M4 A2
SQLI Pretection mysqli_real_escape_string() XSS Pretection htmlspecialchars ()
This commit is contained in:
S170H
91
M4/Dossier/.$Aufgabe1.drawio.dtmp
Normal file
91
M4/Dossier/.$Aufgabe1.drawio.dtmp
Normal file
@@ -0,0 +1,91 @@
|
|||||||
|
<mxfile host="Electron" modified="2023-12-02T22:05:22.197Z" agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/22.1.2 Chrome/114.0.5735.289 Electron/25.9.4 Safari/537.36" etag="rtvPorWLK5CfuI4500ka" version="22.1.2" type="device">
|
||||||
|
<diagram name="Seite-1" id="jhCbnHoXzx65MXILfqUJ">
|
||||||
|
<mxGraphModel dx="1048" dy="722" grid="0" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="827" pageHeight="1169" math="0" shadow="0">
|
||||||
|
<root>
|
||||||
|
<mxCell id="0" />
|
||||||
|
<mxCell id="1" parent="0" />
|
||||||
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-1" value="erstellt" style="rhombus;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||||
|
<mxGeometry x="320" y="240" width="160" height="80" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-2" value="Wunschgericht" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||||
|
<mxGeometry x="560" y="240" width="160" height="80" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-3" value="Ersteller" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||||
|
<mxGeometry x="80" y="240" width="160" height="80" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-4" value="Name" style="ellipse;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||||
|
<mxGeometry x="560" y="140" width="80" height="40" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-5" value="Beschreibung" style="ellipse;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||||
|
<mxGeometry x="680" y="140" width="80" height="40" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-6" value="Erstellungs-datum" style="ellipse;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||||
|
<mxGeometry x="500" y="180" width="80" height="40" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-7" value="ID" style="ellipse;whiteSpace=wrap;html=1;fontStyle=4" parent="1" vertex="1">
|
||||||
|
<mxGeometry x="620" y="180" width="80" height="40" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-12" value="" style="endArrow=none;html=1;rounded=0;entryX=0.5;entryY=1;entryDx=0;entryDy=0;" parent="1" target="8l75yZ3mhxg1qXRySu_G-5" edge="1">
|
||||||
|
<mxGeometry width="50" height="50" relative="1" as="geometry">
|
||||||
|
<mxPoint x="700" y="240" as="sourcePoint" />
|
||||||
|
<mxPoint x="750" y="190" as="targetPoint" />
|
||||||
|
</mxGeometry>
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-13" value="" style="endArrow=none;html=1;rounded=0;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.621;entryY=0.005;entryDx=0;entryDy=0;entryPerimeter=0;" parent="1" source="8l75yZ3mhxg1qXRySu_G-7" target="8l75yZ3mhxg1qXRySu_G-2" edge="1">
|
||||||
|
<mxGeometry width="50" height="50" relative="1" as="geometry">
|
||||||
|
<mxPoint x="730" y="280" as="sourcePoint" />
|
||||||
|
<mxPoint x="780" y="230" as="targetPoint" />
|
||||||
|
</mxGeometry>
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-14" value="" style="endArrow=none;html=1;rounded=0;entryX=0.5;entryY=1;entryDx=0;entryDy=0;" parent="1" target="8l75yZ3mhxg1qXRySu_G-4" edge="1">
|
||||||
|
<mxGeometry width="50" height="50" relative="1" as="geometry">
|
||||||
|
<mxPoint x="600" y="240" as="sourcePoint" />
|
||||||
|
<mxPoint x="628" y="154" as="targetPoint" />
|
||||||
|
</mxGeometry>
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-15" value="" style="endArrow=none;html=1;rounded=0;entryX=1;entryY=1;entryDx=0;entryDy=0;exitX=0.15;exitY=0.003;exitDx=0;exitDy=0;exitPerimeter=0;" parent="1" source="8l75yZ3mhxg1qXRySu_G-2" target="8l75yZ3mhxg1qXRySu_G-6" edge="1">
|
||||||
|
<mxGeometry width="50" height="50" relative="1" as="geometry">
|
||||||
|
<mxPoint x="610" y="250" as="sourcePoint" />
|
||||||
|
<mxPoint x="610" y="170" as="targetPoint" />
|
||||||
|
</mxGeometry>
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-17" value="" style="endArrow=none;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="1" edge="1">
|
||||||
|
<mxGeometry width="50" height="50" relative="1" as="geometry">
|
||||||
|
<mxPoint x="480" y="279.66" as="sourcePoint" />
|
||||||
|
<mxPoint x="560" y="279.66" as="targetPoint" />
|
||||||
|
</mxGeometry>
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-18" value="Name" style="ellipse;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||||
|
<mxGeometry x="80" y="160" width="80" height="40" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-19" value="<u>E-Mail</u>" style="ellipse;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||||
|
<mxGeometry x="170" y="160" width="80" height="40" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-20" value="" style="endArrow=none;html=1;rounded=0;entryX=0.5;entryY=1;entryDx=0;entryDy=0;exitX=0.25;exitY=0;exitDx=0;exitDy=0;" parent="1" source="8l75yZ3mhxg1qXRySu_G-3" edge="1">
|
||||||
|
<mxGeometry width="50" height="50" relative="1" as="geometry">
|
||||||
|
<mxPoint x="100" y="260" as="sourcePoint" />
|
||||||
|
<mxPoint x="120" y="200" as="targetPoint" />
|
||||||
|
</mxGeometry>
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-21" value="" style="endArrow=none;html=1;rounded=0;entryX=0.5;entryY=1;entryDx=0;entryDy=0;exitX=0.25;exitY=0;exitDx=0;exitDy=0;" parent="1" edge="1">
|
||||||
|
<mxGeometry width="50" height="50" relative="1" as="geometry">
|
||||||
|
<mxPoint x="209.65999999999997" y="240" as="sourcePoint" />
|
||||||
|
<mxPoint x="209.65999999999997" y="200" as="targetPoint" />
|
||||||
|
</mxGeometry>
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-22" value="N" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" parent="1" vertex="1">
|
||||||
|
<mxGeometry x="530" y="250" width="30" height="30" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-23" value="1" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" parent="1" vertex="1">
|
||||||
|
<mxGeometry x="240" y="250" width="30" height="30" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-24" value="" style="endArrow=none;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="1" edge="1">
|
||||||
|
<mxGeometry width="50" height="50" relative="1" as="geometry">
|
||||||
|
<mxPoint x="240" y="280" as="sourcePoint" />
|
||||||
|
<mxPoint x="320" y="280" as="targetPoint" />
|
||||||
|
</mxGeometry>
|
||||||
|
</mxCell>
|
||||||
|
</root>
|
||||||
|
</mxGraphModel>
|
||||||
|
</diagram>
|
||||||
|
</mxfile>
|
||||||
@@ -1,85 +1,85 @@
|
|||||||
<mxfile host="Electron" modified="2023-12-01T16:19:25.109Z" agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/22.1.2 Chrome/114.0.5735.289 Electron/25.9.4 Safari/537.36" etag="dxKCu5QbLbRewCOaytOA" version="22.1.2" type="device">
|
<mxfile host="Electron" modified="2023-12-02T22:05:19.234Z" agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/22.1.2 Chrome/114.0.5735.289 Electron/25.9.4 Safari/537.36" etag="UqWXQEsGpaBe1QuKew26" version="22.1.2" type="device">
|
||||||
<diagram name="Seite-1" id="jhCbnHoXzx65MXILfqUJ">
|
<diagram name="Seite-1" id="jhCbnHoXzx65MXILfqUJ">
|
||||||
<mxGraphModel dx="875" dy="604" grid="0" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="827" pageHeight="1169" math="0" shadow="0">
|
<mxGraphModel dx="1048" dy="722" grid="0" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="827" pageHeight="1169" math="0" shadow="0">
|
||||||
<root>
|
<root>
|
||||||
<mxCell id="0" />
|
<mxCell id="0" />
|
||||||
<mxCell id="1" parent="0" />
|
<mxCell id="1" parent="0" />
|
||||||
<mxCell id="8l75yZ3mhxg1qXRySu_G-1" value="erstellt" style="rhombus;whiteSpace=wrap;html=1;" vertex="1" parent="1">
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-1" value="erstellt" style="rhombus;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||||
<mxGeometry x="320" y="240" width="160" height="80" as="geometry" />
|
<mxGeometry x="320" y="240" width="160" height="80" as="geometry" />
|
||||||
</mxCell>
|
</mxCell>
|
||||||
<mxCell id="8l75yZ3mhxg1qXRySu_G-2" value="Wunschgericht" style="rounded=0;whiteSpace=wrap;html=1;" vertex="1" parent="1">
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-2" value="Wunschgericht" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||||
<mxGeometry x="560" y="240" width="160" height="80" as="geometry" />
|
<mxGeometry x="560" y="240" width="160" height="80" as="geometry" />
|
||||||
</mxCell>
|
</mxCell>
|
||||||
<mxCell id="8l75yZ3mhxg1qXRySu_G-3" value="Ersteller" style="rounded=0;whiteSpace=wrap;html=1;" vertex="1" parent="1">
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-3" value="Ersteller" style="rounded=0;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||||
<mxGeometry x="80" y="240" width="160" height="80" as="geometry" />
|
<mxGeometry x="80" y="240" width="160" height="80" as="geometry" />
|
||||||
</mxCell>
|
</mxCell>
|
||||||
<mxCell id="8l75yZ3mhxg1qXRySu_G-4" value="Name" style="ellipse;whiteSpace=wrap;html=1;" vertex="1" parent="1">
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-4" value="Name" style="ellipse;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||||
<mxGeometry x="560" y="140" width="80" height="40" as="geometry" />
|
<mxGeometry x="560" y="140" width="80" height="40" as="geometry" />
|
||||||
</mxCell>
|
</mxCell>
|
||||||
<mxCell id="8l75yZ3mhxg1qXRySu_G-5" value="Beschreibung" style="ellipse;whiteSpace=wrap;html=1;" vertex="1" parent="1">
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-5" value="Beschreibung" style="ellipse;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||||
<mxGeometry x="680" y="140" width="80" height="40" as="geometry" />
|
<mxGeometry x="680" y="140" width="80" height="40" as="geometry" />
|
||||||
</mxCell>
|
</mxCell>
|
||||||
<mxCell id="8l75yZ3mhxg1qXRySu_G-6" value="Erstellungs-datum" style="ellipse;whiteSpace=wrap;html=1;" vertex="1" parent="1">
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-6" value="Erstellungs-datum" style="ellipse;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||||
<mxGeometry x="500" y="180" width="80" height="40" as="geometry" />
|
<mxGeometry x="500" y="180" width="80" height="40" as="geometry" />
|
||||||
</mxCell>
|
</mxCell>
|
||||||
<mxCell id="8l75yZ3mhxg1qXRySu_G-7" value="ID" style="ellipse;whiteSpace=wrap;html=1;fontStyle=4" vertex="1" parent="1">
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-7" value="ID" style="ellipse;whiteSpace=wrap;html=1;fontStyle=4" parent="1" vertex="1">
|
||||||
<mxGeometry x="620" y="180" width="80" height="40" as="geometry" />
|
<mxGeometry x="620" y="180" width="80" height="40" as="geometry" />
|
||||||
</mxCell>
|
</mxCell>
|
||||||
<mxCell id="8l75yZ3mhxg1qXRySu_G-12" value="" style="endArrow=none;html=1;rounded=0;entryX=0.5;entryY=1;entryDx=0;entryDy=0;" edge="1" parent="1" target="8l75yZ3mhxg1qXRySu_G-5">
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-12" value="" style="endArrow=none;html=1;rounded=0;entryX=0.5;entryY=1;entryDx=0;entryDy=0;" parent="1" target="8l75yZ3mhxg1qXRySu_G-5" edge="1">
|
||||||
<mxGeometry width="50" height="50" relative="1" as="geometry">
|
<mxGeometry width="50" height="50" relative="1" as="geometry">
|
||||||
<mxPoint x="700" y="240" as="sourcePoint" />
|
<mxPoint x="700" y="240" as="sourcePoint" />
|
||||||
<mxPoint x="750" y="190" as="targetPoint" />
|
<mxPoint x="750" y="190" as="targetPoint" />
|
||||||
</mxGeometry>
|
</mxGeometry>
|
||||||
</mxCell>
|
</mxCell>
|
||||||
<mxCell id="8l75yZ3mhxg1qXRySu_G-13" value="" style="endArrow=none;html=1;rounded=0;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.621;entryY=0.005;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="8l75yZ3mhxg1qXRySu_G-7" target="8l75yZ3mhxg1qXRySu_G-2">
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-13" value="" style="endArrow=none;html=1;rounded=0;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.621;entryY=0.005;entryDx=0;entryDy=0;entryPerimeter=0;" parent="1" source="8l75yZ3mhxg1qXRySu_G-7" target="8l75yZ3mhxg1qXRySu_G-2" edge="1">
|
||||||
<mxGeometry width="50" height="50" relative="1" as="geometry">
|
<mxGeometry width="50" height="50" relative="1" as="geometry">
|
||||||
<mxPoint x="730" y="280" as="sourcePoint" />
|
<mxPoint x="730" y="280" as="sourcePoint" />
|
||||||
<mxPoint x="780" y="230" as="targetPoint" />
|
<mxPoint x="780" y="230" as="targetPoint" />
|
||||||
</mxGeometry>
|
</mxGeometry>
|
||||||
</mxCell>
|
</mxCell>
|
||||||
<mxCell id="8l75yZ3mhxg1qXRySu_G-14" value="" style="endArrow=none;html=1;rounded=0;entryX=0.5;entryY=1;entryDx=0;entryDy=0;" edge="1" parent="1" target="8l75yZ3mhxg1qXRySu_G-4">
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-14" value="" style="endArrow=none;html=1;rounded=0;entryX=0.5;entryY=1;entryDx=0;entryDy=0;" parent="1" target="8l75yZ3mhxg1qXRySu_G-4" edge="1">
|
||||||
<mxGeometry width="50" height="50" relative="1" as="geometry">
|
<mxGeometry width="50" height="50" relative="1" as="geometry">
|
||||||
<mxPoint x="600" y="240" as="sourcePoint" />
|
<mxPoint x="600" y="240" as="sourcePoint" />
|
||||||
<mxPoint x="628" y="154" as="targetPoint" />
|
<mxPoint x="628" y="154" as="targetPoint" />
|
||||||
</mxGeometry>
|
</mxGeometry>
|
||||||
</mxCell>
|
</mxCell>
|
||||||
<mxCell id="8l75yZ3mhxg1qXRySu_G-15" value="" style="endArrow=none;html=1;rounded=0;entryX=1;entryY=1;entryDx=0;entryDy=0;exitX=0.15;exitY=0.003;exitDx=0;exitDy=0;exitPerimeter=0;" edge="1" parent="1" source="8l75yZ3mhxg1qXRySu_G-2" target="8l75yZ3mhxg1qXRySu_G-6">
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-15" value="" style="endArrow=none;html=1;rounded=0;entryX=1;entryY=1;entryDx=0;entryDy=0;exitX=0.15;exitY=0.003;exitDx=0;exitDy=0;exitPerimeter=0;" parent="1" source="8l75yZ3mhxg1qXRySu_G-2" target="8l75yZ3mhxg1qXRySu_G-6" edge="1">
|
||||||
<mxGeometry width="50" height="50" relative="1" as="geometry">
|
<mxGeometry width="50" height="50" relative="1" as="geometry">
|
||||||
<mxPoint x="610" y="250" as="sourcePoint" />
|
<mxPoint x="610" y="250" as="sourcePoint" />
|
||||||
<mxPoint x="610" y="170" as="targetPoint" />
|
<mxPoint x="610" y="170" as="targetPoint" />
|
||||||
</mxGeometry>
|
</mxGeometry>
|
||||||
</mxCell>
|
</mxCell>
|
||||||
<mxCell id="8l75yZ3mhxg1qXRySu_G-17" value="" style="endArrow=none;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" edge="1" parent="1">
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-17" value="" style="endArrow=none;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="1" edge="1">
|
||||||
<mxGeometry width="50" height="50" relative="1" as="geometry">
|
<mxGeometry width="50" height="50" relative="1" as="geometry">
|
||||||
<mxPoint x="480" y="279.66" as="sourcePoint" />
|
<mxPoint x="480" y="279.66" as="sourcePoint" />
|
||||||
<mxPoint x="560" y="279.66" as="targetPoint" />
|
<mxPoint x="560" y="279.66" as="targetPoint" />
|
||||||
</mxGeometry>
|
</mxGeometry>
|
||||||
</mxCell>
|
</mxCell>
|
||||||
<mxCell id="8l75yZ3mhxg1qXRySu_G-18" value="Name" style="ellipse;whiteSpace=wrap;html=1;" vertex="1" parent="1">
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-18" value="Name" style="ellipse;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||||
<mxGeometry x="80" y="160" width="80" height="40" as="geometry" />
|
<mxGeometry x="80" y="160" width="80" height="40" as="geometry" />
|
||||||
</mxCell>
|
</mxCell>
|
||||||
<mxCell id="8l75yZ3mhxg1qXRySu_G-19" value="E-Mail" style="ellipse;whiteSpace=wrap;html=1;" vertex="1" parent="1">
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-19" value="<u>E-Mail</u>" style="ellipse;whiteSpace=wrap;html=1;" parent="1" vertex="1">
|
||||||
<mxGeometry x="170" y="160" width="80" height="40" as="geometry" />
|
<mxGeometry x="170" y="160" width="80" height="40" as="geometry" />
|
||||||
</mxCell>
|
</mxCell>
|
||||||
<mxCell id="8l75yZ3mhxg1qXRySu_G-20" value="" style="endArrow=none;html=1;rounded=0;entryX=0.5;entryY=1;entryDx=0;entryDy=0;exitX=0.25;exitY=0;exitDx=0;exitDy=0;" edge="1" parent="1" source="8l75yZ3mhxg1qXRySu_G-3">
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-20" value="" style="endArrow=none;html=1;rounded=0;entryX=0.5;entryY=1;entryDx=0;entryDy=0;exitX=0.25;exitY=0;exitDx=0;exitDy=0;" parent="1" source="8l75yZ3mhxg1qXRySu_G-3" edge="1">
|
||||||
<mxGeometry width="50" height="50" relative="1" as="geometry">
|
<mxGeometry width="50" height="50" relative="1" as="geometry">
|
||||||
<mxPoint x="100" y="260" as="sourcePoint" />
|
<mxPoint x="100" y="260" as="sourcePoint" />
|
||||||
<mxPoint x="120" y="200" as="targetPoint" />
|
<mxPoint x="120" y="200" as="targetPoint" />
|
||||||
</mxGeometry>
|
</mxGeometry>
|
||||||
</mxCell>
|
</mxCell>
|
||||||
<mxCell id="8l75yZ3mhxg1qXRySu_G-21" value="" style="endArrow=none;html=1;rounded=0;entryX=0.5;entryY=1;entryDx=0;entryDy=0;exitX=0.25;exitY=0;exitDx=0;exitDy=0;" edge="1" parent="1">
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-21" value="" style="endArrow=none;html=1;rounded=0;entryX=0.5;entryY=1;entryDx=0;entryDy=0;exitX=0.25;exitY=0;exitDx=0;exitDy=0;" parent="1" edge="1">
|
||||||
<mxGeometry width="50" height="50" relative="1" as="geometry">
|
<mxGeometry width="50" height="50" relative="1" as="geometry">
|
||||||
<mxPoint x="209.65999999999997" y="240" as="sourcePoint" />
|
<mxPoint x="209.65999999999997" y="240" as="sourcePoint" />
|
||||||
<mxPoint x="209.65999999999997" y="200" as="targetPoint" />
|
<mxPoint x="209.65999999999997" y="200" as="targetPoint" />
|
||||||
</mxGeometry>
|
</mxGeometry>
|
||||||
</mxCell>
|
</mxCell>
|
||||||
<mxCell id="8l75yZ3mhxg1qXRySu_G-22" value="N" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" vertex="1" parent="1">
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-22" value="N" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" parent="1" vertex="1">
|
||||||
<mxGeometry x="530" y="250" width="30" height="30" as="geometry" />
|
<mxGeometry x="530" y="250" width="30" height="30" as="geometry" />
|
||||||
</mxCell>
|
</mxCell>
|
||||||
<mxCell id="8l75yZ3mhxg1qXRySu_G-23" value="1" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" vertex="1" parent="1">
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-23" value="1" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" parent="1" vertex="1">
|
||||||
<mxGeometry x="240" y="250" width="30" height="30" as="geometry" />
|
<mxGeometry x="240" y="250" width="30" height="30" as="geometry" />
|
||||||
</mxCell>
|
</mxCell>
|
||||||
<mxCell id="8l75yZ3mhxg1qXRySu_G-24" value="" style="endArrow=none;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" edge="1" parent="1">
|
<mxCell id="8l75yZ3mhxg1qXRySu_G-24" value="" style="endArrow=none;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;" parent="1" edge="1">
|
||||||
<mxGeometry width="50" height="50" relative="1" as="geometry">
|
<mxGeometry width="50" height="50" relative="1" as="geometry">
|
||||||
<mxPoint x="240" y="280" as="sourcePoint" />
|
<mxPoint x="240" y="280" as="sourcePoint" />
|
||||||
<mxPoint x="320" y="280" as="targetPoint" />
|
<mxPoint x="320" y="280" as="targetPoint" />
|
||||||
BIN
M4/Dossier/ERD M4-1-1.png
Normal file
BIN
M4/Dossier/ERD M4-1-1.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 56 KiB |
86
M4/Dossier/M4.md
Normal file
86
M4/Dossier/M4.md
Normal file
@@ -0,0 +1,86 @@
|
|||||||
|
# Aufgabe 1
|
||||||
|
> Dauer: 2 h
|
||||||
|
## 1)
|
||||||
|
|
||||||
|
## 2) Datenbankentwurf in Relationenschreibweise
|
||||||
|
```sql
|
||||||
|
use emensawerbeseite;
|
||||||
|
|
||||||
|
-- Tabelle 'Ersteller' erstellen
|
||||||
|
CREATE TABLE IF NOT EXISTS Ersteller (
|
||||||
|
EMail VARCHAR(255) PRIMARY KEY,
|
||||||
|
Name VARCHAR(255) DEFAULT 'anonym'
|
||||||
|
);
|
||||||
|
|
||||||
|
-- Tabelle 'Wunschgericht' erstellen
|
||||||
|
CREATE TABLE IF NOT EXISTS Wunschgericht (
|
||||||
|
ID INT AUTO_INCREMENT PRIMARY KEY,
|
||||||
|
Name VARCHAR(255) NOT NULL,
|
||||||
|
Beschreibung TEXT,
|
||||||
|
Erstellungsdatum DATE NOT NULL,
|
||||||
|
Ersteller_EMail VARCHAR(255) NOT NULL,
|
||||||
|
FOREIGN KEY (Ersteller_EMail) REFERENCES Ersteller(EMail)
|
||||||
|
);
|
||||||
|
```
|
||||||
|
## 6)
|
||||||
|
### a)
|
||||||
|
````sql
|
||||||
|
select * from wunschgericht order by Erstellungsdatum desc limit 5;
|
||||||
|
````
|
||||||
|
### b)
|
||||||
|
````sql
|
||||||
|
-- basierend auf M3 6) 4)
|
||||||
|
select ersteller.Name,
|
||||||
|
count(Ersteller_EMail) as anzahl from wunschgericht, ersteller where ersteller.EMail = wunschgericht.Ersteller_EMail
|
||||||
|
group by Ersteller_EMail
|
||||||
|
order by anzahl desc ;
|
||||||
|
````
|
||||||
|
---
|
||||||
|
# Aufgabe 2
|
||||||
|
> Dauer: 2h
|
||||||
|
|
||||||
|
Bei der Übergabe von Daten in die DB müssen diese geprüft werden.
|
||||||
|
Bei der Ausgabe von Daten aus der DB im HTML Code müssen diese Maskiert werden.
|
||||||
|
````php
|
||||||
|
// wunschgericht.php
|
||||||
|
// Zeile 33
|
||||||
|
$sql_ersteller_exists = "SELECT * FROM ersteller WHERE EMail = '" . $ersteller_email . "'";
|
||||||
|
$sql_ersteller_exists = "SELECT * FROM ersteller WHERE EMail = '" . mysqli_real_escape_string($link, $ersteller_email) . "'";
|
||||||
|
|
||||||
|
// Zeile 36
|
||||||
|
$sql_ersteller = "INSERT INTO ersteller(EMail, Name) VALUES ('" . $ersteller_email . "','" . $ersteller_name . "')";
|
||||||
|
$sql_ersteller = "INSERT INTO ersteller(EMail, Name) VALUES ('" . mysqli_real_escape_string($link, $ersteller_email) . "','" . mysqli_real_escape_string($link, $ersteller_name) . "')";
|
||||||
|
|
||||||
|
// Zeile 42
|
||||||
|
$sql = "INSERT INTO wunschgericht(Name, Beschreibung, Erstellungsdatum, Ersteller_EMail) VALUES ('" . $gericht_name . "','" . $gericht_beschreibung . "','". $date ."','" . $ersteller_email . "')";
|
||||||
|
$sql = "INSERT INTO wunschgericht(Name, Beschreibung, Erstellungsdatum, Ersteller_EMail) VALUES ('" . mysqli_real_escape_string($link, $gericht_name) . "','" . mysqli_real_escape_string($link, $gericht_beschreibung) . "','".$date."','" . mysqli_real_escape_string($link, $ersteller_email) . "')";
|
||||||
|
?>
|
||||||
|
````
|
||||||
|
|
||||||
|
````php
|
||||||
|
// index.php
|
||||||
|
// Zeile 43
|
||||||
|
$sql_besucher = "UPDATE besucher_counter SET besucher =".$besucherCount;
|
||||||
|
$sql_besucher = "UPDATE besucher_counter SET besucher =". mysqli_real_escape_string($link, $besucherCount);
|
||||||
|
|
||||||
|
// Zeile 190
|
||||||
|
$tabelle .= "<tr class=\"speisen\"><td>" . $row_gerichte['name'] . " <sup>" . $allergene . "</sup></td><td>" . $preisintern . "€</td><td>" . $preisextern . "€</td><td>Kein Bild in der Datenbank </td></tr>";
|
||||||
|
$tabelle .= "<tr class=\"speisen\"><td>" . htmlspecialchars($row_gerichte['name']) . " <sup>" . htmlspecialchars($allergene) . "</sup></td><td>" . htmlspecialchars($preisintern) . "€</td><td>" . htmlspecialchars($preisextern) . "€</td><td>Kein Bild in der Datenbank </td></tr>";
|
||||||
|
|
||||||
|
|
||||||
|
// Zeile 202
|
||||||
|
$verwendete_allergene_string .= "<sup>".$row_allergen['code']."</sup> ". $row_allergen['name']. ", ";
|
||||||
|
$verwendete_allergene_string .= "<sup>". htmlspecialchars($row_allergen['code']) ."</sup> ". htmlspecialchars($row_allergen['name']) . ", ";
|
||||||
|
|
||||||
|
// Zeile 214f
|
||||||
|
echo $besucherCount;
|
||||||
|
echo $newletterCount;
|
||||||
|
|
||||||
|
echo htmlspecialchars($besucherCount);
|
||||||
|
echo htmlspecialchars($newletterCount);
|
||||||
|
|
||||||
|
// Zeile 220
|
||||||
|
echo $ausgabe["COUNT(id)"];
|
||||||
|
echo htmlspecialchars($ausgabe["COUNT(id)"]);
|
||||||
|
````
|
||||||
|
Bei der Newsletteranmeldung sollte man sich auch ggf. überlegen, wie man die Eingaben prüft un zu vermeiden, das schadhafter Code gespeichert und später abgerufen wird.
|
||||||
@@ -39,7 +39,7 @@ $besucher = mysqli_fetch_assoc($result_sql_besucher);
|
|||||||
|
|
||||||
//Updatet Besucher Zahl
|
//Updatet Besucher Zahl
|
||||||
$besucherCount = $besucher["besucher"] + 1;
|
$besucherCount = $besucher["besucher"] + 1;
|
||||||
$sql_besucher = "UPDATE besucher_counter SET besucher =".$besucherCount;
|
$sql_besucher = "UPDATE besucher_counter SET besucher =". mysqli_real_escape_string($link, $besucherCount);
|
||||||
$result_sql_besucher = mysqli_query($link, $sql_besucher);
|
$result_sql_besucher = mysqli_query($link, $sql_besucher);
|
||||||
|
|
||||||
//Newletter counter
|
//Newletter counter
|
||||||
@@ -96,9 +96,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
|||||||
$current_data[] = $data;
|
$current_data[] = $data;
|
||||||
|
|
||||||
if (file_put_contents($file, json_encode($current_data))) {
|
if (file_put_contents($file, json_encode($current_data))) {
|
||||||
echo '<script type="text/javascript">';
|
echo '<script type="text/javascript"> alert("Vielen Dank für Ihre Anmeldung zum Newsletter.");</script>';
|
||||||
echo 'alert("Vielen Dank für Ihre Anmeldung zum Newsletter.");';
|
|
||||||
echo '</script>';
|
|
||||||
|
|
||||||
//Newsletter counter
|
//Newsletter counter
|
||||||
$newletterCount++;
|
$newletterCount++;
|
||||||
@@ -106,9 +104,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
|||||||
fwrite($newsFile, $newletterCount);
|
fwrite($newsFile, $newletterCount);
|
||||||
fclose($newsFile);
|
fclose($newsFile);
|
||||||
} else {
|
} else {
|
||||||
echo '<script type="text/javascript">';
|
echo '<script type="text/javascript">alert("Es gab einen Fehler bei Ihrer Anmeldung. Bitte versuchen Sie es erneut.");</script>';
|
||||||
echo 'alert("Es gab einen Fehler bei Ihrer Anmeldung. Bitte versuchen Sie es erneut.");';
|
|
||||||
echo '</script>';
|
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
$error_string = "";
|
$error_string = "";
|
||||||
@@ -116,9 +112,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
|||||||
$error_string .= $error . '\n';
|
$error_string .= $error . '\n';
|
||||||
}
|
}
|
||||||
|
|
||||||
echo '<script type="text/javascript">';
|
echo '<script type="text/javascript">alert("' . $error_string . '");</script>';
|
||||||
echo 'alert("' . $error_string . '");';
|
|
||||||
echo '</script>';
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -193,7 +187,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
|||||||
|
|
||||||
// Ausgabe des aktuellen Gerichts
|
// Ausgabe des aktuellen Gerichts
|
||||||
|
|
||||||
$tabelle .= "<tr class=\"speisen\"><td>" . $row_gerichte['name'] . " <sup>" . $allergene . "</sup></td><td>" . $preisintern . "€</td><td>" . $preisextern . "€</td><td>Kein Bild in der Datenbank </td></tr>";
|
$tabelle .= "<tr class=\"speisen\"><td>" . htmlspecialchars($row_gerichte['name']) . " <sup>" . htmlspecialchars($allergene) . "</sup></td><td>" . htmlspecialchars($preisintern) . "€</td><td>" . htmlspecialchars($preisextern) . "€</td><td>Kein Bild in der Datenbank </td></tr>";
|
||||||
}
|
}
|
||||||
$tabelle .= "</table>";
|
$tabelle .= "</table>";
|
||||||
echo $tabelle;
|
echo $tabelle;
|
||||||
@@ -205,26 +199,25 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
|||||||
|
|
||||||
while ($row_allergen = mysqli_fetch_assoc($result_sql_allergen)){
|
while ($row_allergen = mysqli_fetch_assoc($result_sql_allergen)){
|
||||||
if (in_array($row_allergen['code'], $verwendete_allergene_code)){
|
if (in_array($row_allergen['code'], $verwendete_allergene_code)){
|
||||||
$verwendete_allergene_string .= "<sup>".$row_allergen['code']."</sup> ". $row_allergen['name']. ", ";
|
$verwendete_allergene_string .= "<sup>". htmlspecialchars($row_allergen['code']) ."</sup> ". htmlspecialchars($row_allergen['name']) . ", ";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
echo $verwendete_allergene_string;
|
echo $verwendete_allergene_string;
|
||||||
?>
|
?>
|
||||||
|
|
||||||
<h1>Für Sie nichts dabei? <a href="/Werbeseite/wunschgericht.php">Wunschgericht erfassen</a></h1>
|
<h1>Für Sie nichts dabei? <a href="../Werbeseite/wunschgericht.php">Wunschgericht erfassen</a></h1>
|
||||||
|
|
||||||
|
|
||||||
<h1 id="zahlen">E-Mensa in Zahlen</h1>
|
<h1 id="zahlen">E-Mensa in Zahlen</h1>
|
||||||
<div class="zahlen">
|
<div class="zahlen">
|
||||||
<p><?php echo $besucherCount; ?> Besuche</p>
|
<p><?php echo htmlspecialchars($besucherCount); ?> Besuche</p>
|
||||||
<p><?php echo $newletterCount; ?> Anmeldungen zum Newsletter</p>
|
<p><?php echo htmlspecialchars($newletterCount); ?> Anmeldungen zum Newsletter</p><p>
|
||||||
<p>
|
|
||||||
<?php
|
<?php
|
||||||
$sql_gerichte = "SELECT COUNT(id) FROM gericht";
|
$sql_gerichte = "SELECT COUNT(id) FROM gericht";
|
||||||
$result_sql_gerichte = mysqli_query($link, $sql_gerichte);
|
$result_sql_gerichte = mysqli_query($link, $sql_gerichte);
|
||||||
$ausgabe = mysqli_fetch_assoc($result_sql_gerichte);
|
$ausgabe = mysqli_fetch_assoc($result_sql_gerichte);
|
||||||
echo $ausgabe["COUNT(id)"];
|
echo htmlspecialchars($ausgabe["COUNT(id)"]);
|
||||||
?>
|
?>
|
||||||
Speisen
|
Speisen
|
||||||
</p>
|
</p>
|
||||||
|
|||||||
@@ -17,14 +17,38 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
|||||||
exit();
|
exit();
|
||||||
}
|
}
|
||||||
|
|
||||||
// Einfügen in die Datenbank
|
$error_count = 0;
|
||||||
$sql = "INSERT INTO wunschgericht (name, beschreibung) VALUES ('" . mysqli_real_escape_string($link, $gericht_name) . "', '" . mysqli_real_escape_string($link, $gericht_beschreibung) . "')";
|
$spam_domains = array("rcpt.at", "damnthespam.at", "wegwerfmail.de", "trashmail");
|
||||||
$result = mysqli_query($link, $sql);
|
|
||||||
|
|
||||||
if ($result) {
|
foreach ($spam_domains as $domain) {
|
||||||
echo "Ihr Wunschgericht wurde erfolgreich gespeichert!";
|
if (str_contains($ersteller_email, $domain)) {
|
||||||
} else {
|
echo '<script type="text/javascript"> alert("Fehler bei den übermittelten Daten");</script>';
|
||||||
echo "Es gab einen Fehler: " . mysqli_error($link);
|
$error_count++;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if(!$error_count){
|
||||||
|
// Ersteller in DB eintragen
|
||||||
|
$sql_ersteller_exists = "SELECT * FROM ersteller WHERE EMail = '" . mysqli_real_escape_string($link, $ersteller_email) . "'";
|
||||||
|
$result_ersteller_exists = mysqli_query($link,$sql_ersteller_exists);
|
||||||
|
if(mysqli_num_rows($result_ersteller_exists) == 0){
|
||||||
|
$sql_ersteller = "INSERT INTO ersteller(EMail, Name) VALUES ('" . mysqli_real_escape_string($link, $ersteller_email) . "','" . mysqli_real_escape_string($link, $ersteller_name) . "')";
|
||||||
|
$result_ersteller = mysqli_query($link,$sql_ersteller);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Gericht in die DB eintragen
|
||||||
|
$date = date("Y-m-d");
|
||||||
|
$sql = "INSERT INTO wunschgericht(Name, Beschreibung, Erstellungsdatum, Ersteller_EMail)
|
||||||
|
VALUES ('" . mysqli_real_escape_string($link, $gericht_name) . "','" . mysqli_real_escape_string($link, $gericht_beschreibung) . "','".$date."','" . mysqli_real_escape_string($link, $ersteller_email) . "')";
|
||||||
|
$result = mysqli_query($link, $sql);
|
||||||
|
|
||||||
|
if ($result) {
|
||||||
|
echo '<script type="text/javascript"> alert("Ihr Wunschgericht wurde erfolgreich gespeichert!");</script>';
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
echo '<script type="text/javascript"> alert("Es gab einen Fehler: "' . mysqli_error($link) . '</script>';
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
mysqli_close($link);
|
mysqli_close($link);
|
||||||
|
|||||||
Reference in New Issue
Block a user