示例#1
0
     $queryid = isset($_REQUEST['queryid']) ? addslashes($_REQUEST['queryid']) : 0;
 } else {
     $bCookieQueryid = true;
     $queryid = get_cookie_setting('lastqueryid');
     if ($queryid == false) {
         $queryid = 0;
     }
     if ($queryid != 0) {
         // check if query exists
         $sqlstr = "SELECT COUNT(*) `count` FROM `queries` WHERE id= :1";
         $dbc->multiVariableQuery($sqlstr, $queryid);
         $rCount = $dbc->dbResultFetch();
         if ($rCount['count'] == 0) {
             $queryid = 0;
         }
         $dbc->reset();
     }
     if ($queryid == 0) {
         // das Suchformular wird initialisiert (keine Vorbelegungen vorhanden)
         $_REQUEST['cache_attribs'] = '';
         $rs = sql('SELECT `id` FROM `cache_attrib` WHERE `default`=1');
         while ($r = sql_fetch_assoc($rs)) {
             if ($_REQUEST['cache_attribs'] != '') {
                 $_REQUEST['cache_attribs'] .= ';';
             }
             $_REQUEST['cache_attribs'] .= $r['id'];
         }
         mysql_free_result($rs);
         $_REQUEST['cache_attribs_not'] = '';
         $rs = sql('SELECT `id` FROM `cache_attrib` WHERE `default`=2');
         while ($r = sql_fetch_assoc($rs)) {
示例#2
0
require_once './lib/common.inc.php';
//Preprocessing
if ($error == false) {
    $db = new dataBase();
    $description = "";
    //user logged in?
    if ($usr == false) {
        $target = urlencode(tpl_get_current_page());
        tpl_redirect('login.php?target=' . $target);
    } else {
        tpl_set_var('desc_updated', '');
        tpl_set_var('displayGeoPathSection', displayGeoPatchSection('table'));
        if (isset($_POST['description'])) {
            $sql = "UPDATE user SET description = :1 WHERE user_id=:2";
            $db->multiVariableQuery($sql, strip_tags($_POST['description']), (int) $usr['userid']);
            $db->reset();
            tpl_set_var('desc_updated', "<font color='green'>" . tr('desc_updated') . "</font>");
        }
        if (isset($_POST['submit'])) {
            $sql = "UPDATE user SET get_bulletin = :1 WHERE user_id = :2 ";
            $db->multiVariableQuery($sql, intval(sql_escape($_POST['bulletin'])), (int) $usr['userid']);
            $db->reset();
        }
        $sql = "SELECT description, get_bulletin FROM user WHERE user_id = :1 LIMIT 1";
        $db->multiVariableQuery($sql, (int) $usr['userid']);
        $userinfo = $db->dbResultFetchOneRowOnly();
        $description = $userinfo['description'];
        $bulletin = $userinfo['get_bulletin'];
        tpl_set_var('bulletin_label', $bulletin == 1 ? tr('bulletin_label_yes') : tr('bulletin_label_no'));
        tpl_set_var('bulletin_value', $bulletin);
        tpl_set_var('is_checked', $bulletin == 1 ? "checked" : "");