- if (!empty($SQL))
- {
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_pool SET
-subject='%s',
-text='%s',
-url='%s'
-WHERE id=%s LIMIT 1",
- array(
- $_POST['subj'],
- $_POST['text'],
- $_POST['url'],
- bigintval($_POST['id']),
-), __FILE__, __LINE__);
- if (SQL_AFFECTEDROWS() == 1)
- {
- $content = "<SPAN class=\"admin_done\">".SETTINGS_SAVED."</SPAN>";
- }
- else
- {
- $content = "<SPAN class=\"admin_failed\">".SETTINGS_NOT_SAVED."</SPAN>";
- }
- }
- else
- {
- $content = "<SPAN class=\"admin_failed\">".SETTINGS_NOT_SAVED."</SPAN>";
+ SQL_QUERY_ESC("UPDATE
+ `{?_MYSQL_PREFIX?}_pool`
+SET
+ `subject`='%s',
+ `text`='%s',
+ `url`='%s'
+WHERE
+ `id`=%s
+LIMIT 1",
+ array(
+ postRequestParameter('subject'),
+ postRequestParameter('text'),
+ postRequestParameter('url'),
+ bigintval(postRequestParameter('id')),
+ ), __FILE__, __LINE__);
+
+ if (SQL_AFFECTEDROWS() == 1) {
+ $content = getMessage('SETTINGS_SAVED');
+ } else {
+ $content = '<span class="admin_failed">{--SETTINGS_NOT_SAVED--}</span>';