summaryrefslogtreecommitdiffstats
path: root/library/Pbs/Filter.php
diff options
context:
space:
mode:
Diffstat (limited to 'library/Pbs/Filter.php')
-rw-r--r--library/Pbs/Filter.php42
1 files changed, 16 insertions, 26 deletions
diff --git a/library/Pbs/Filter.php b/library/Pbs/Filter.php
index 1224d27..5231e59 100644
--- a/library/Pbs/Filter.php
+++ b/library/Pbs/Filter.php
@@ -1,14 +1,4 @@
<?php
-/*
- * Copyright (c) 2011 - OpenSLX GmbH, RZ Uni Freiburg
- * This program is free software distributed under the GPL version 2.
- * See http://gpl.openslx.org/
- *
- * If you have any feedback please consult http://feedback.openslx.org/ and
- * send your suggestions, praise, or complaints to feedback@openslx.org
- *
- * General information about OpenSLX can be found at http://openslx.org/
- */
class Pbs_Filter{
@@ -85,8 +75,8 @@ class Pbs_Filter{
$ipAdress = str_replace(".","",$this->fillIP($ipAdress));
$stmt = $db->query("SELECT * FROM pbs_filterentries fe, pbs_filter f WHERE
fe.filtertypeID = ".$filtertypID." AND
- REPLACE(fe.filtervalue,'.','') <= '".mysql_real_escape_string($ipAdress)."' AND
- '".mysql_real_escape_string($ipAdress)."' <= REPLACE(fe.filtervalue2,'.','') AND
+ REPLACE(fe.filtervalue,'.','') <= '".$ipAdress."' AND
+ '".$ipAdress."' <= REPLACE(fe.filtervalue2,'.','') AND
fe.filterID = f.filterID AND
f.groupID = '".$groupID."'");
@@ -112,8 +102,8 @@ class Pbs_Filter{
$macAdress = $this->fillMac($macAdress);
$stmt = $db->query("SELECT * FROM pbs_filterentries fe, pbs_filter f WHERE
fe.filtertypeID = ".$filtertypID." AND
- fe.filtervalue <= '".mysql_real_escape_string($macAdress)."' AND
- '".mysql_real_escape_string($macAdress)."' <= fe.filtervalue2 AND
+ fe.filtervalue <= '".$macAdress."' AND
+ '".$macAdress."' <= fe.filtervalue2 AND
fe.filterID = f.filterID AND
f.groupID = '".$groupID."'");
@@ -142,7 +132,7 @@ class Pbs_Filter{
try{
$stmt = $db->query("SELECT * FROM pbs_filterentries fe, pbs_filter f WHERE
fe.filtertypeID = ".$filtertypID." AND
- fe.filtervalue = ".mysql_real_escape_string($poolID)." AND
+ fe.filtervalue = ".$poolID." AND
fe.filterID = f.filterID AND
f.groupID = '".$groupID."'");
$result = $stmt->fetchAll();
@@ -167,7 +157,7 @@ class Pbs_Filter{
try{
$stmt = $db->query("SELECT * FROM pbs_filterentries fe, pbs_filter f WHERE
fe.filtertypeID = ".$filtertypID." AND
- fe.filtervalue = ".mysql_real_escape_string($clientID)." AND
+ fe.filtervalue = ".$clientID." AND
fe.filterID = f.filterID AND
f.groupID = '".$groupID."'");
@@ -190,7 +180,7 @@ class Pbs_Filter{
try{
$stmt = $db->query("SELECT * FROM pbs_filterentries fe, pbs_filter f WHERE
fe.filtertypeID = ".$filtertypID." AND
- fe.filtervalue = ".mysql_real_escape_string($bootisoID)." AND
+ fe.filtervalue = ".$bootisoID." AND
fe.filterID = f.filterID AND
f.groupID = '".$groupID."'");
$result = $stmt->fetchAll();
@@ -214,7 +204,7 @@ class Pbs_Filter{
try{
$stmt = $db->query("SELECT * FROM pbs_filterentries fe, pbs_filter f WHERE
fe.filtertypeID = ".$filtertypID." AND
- fe.filtervalue = ".mysql_real_escape_string($membershipID)." AND
+ fe.filtervalue = ".$membershipID." AND
fe.filterID = f.filterID AND
f.groupID = '".$groupID."'");
$result = $stmt->fetchAll();
@@ -241,7 +231,7 @@ class Pbs_Filter{
try{
$stmt = $db->query("SELECT * FROM pbs_filterentries fe, pbs_filter f WHERE
fe.filtertypeID = ".$filtertypID." AND
- fe.filtervalue = ".mysql_real_escape_string($membergroupID)." AND
+ fe.filtervalue = ".$membergroupID." AND
fe.filterID = f.filterID AND
f.groupID = '".$groupID."'");
$result = $stmt->fetchAll();
@@ -269,8 +259,8 @@ class Pbs_Filter{
$stmt = $db->query('SELECT * FROM pbs_filterentries fe, pbs_filter f WHERE
fe.filtertypeID = '.$filtertypID.' AND
- REPLACE(fe.filtervalue,":","") <= '.mysql_real_escape_string($nowShort).' AND
- REPLACE(fe.filtervalue2,":","") >= '.mysql_real_escape_string($nowShort)." AND
+ REPLACE(fe.filtervalue,":","") <= '.$nowShort.' AND
+ REPLACE(fe.filtervalue2,":","") >= '.$nowShort." AND
fe.filterID = f.filterID AND
f.groupID = '".$groupID."'");
$result = $stmt->fetchAll();
@@ -296,7 +286,7 @@ class Pbs_Filter{
try{
$stmt = $db->query("SELECT * FROM pbs_filterentries fe, pbs_filter f WHERE
fe.filtertypeID = ".$filtertypID." AND
- fe.filtervalue = ".mysql_real_escape_string($hardwarehash)." AND
+ fe.filtervalue = ".$hardwarehash." AND
fe.filterID = f.filterID AND
f.groupID = '".$groupID."'");
$result = $stmt->fetchAll();
@@ -319,8 +309,8 @@ class Pbs_Filter{
try{
$stmt = $db->query("SELECT * FROM pbs_filterentries fe, pbs_filter f WHERE
fe.filtertypeID = ".$filtertypID." AND
- fe.filtervalue <= ".mysql_real_escape_string($weekday)." AND
- ".mysql_real_escape_string($weekday)." <= fe.filtervalue2 AND
+ fe.filtervalue <= ".$weekday." AND
+ ".$weekday." <= fe.filtervalue2 AND
fe.filterID = f.filterID AND
f.groupID = '".$groupID."'");
$result = $stmt->fetchAll();
@@ -342,8 +332,8 @@ class Pbs_Filter{
try{
$stmt = $db->query("SELECT * FROM pbs_filterentries fe, pbs_filter f WHERE
fe.filtertypeID = ".$filtertypID." AND
- REPLACE(fe.filtervalue,'.','') <= ".mysql_real_escape_string($date)." AND
- ".mysql_real_escape_string($date)." <= REPLACE(fe.filtervalue2,'.','') <= AND
+ REPLACE(fe.filtervalue,'.','') <= ".$date." AND
+ ".$date." <= REPLACE(fe.filtervalue2,'.','') <= AND
fe.filterID = f.filterID AND
f.groupID = '".$groupID."'");
$result = $stmt->fetchAll();