close(); exit(0); } $t = filter_input(INPUT_POST, 'table', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_BACKTICK); $n = filter_input(INPUT_POST, 'n', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_BACKTICK); $bps = "si"; if (isset($_POST['num']) && $_POST['num'] == 'true') $bps = "ii"; if ($n === 'etfav' && $t === 'email_templates') { if ($_POST['v'] < 1) { $sql = "DELETE FROM email_templates_fav WHERE tid=? AND userid=?"; $stmt = $mysqli->prepare($sql); $stmt->bind_param("ii", $_POST['id'], $_SESSION['auth_userid']); $stmt->execute(); $stmt->reset(); } else { $sql = "INSERT INTO email_templates_fav (tid, userid) VALUES (?, ?)"; $stmt = $mysqli->prepare($sql); $stmt->bind_param("ii", $_POST['id'], $_SESSION['auth_userid']); $stmt->execute(); $stmt->reset(); } echo "true"; $mysqli->close(); exit(0); } if ($n === 'salutation' && $t === 'Personen') { $sql = "INSERT INTO Personen_Prefs (persid, userid, salutation) VALUES (?, ?, ?)"; $stmt = $mysqli->prepare($sql); $stmt->bind_param("iii", $_POST['id'], $_SESSION['auth_userid'], $_POST['v']); $stmt->execute(); $stmt->reset(); $sql = "UPDATE Personen_Prefs SET salutation=? WHERE persid=? AND userid=?"; $stmt = $mysqli->prepare($sql); $stmt->bind_param("iii", $_POST['v'], $_POST['id'], $_SESSION['auth_userid']); $stmt->execute(); $stmt->reset(); echo "true"; $mysqli->close(); exit(0); } $sql = "UPDATE `" . $t . "` SET `" . $n . "`=? WHERE ID=? LIMIT 1;"; if (isset($_POST['idcell']) && $_POST['idcell'] != 'false') { $idcell = filter_input(INPUT_POST, 'idcell', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_BACKTICK); $sql = "UPDATE `" . $t . "` SET `" . $n . "`=? WHERE `" . $idcell . "`=? LIMIT 1;"; $bps = 'ss'; if (isset($_POST['num']) && $_POST['num'] == 'true') $bps = 'is'; } $stmt = $mysqli->prepare($sql); #echo $sql . "|" . $bps . "|" . $_POST['v'] . "|" . $_POST['id'] . "@"; $stmt->bind_param($bps, $_POST['v'], $_POST['id']); $stmt->execute(); preg_match_all('!\d+!', $mysqli->info, $m); if ($m[0][0] == 1 || $m[0][1] == 1 || $stmt->affected_rows == 1) echo "true"; else echo "false"; $stmt->reset(); $mysqli->close(); exit(0);