<?php defined ('main') or die ( 'no direct access' ); defined ('admin') or die ( 'only admin access' ); $design = new design ( 'Admins Area', 'Admins Area', 2 ); $design->header(); $um = ''; if (isset($_REQUEST['um'])) { $um = $_REQUEST['um']; } if (!empty($_POST['sub'])) { $name = escape($_POST['name'], 'string'); $alter = escape($_POST['alter'], 'string'); $position = escape($_POST['position'], 'string'); $power = escape($_POST['power'], 'string'); $wert = escape($_POST['wert'], 'string'); $lang = escape($_POST['lang'], 'string'); if ( empty($_POST['sid']) ) { db_query('INSERT INTO `prefix_footballplayers` (name,alter,position,power,wert,lang) VALUES ( "'.$name.'","'.$alter.'","'.$position.'"'.$power.'"'.$wert.'"'.$lang.'" ) ' ); } else { $sid = escape($_POST['sid'], 'integer'); db_query('UPDATE `prefix_footballplayers` SET name = "'.$name.'", alter = "'.$alter.'", position = "'.$position.'", power = "'.$power.'", wert = "'.$wert.'", lang = "'.$lang.'" WHERE id = "'.$sid.'"'); } } if (!empty($_GET['delete']) ) { $delete = escape($_GET['delete'], 'integer'); db_query('DELETE FROM `prefix_footballplayers` WHERE id = "'.$delete.'" LIMIT 1'); } if ( empty($_GET['sid']) ) { $row = array(); $row['sub'] = 'Eintragen'; $row['name'] = ''; $row['alter'] = ''; $row['position'] = ''; $row['power'] = ''; $row['wert'] = ''; $row['lang'] = ''; $row['sid'] = ''; } else { $abf = 'SELECT name,alter,position,power,wert,lang,id as sid FROM `prefix_footballplayers` WHERE id = "'.escape($_GET['sid'], 'integer').'"'; $erg = db_query($abf); $row = db_fetch_assoc($erg); $row['sub'] = 'Ändern'; } $clas = ''; $tpl = new tpl ( 'footballplayershow', 1); $tpl->set_ar_out($row,0); $erg = db_query('SELECT * FROM `prefix_footballplayers` ORDER BY name'); while ($row = db_fetch_assoc($erg) ) { $clas = ($clas == 'Cmite' ? 'Cnorm' : 'Cmite' ); $row['class'] = $clas; $tpl->set_ar_out($row,1); } $tpl->out(2); $design->footer(); ?>
EDIT: nun wird mir dieser fehler ausgespuckt ...
MySQL Error:
1064 : You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'alter,position,power,wert,lang) VALUES ( "fdsfdas","sfsdfs","sdfsdf","dfsf","sgd' at line 1
in Query:
INSERT INTO `ic1_footballplayers` (name,alter,position,power,wert,lang) VALUES ( "fdsfdas","sfsdfs","sdfsdf","dfsf","sgdsfs","fsdfgsd" )
Debug backtrace:
@ mysql.php:46 -- debug_bt()
@ mysql.php:64 -- db_check_error(...)
@ footballplayershow.php:18 -- db_query(...)
@ admin.php:20 -- require_once(...)
Zuletzt modifiziert von Nex4T am 11.08.2014 - 20:03:29