fixed location data fix

This commit is contained in:
Dorian Zedler 2019-07-15 20:42:06 +02:00
parent 4d1aa874aa
commit a73b481809
2 changed files with 7 additions and 6 deletions

View file

@ -120,6 +120,12 @@ class BlueWeather
*/ */
function getLocationData($locId, $range, $maxVals) function getLocationData($locId, $range, $maxVals)
{ {
$locId = $this->_con->real_escape_string($locId);
$range["from"] = $this->_con->real_escape_string($range["from"]);
$range["to"] = $this->_con->real_escape_string($range["to"]);
$maxVals = $this->_con->real_escape_string($maxVals);
$sql = "SELECT * FROM `locations` $sql = "SELECT * FROM `locations`
WHERE`id`=$locId"; WHERE`id`=$locId";
$result = $this->_con->query($sql); $result = $this->_con->query($sql);

View file

@ -26,12 +26,7 @@ $blueweather = new BlueWeather($config);
if (isset($_GET['locId'])) { if (isset($_GET['locId'])) {
// get data of given location // get data of given location
$locId = $con->real_escape_string($_GET['locId']); $data = getLocationData($_GET['locId'], $_GET['range'], $_GET['maxVals']);
$range['from'] = $con->real_escape_string($_GET['range']['from']);
$range['to'] = $con->real_escape_string($_GET['range']['to']);
$maxVals = $con->real_escape_string($_GET['maxVals']);
$data = getLocationData($locId, $range, $maxVals);
} else { } else {
$data = $blueweather->getAllLocations(); $data = $blueweather->getAllLocations();
} }