VARS["new_lang"] . "'"; if ($debugging["sql_enable"]) { $debugging["ausgabe"] .= "sql: " . $sql . $debugging["char"]; } $result = $db->query($sql); if (!$result) { $ausgaben["form_error"] .= $db->error("#(error_result)<br />"); } $num_rows = $db->num_rows($result); if ($num_rows >= 1) { $ausgaben["form_error"] .= "#(error_lang_add)"; $header = $header_link;