pg_head("$bddb_label - New Log Entry");
- if ($serno == 0)
- die("serial number not specified!");
-
- if (isset($logno))
- die("log number must not be specified when adding!");
+ if (!isset($_REQUEST['serno']) || $_REQUEST['serno'] == '')
+ die("serial number not specified or invalid!");
+ $serno=intval($_REQUEST['serno']);
+
+ if (isset($_REQUEST['logno'])) {
+ $logno=$_REQUEST['logno'];
+ die("log number must not be specified when adding! ($logno)");
+ }
?>
<form action=donewlog.php method=POST>
<p></p>
print_field("date", array('date' => date("Y-m-d")));
// who char(20)
- print_field("who", "");
+ print_field("who", array());
// details text
print_field_multiline("details", array(), 60, 10, 'text_filter');