48 lines
997 B
PHP
48 lines
997 B
PHP
<?php
|
|
|
|
|
|
// ToDo's
|
|
// Whitelists oder Prepared Statements gegen SQL-Injection hinzufügen
|
|
|
|
|
|
include 'init.php';
|
|
|
|
$request = htmlspecialchars($_POST['request'], ENT_QUOTES);
|
|
|
|
if ($request=='buildings') {
|
|
$webgis_id = htmlspecialchars($_POST['webgis_id'], ENT_QUOTES);
|
|
|
|
try {
|
|
|
|
$pdo -> query("DELETE FROM buildings WHERE webgis_id = '$webgis_id'");
|
|
|
|
} catch (PDOException $e) {
|
|
echo "ERROR ".$e->getMessage();
|
|
}
|
|
}
|
|
|
|
if ($request == 'pipelines') {
|
|
$webgis_id = htmlspecialchars($_POST['webgis_id'], ENT_QUOTES);
|
|
|
|
try {
|
|
|
|
$pdo -> query("DELETE from pipelines where webgis_id= '$webgis_id' ");
|
|
|
|
} catch(PDOException $e) {
|
|
echo "ERROR ".$e->getMessage();
|
|
}
|
|
}
|
|
|
|
if ($request == 'valves') {
|
|
$webgis_id = htmlspecialchars($_POST['webgis_id'], ENT_QUOTES);
|
|
|
|
try {
|
|
|
|
$pdo -> query("DELETE from valves where webgis_id= '$webgis_id' ");
|
|
|
|
} catch(PDOException $e) {
|
|
echo "ERROR ".$e->getMessage();
|
|
}
|
|
}
|
|
|
|
?>
|