Überarbeitete Version der 1. Version. Es bestehen noch grosse Feher in einzelnen Skripten.

This commit is contained in:
Fabio Herzig
2026-04-18 23:45:17 +02:00
parent a51fd9dbeb
commit 3731183654
85 changed files with 2965 additions and 3371 deletions

View File

@@ -4,8 +4,17 @@ header('Content-Type: application/json');
if (!isset($baseDir)) {
$baseDir = $_SERVER['DOCUMENT_ROOT'];
}
require_once $baseDir . '/../scripts/session_functions.php';
ini_wkvs_session();
check_user_permission('wk_leitung');
verify_csrf();
// ---------- Get and sanitize input ----------
$type = isset($_GET['type']) ? preg_replace('/[^a-zA-Z0-9 _-]/', '', $_GET['type']) : '';
$type = isset($_POST['type']) ? preg_replace('/[^a-zA-Z0-9 _-]/', '', $_POST['type']) : '';
$allowed_types = ['logo','scoring','ctext'];
if (!in_array($type, $allowed_types)) {
@@ -14,7 +23,7 @@ if (!in_array($type, $allowed_types)) {
}
if ($type === 'ctext'){
$ctext = isset($_GET['ctext']) ? $_GET['ctext'] : '';
$ctext = isset($_POST['ctext']) ? $_POST['ctext'] : '';
}
$folder = realpath($baseDir.'/displays/json');