- switch (REQUEST_POST('ok'))
- {
- case "edit": // Edit menu
- foreach (REQUEST_POST('sel') as $sel => $menu) {
- // Secure ID
- $sel = bigintval($sel);
-
- // Update entry
- SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admin_menu` SET
-title='%s',
-`action`='%s',
-`what`='%s',
-descr='%s'
-WHERE ".$AND." AND id=%s LIMIT 1",
- array(
- $menu,
- REQUEST_POST('sel_action', $sel),
- REQUEST_POST('sel_what', $sel),
- REQUEST_POST('sel_desc', $sel),
- $sel,
-), __FILE__, __LINE__);
- }
-
- // Purge admin menu cache
- CACHE_PURGE_ADMIN_MENU(0, REQUEST_POST('sel_action', $sel), REQUEST_POST('sel_what', $sel));
-
- // Load template
- LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SETTINGS_SAVED'));
- break;
-
- case "del": // Delete menu
- foreach (REQUEST_POST('sel') as $sel => $menu) {
- SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_admin_menu` WHERE ".$AND." AND id=%s LIMIT 1",
- array(bigintval($sel)), __FILE__, __LINE__);
- CACHE_PURGE_ADMIN_MENU(0, '', '', $AND);
- } // END - foreach
-
- // Load template
- LOAD_TEMPLATE('admin_settings_saved', false, getMessage('SETTINGS_SAVED'));
- break;
+ switch (postRequestElement('ok')) {
+ case 'edit': // Edit menu
+ foreach (postRequestElement('sel') as $sel => $menu) {
+ // Secure id
+ $sel = bigintval($sel);
+
+ // Update entry
+ sqlQueryEscaped("UPDATE
+ `{?_MYSQL_PREFIX?}_admin_menu`
+SET
+ `title`='%s',
+ `action`='%s',
+ `what`='%s',
+ `descr`='%s'
+WHERE
+ ".$AND." AND
+ `id`=%s
+LIMIT 1",
+ array(
+ $menu,
+ postRequestElement('sel_action', $sel),
+ postRequestElement('sel_what', $sel),
+ postRequestElement('sel_desc', $sel),
+ $sel,
+ ), __FILE__, __LINE__);
+ }