melder/admin/configuration_chk.php
2024-03-11 19:30:21 +01:00

52 lines
2.5 KiB
PHP

<?php
session_start();
$strLoginName=(isset($_SESSION['user'])) ? $_SESSION['user'] : "" ;
$boolLogin = (!empty($strLoginName));
if (!$boolLogin) {
header("Location: login.php");
}
require("../config.php");
if($_POST['csrf'] !== $_SESSION['csrf_token']) {
die("Ungültiger Token");
}
$boolRating = (isset($_POST['rating'])) ? "1" : "0";
$boolComment = (isset($_POST['comment'])) ? "1" : "0";
$boolUpload = (isset($_POST['fileupload'])) ? "1" : "0";
$boolUserinfo = (isset($_POST['userinfo'])) ? "1" : "0";
$boolDefect = (isset($_POST['defect'])) ? "1" : "0";
$boolDistrictSelection = (isset($_POST['districtSelection'])) ? "1" : "0";
$boolApprove = (isset($_POST['approve'])) ? "1" : "0";
$strUploaddir = $_POST['uploaddir'];
$strTitle = $_POST['title'];
$strLogo = $_POST['logo'];
$contactEmail= $_POST['contactEmail'];
$strImpressum= $_POST['impressum'];
$strUrl = $_POST['url'];
$strUrlBez = $_POST['urlBez'];
$strIntroText= $_POST['introtext'];
$strImpressum=addslashes($strImpressum);
$strIntroText=addslashes($strIntroText);
$db->query("UPDATE `config` SET `value`= '$strUploaddir' WHERE `key`='uploaddir'");
$db->query("UPDATE `config` SET `value`= '$strTitle' WHERE `key`='title'");
$db->query("UPDATE `config` SET `value`= '$strLogo' WHERE `key`='logo'");
$db->query("UPDATE `config` SET `value`= '$contactEmail' WHERE `key`='contactEmail'");
$db->query("UPDATE `config` SET `value`= '$strImpressum' WHERE `key`='impressum'");
$db->query("UPDATE `config` SET `value`= '$strUrlBez' WHERE `key`='UrlBez'");
$db->query("UPDATE `config` SET `value`= '$strUrl' WHERE `key`='url'");
$db->query("UPDATE `config` SET `value`= '$strIntroText' WHERE `key`='IntroText'");
$db->query("UPDATE `config` SET `value`= '$boolRating' WHERE `key`='boolRating'");
$db->query("UPDATE `config` SET `value`= '$boolComment' WHERE `key`='boolComment'");
$db->query("UPDATE `config` SET `value`= '$boolUserinfo' WHERE `key`='boolUserinfo'");
$db->query("UPDATE `config` SET `value`= '$boolDefect' WHERE `key`='boolDefect'");
$db->query("UPDATE `config` SET `value`= '$boolUpload' WHERE `key`='boolUpload'");
$db->query("UPDATE `config` SET `value`= '$boolApprove' WHERE `key`='boolApprove'");
$db->query("UPDATE `config` SET `value`= '$boolDistrictSelection' WHERE `key`='boolDistrictSelection'");
header("Location: configuration.php");