diff options
Diffstat (limited to 'library/Pbs/Filter.php')
-rw-r--r-- | library/Pbs/Filter.php | 42 |
1 files changed, 16 insertions, 26 deletions
diff --git a/library/Pbs/Filter.php b/library/Pbs/Filter.php index 1224d27..5231e59 100644 --- a/library/Pbs/Filter.php +++ b/library/Pbs/Filter.php @@ -1,14 +1,4 @@ <?php -/* - * Copyright (c) 2011 - OpenSLX GmbH, RZ Uni Freiburg - * This program is free software distributed under the GPL version 2. - * See http://gpl.openslx.org/ - * - * If you have any feedback please consult http://feedback.openslx.org/ and - * send your suggestions, praise, or complaints to feedback@openslx.org - * - * General information about OpenSLX can be found at http://openslx.org/ - */ class Pbs_Filter{ @@ -85,8 +75,8 @@ class Pbs_Filter{ $ipAdress = str_replace(".","",$this->fillIP($ipAdress)); $stmt = $db->query("SELECT * FROM pbs_filterentries fe, pbs_filter f WHERE fe.filtertypeID = ".$filtertypID." AND - REPLACE(fe.filtervalue,'.','') <= '".mysql_real_escape_string($ipAdress)."' AND - '".mysql_real_escape_string($ipAdress)."' <= REPLACE(fe.filtervalue2,'.','') AND + REPLACE(fe.filtervalue,'.','') <= '".$ipAdress."' AND + '".$ipAdress."' <= REPLACE(fe.filtervalue2,'.','') AND fe.filterID = f.filterID AND f.groupID = '".$groupID."'"); @@ -112,8 +102,8 @@ class Pbs_Filter{ $macAdress = $this->fillMac($macAdress); $stmt = $db->query("SELECT * FROM pbs_filterentries fe, pbs_filter f WHERE fe.filtertypeID = ".$filtertypID." AND - fe.filtervalue <= '".mysql_real_escape_string($macAdress)."' AND - '".mysql_real_escape_string($macAdress)."' <= fe.filtervalue2 AND + fe.filtervalue <= '".$macAdress."' AND + '".$macAdress."' <= fe.filtervalue2 AND fe.filterID = f.filterID AND f.groupID = '".$groupID."'"); @@ -142,7 +132,7 @@ class Pbs_Filter{ try{ $stmt = $db->query("SELECT * FROM pbs_filterentries fe, pbs_filter f WHERE fe.filtertypeID = ".$filtertypID." AND - fe.filtervalue = ".mysql_real_escape_string($poolID)." AND + fe.filtervalue = ".$poolID." AND fe.filterID = f.filterID AND f.groupID = '".$groupID."'"); $result = $stmt->fetchAll(); @@ -167,7 +157,7 @@ class Pbs_Filter{ try{ $stmt = $db->query("SELECT * FROM pbs_filterentries fe, pbs_filter f WHERE fe.filtertypeID = ".$filtertypID." AND - fe.filtervalue = ".mysql_real_escape_string($clientID)." AND + fe.filtervalue = ".$clientID." AND fe.filterID = f.filterID AND f.groupID = '".$groupID."'"); @@ -190,7 +180,7 @@ class Pbs_Filter{ try{ $stmt = $db->query("SELECT * FROM pbs_filterentries fe, pbs_filter f WHERE fe.filtertypeID = ".$filtertypID." AND - fe.filtervalue = ".mysql_real_escape_string($bootisoID)." AND + fe.filtervalue = ".$bootisoID." AND fe.filterID = f.filterID AND f.groupID = '".$groupID."'"); $result = $stmt->fetchAll(); @@ -214,7 +204,7 @@ class Pbs_Filter{ try{ $stmt = $db->query("SELECT * FROM pbs_filterentries fe, pbs_filter f WHERE fe.filtertypeID = ".$filtertypID." AND - fe.filtervalue = ".mysql_real_escape_string($membershipID)." AND + fe.filtervalue = ".$membershipID." AND fe.filterID = f.filterID AND f.groupID = '".$groupID."'"); $result = $stmt->fetchAll(); @@ -241,7 +231,7 @@ class Pbs_Filter{ try{ $stmt = $db->query("SELECT * FROM pbs_filterentries fe, pbs_filter f WHERE fe.filtertypeID = ".$filtertypID." AND - fe.filtervalue = ".mysql_real_escape_string($membergroupID)." AND + fe.filtervalue = ".$membergroupID." AND fe.filterID = f.filterID AND f.groupID = '".$groupID."'"); $result = $stmt->fetchAll(); @@ -269,8 +259,8 @@ class Pbs_Filter{ $stmt = $db->query('SELECT * FROM pbs_filterentries fe, pbs_filter f WHERE fe.filtertypeID = '.$filtertypID.' AND - REPLACE(fe.filtervalue,":","") <= '.mysql_real_escape_string($nowShort).' AND - REPLACE(fe.filtervalue2,":","") >= '.mysql_real_escape_string($nowShort)." AND + REPLACE(fe.filtervalue,":","") <= '.$nowShort.' AND + REPLACE(fe.filtervalue2,":","") >= '.$nowShort." AND fe.filterID = f.filterID AND f.groupID = '".$groupID."'"); $result = $stmt->fetchAll(); @@ -296,7 +286,7 @@ class Pbs_Filter{ try{ $stmt = $db->query("SELECT * FROM pbs_filterentries fe, pbs_filter f WHERE fe.filtertypeID = ".$filtertypID." AND - fe.filtervalue = ".mysql_real_escape_string($hardwarehash)." AND + fe.filtervalue = ".$hardwarehash." AND fe.filterID = f.filterID AND f.groupID = '".$groupID."'"); $result = $stmt->fetchAll(); @@ -319,8 +309,8 @@ class Pbs_Filter{ try{ $stmt = $db->query("SELECT * FROM pbs_filterentries fe, pbs_filter f WHERE fe.filtertypeID = ".$filtertypID." AND - fe.filtervalue <= ".mysql_real_escape_string($weekday)." AND - ".mysql_real_escape_string($weekday)." <= fe.filtervalue2 AND + fe.filtervalue <= ".$weekday." AND + ".$weekday." <= fe.filtervalue2 AND fe.filterID = f.filterID AND f.groupID = '".$groupID."'"); $result = $stmt->fetchAll(); @@ -342,8 +332,8 @@ class Pbs_Filter{ try{ $stmt = $db->query("SELECT * FROM pbs_filterentries fe, pbs_filter f WHERE fe.filtertypeID = ".$filtertypID." AND - REPLACE(fe.filtervalue,'.','') <= ".mysql_real_escape_string($date)." AND - ".mysql_real_escape_string($date)." <= REPLACE(fe.filtervalue2,'.','') <= AND + REPLACE(fe.filtervalue,'.','') <= ".$date." AND + ".$date." <= REPLACE(fe.filtervalue2,'.','') <= AND fe.filterID = f.filterID AND f.groupID = '".$groupID."'"); $result = $stmt->fetchAll(); |