From 58238e7325920be68f3468c81115c8ddcf01c2f4 Mon Sep 17 00:00:00 2001 From: AndreaChirulescu Date: Mon, 12 Apr 2021 21:23:16 +0200 Subject: fixed a missing = in an if inside the editconcerts form. Added check if cid has a value --- includes/admin/views/giglog_admin_page.php | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) (limited to 'includes/admin/views/giglog_admin_page.php') diff --git a/includes/admin/views/giglog_admin_page.php b/includes/admin/views/giglog_admin_page.php index 6246af7..9322c9a 100644 --- a/includes/admin/views/giglog_admin_page.php +++ b/includes/admin/views/giglog_admin_page.php @@ -136,9 +136,10 @@ if ( !class_exists( 'GiglogAdmin_AdminPage' ) ) { static function editforms() { global $wpdb; - if($_POST['edit']="EDIT") - { - $query = "SELECT * FROM wpg_concerts where id = ".$_POST['cid']; + $cid = filter_input(INPUT_POST, "cid"); + if(($_POST['edit']=="EDIT")&&!empty($cid)) + { + $query = "SELECT * FROM wpg_concerts where id = ".$cid; $results = $wpdb->get_results($query); foreach($results as $row) { @@ -149,15 +150,15 @@ if ( !class_exists( 'GiglogAdmin_AdminPage' ) ) { $link = $row->wpgconcert_event; } - } + } $content='
Form to create/edit concerts, bands, venues
' - .'' + .'' .''.GiglogAdmin_AdminPage::get_allbands($band).'
' .''.GiglogAdmin_AdminPage::get_allvenues($venue).'
' .'
' .'
' .'
'; - if ($band=='') + if ($band=='') //actions differ if we update or create a concert, hence two buttons needed $content.='

'; else $content.='

'; @@ -334,7 +335,7 @@ if ( !class_exists( 'GiglogAdmin_AdminPage' ) ) { } //handling the admin drop down menu - if(isset($_POST['selectstatus']) && $_POST['edit']!="EDIT") + if(isset($_POST['selectstatus']) && $_POST['edit']!="EDIT" && !empty($_POST['cid'])) { $usql = "UPDATE wpg_concertlogs SET wpgcl_status=".$_POST['selectstatus']." WHERE wpgcl_concertid=".$_POST['cid']; $uresults = $wpdb->get_results($usql); @@ -344,7 +345,7 @@ if ( !class_exists( 'GiglogAdmin_AdminPage' ) ) { if(isset($_POST['newconcert'])) { - if (empty($_POST['selectband']) || empty($_POST['selectvenueadmin']) || empty($_POST['cdate']) || empty($_POST['ticket']) || empty($_POST['eventurl'])) + IF (empty($_POST['selectband']) || empty($_POST['selectvenueadmin']) || empty($_POST['cdate']) || empty($_POST['ticket']) || empty($_POST['eventurl'])) echo ''; else { @@ -354,7 +355,7 @@ if ( !class_exists( 'GiglogAdmin_AdminPage' ) ) { } if(isset($_POST['editconcert'])) { - if (empty($_POST['selectband']) || empty($_POST['selectvenueadmin']) || empty($_POST['cdate']) || empty($_POST['ticket']) || empty($_POST['eventurl'])) + IF (empty($_POST['selectband']) || empty($_POST['selectvenueadmin']) || empty($_POST['cdate']) || empty($_POST['ticket']) || empty($_POST['eventurl'])) echo ''; else { @@ -365,7 +366,7 @@ if ( !class_exists( 'GiglogAdmin_AdminPage' ) ) { if(isset($_POST['newband'])) { - if (empty($_POST['bandname'])) //country is not checked as it is set to Norway by default + IF (empty($_POST['bandname'])) //country is not checked as it is set to Norway by default echo ''; else { @@ -376,7 +377,7 @@ if ( !class_exists( 'GiglogAdmin_AdminPage' ) ) { if(isset($_POST['newvenue'])) { - if (empty($_POST['venuename']) || empty($_POST['venuecity'])) + IF (empty($_POST['venuename']) || empty($_POST['venuecity'])) echo ''; else { -- cgit v1.2.3