- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_rallye_prices (rallye_id, price_level, points, info)
-VALUES ('%s', '%s', '%s', '%s')",
- array(
- bigintval($_GET['rallye']),
- bigintval($_POST['level']),
- $_POST['points'],
- $_POST['info']
-), __FILE__, __LINE__);
- LOAD_TEMPLATE ("admin_settings_saved", false, RALLYE_PRICE_LEVEL_SAVED);
- }
- else
- {
+ SQL_QUERY_ESC("INSERT INTO
+ `{?_MYSQL_PREFIX?}_rallye_prices`
+(`rallye_id`,`price_level`,`points`,`info`)
+ VALUES
+(%s, %s, '%s', '%s')",
+ array(
+ bigintval(getRequestElement('rallye')),
+ bigintval(postRequestElement('level')),
+ postRequestElement('points'),
+ postRequestElement('info')
+ ), __FILE__, __LINE__);
+ displayMessage('{--RALLYE_PRICE_LEVEL_SAVED--}');
+ } else {