- SQL_QUERY_ESC("INSERT INTO `{!MYSQL_PREFIX!}_rallye_prices` (rallye_id, price_level, points, info)
-VALUES ('%s','%s','%s','%s')",
- array(
- bigintval($_GET['rallye']),
- bigintval($_POST['level']),
- $_POST['points'],
- $_POST['info']
-), __FILE__, __LINE__);
- LOAD_TEMPLATE("admin_settings_saved", false, RALLYE_PRICE_LEVEL_SAVED);
- }
- else
- {
+ SQL_QUERY_ESC("INSERT INTO
+ `{?_MYSQL_PREFIX?}_rallye_prices`
+(`rallye_id`, `price_level`, `points`, `info`)
+ VALUES
+(%s, %s, '%s', '%s')",
+ array(
+ bigintval(getRequestParameter('rallye')),
+ bigintval(postRequestParameter('level')),
+ postRequestParameter('points'),
+ postRequestParameter('info')
+ ), __FILE__, __LINE__);
+ loadTemplate('admin_settings_saved', false, '{--RALLYE_PRICE_LEVEL_SAVED--}');
+ } else {