stoat/test
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix php

Browse Source
This commit is contained in:
John Peck
2025-11-29 09:35:18 +00:00
parent c1667681e7
commit 1c2d8a3b6d
8 changed files with 351 additions and 382 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
single.php
View File

@@ -1,16 +1,28 @@
<?php
// Tell the browser/client that we are sending JSON data
header('Content-Type: application/json');
// Connecting, selecting database
$dbconn = pg_connect("host=localhost dbname=nws user=nws password=nws")
or die('Could not connect: ' . pg_last_error());
$camid=$_GET['camid'];
// Check if camid is actually set to avoid warnings
if (!isset($_GET['camid'])) {
echo json_encode(array("error" => "No camid specified"));
exit;
}
$camid = $_GET['camid'];
// Performing SQL query
// Always treat hydro and airport as booleans - convert to true/false
$query = "SELECT *, COALESCE(hydro, false) as hydro, COALESCE(airport, false) as airport FROM cams WHERE camid = '{$camid}'";
$result = pg_query($query) or die('Query failed: ' . pg_last_error());
// SECURITY FIX: Changed to use $1 placeholder instead of direct variable injection
$query = "SELECT *, COALESCE(hydro, false) as hydro, COALESCE(airport, false) as airport FROM cams WHERE camid = $1";
// Printing results in HTML
// SECURITY FIX: Use pg_query_params to safely bind the $camid variable
$result = pg_query_params($dbconn, $query, array($camid))
or die('Query failed: ' . pg_last_error());
// Processing results
$array = array();
while ($line = pg_fetch_array($result, null, PGSQL_ASSOC)) {
// Ensure hydro is a proper boolean
@@ -20,9 +32,25 @@ while ($line = pg_fetch_array($result, null, PGSQL_ASSOC)) {
$array[] = $line;
}
// Debug: log the data being sent
error_log("Single.php response for camid $camid: " . json_encode($array));
// --- LOGGING SECTION START ---
// 1. Create a temporary copy for the logs
$logData = $array;
// 2. Remove the clutter fields from the copy
foreach ($logData as &$row) {
unset($row['errorcode']);
// You can also uncomment the line below if you want to hide the long 'geom' string from logs
unset($row['geom']);
}
unset($row); // Break the reference
// 3. Log the clean data
// error_log("Single.php response for camid $camid: " . json_encode($logData));
// --- LOGGING SECTION END ---
// Output the ORIGINAL full array (including errorcode) to the client
echo json_encode($array);
// Free resultset
@@ -30,5 +58,4 @@ pg_free_result($result);
// Closing connection
pg_close($dbconn);
?>
?>