From 9197f35b32ea7a218e49588ac167bebd248e8576 Mon Sep 17 00:00:00 2001
From: Erich Eckner <git@eckner.net>
Date: Mon, 4 Nov 2024 20:16:55 +0100
Subject: php vereinheitlichen, SQL injections verhindern

---
 computer-time-limit.php | 25 ++++++++-----------------
 1 file changed, 8 insertions(+), 17 deletions(-)

diff --git a/computer-time-limit.php b/computer-time-limit.php
index 3297f67..acc3135 100644
--- a/computer-time-limit.php
+++ b/computer-time-limit.php
@@ -90,12 +90,14 @@ if (array_key_exists('msg', $_POST) && array_key_exists('sig', $_POST)) {
   $von = date('Y-m-d H:i:s', $now);
   $bis = date('Y-m-d H:i:s', $now + $noch);
   if (is_null($host)) {
+    $print_host = 'NULL';
     $host = 'NULL';
   } else {
-    $host = '"' . $host . '"';
+    $print_host = $host;
+    $host = 'from_base64("' . base64_encode($host) . '")';
   }
 
-  log_to_file('to_db ' . $key . ' ' . $host . ' ' . $von . ' ' . $bis);
+  log_to_file('to_db ' . $key . ' ' . $print_host . ' ' . $von . ' ' . $bis);
   $db -> exec(
     'UPDATE `computer_time`' .
     ' SET `host`=' . $host . ',' .
@@ -113,10 +115,7 @@ if ($is_openmetrics) {
   print('#HELP computer_time_left Available computer time in seconds.' . "\n");
   print('#TYPE computer_time_left gauge' . "\n");
 } else {
-
-?><html><body><table>
-<?php
-
+  print('<html><body><table>' . "\n");
 }
 
 while ($row = $result->fetchArray()) {
@@ -141,19 +140,11 @@ while ($row = $result->fetchArray()) {
     continue;
   }
 
-  ?>  <tr><td><?php print($row['name']); ?></td><td><?php
-
-  print(date('Y-m-d H:i:s', $bis));
-  print(' (');
-  print($noch);
-  print(')');
+  print('<tr><td>' . $row['name'] . '</td><td>' . date('Y-m-d H:i:s', $bis) . ' (' . $noch . ')');
+  print('</td><td>' . $row['host'] . '</td></tr>' . "\n");
 
-  ?></td><td><?php print($row['host']); ?></td></tr>
-<?php
 }
 
 if (!$is_openmetrics) {
-
-?></table></body></html><?php
-
+  print ('</table></body></html>' . "\n");
 }
-- 
cgit v1.2.3-70-g09d2