Require device ID to be passed

This commit is contained in:
Klaus-Uwe Mitterer 2016-08-03 19:37:08 +02:00
parent d2633ceaa6
commit d98b62cc69
3 changed files with 3 additions and 3 deletions

1
.gitignore vendored Normal file
View file

@ -0,0 +1 @@
config.php

View file

@ -2,8 +2,7 @@
require_once("config.php");
if (isset($_GET["lat"]) && preg_match("/^-?\d+\.\d+$/", $_GET["lat"])
&& isset($_GET["lon"]) && preg_match("/^-?\d+\.\d+$/", $_GET["lon"]) ) {
if (isset($_GET["lat"]) && preg_match("/^-?\d+\.\d+$/", $_GET["lat"]) && isset($_GET["lon"]) && preg_match("/^-?\d+\.\d+$/", $_GET["lon"]) && isset($_GET["device"]) ) {
$conn = new mysqli($servername, $username, $password, $dbname);
@ -11,7 +10,7 @@ if (isset($_GET["lat"]) && preg_match("/^-?\d+\.\d+$/", $_GET["lat"])
die("Connection failed: " . $conn->connect_error);
}
$sql = "INSERT INTO tracker (lat, lon) VALUES (" . mysqli_real_escape_string($conn, $_GET['lat']) . ", " . mysqli_real_escape_string($conn, $_GET['lon']) . ");";
$sql = "INSERT INTO tracker (device, lat, lon) VALUES (" . mysqli_real_escape_string($conn, $_GET['device']) . ", " . mysqli_real_escape_string($conn, $_GET['lat']) . ", " . mysqli_real_escape_string($conn, $_GET['lon']) . ");";
if (!mysqli_query($conn, $sql)) {
die('Error: ' . mysqli_error($conn));