diff --git a/htdocs/comm/index.php b/htdocs/comm/index.php index 5ad1583e887..50693d2ee6f 100644 --- a/htdocs/comm/index.php +++ b/htdocs/comm/index.php @@ -53,23 +53,23 @@ function valeur($sql) */ -if ($action == 'add_bookmark') +if ($_GET["action"] == 'add_bookmark') { - $sql = "DELETE FROM ".MAIN_DB_PREFIX."bookmark WHERE fk_soc = ".$socidp." AND fk_user=".$user->id; + $sql = "DELETE FROM ".MAIN_DB_PREFIX."bookmark WHERE fk_soc = ".$_GET["socidp"]." AND fk_user=".$user->id; if (! $db->query($sql) ) { print $db->error(); } - $sql = "INSERT INTO ".MAIN_DB_PREFIX."bookmark (fk_soc, dateb, fk_user) VALUES ($socidp, now(),".$user->id.");"; + $sql = "INSERT INTO ".MAIN_DB_PREFIX."bookmark (fk_soc, dateb, fk_user) VALUES (".$_GET["socidp"].", now(),".$user->id.");"; if (! $db->query($sql) ) { print $db->error(); } } -if ($action == 'del_bookmark') +if ($_GET["action"] == 'del_bookmark') { - $sql = "DELETE FROM ".MAIN_DB_PREFIX."bookmark WHERE rowid=$bid"; + $sql = "DELETE FROM ".MAIN_DB_PREFIX."bookmark WHERE rowid=".$_GET["bid"]; $result = $db->query($sql); } @@ -170,25 +170,30 @@ $sql .= " ORDER BY lower(s.nom) ASC"; if ( $db->query($sql) ) { $num = $db->num_rows(); - $i = 0; - print ''; - print ""; - print ""; - print "\n"; - - while ($i < $num) + if ($num) { - $obj = $db->fetch_object( $i); - $var = !$var; - print ""; - print ''; - print ''; - print ''; - $i++; + + $i = 0; + + print '
Bookmark
'.$obj->nom.''; - print '
'; + print ""; + print ""; + print "\n"; + + while ($i < $num) + { + $obj = $db->fetch_object( $i); + $var = !$var; + print ""; + print ''; + print ''; + print ''; + $i++; + } + print '
Bookmark
'.$obj->nom.''; + print '
'; } - print ''; }