- if (!empty($_POST['menu']))
- {
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_member_menu
-(`action`,`what`,`title`,`visible`,`locked`,`sort`)
-VALUES('%s','%s','%s','%s','%s','%s')",
- array(
- $_POST['menu'],
- $_POST['name'],
- $_POST['title'],
- $_POST['visible'],
- $_POST['active'],
- bigintval($_POST['sort']),
-), __FILE__, __LINE__);
+ if (isPostRequestElementSet('menu')) {
+ SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_member_menu` (`action`,`what`,`title`,`visible`,`locked`,`sort`) VALUES ('%s','%s','%s','%s','%s','%s')",
+ array(
+ postRequestElement('menu'),
+ postRequestElement('name'),
+ postRequestElement('title'),
+ postRequestElement('visible'),
+ postRequestElement('active'),
+ bigintval(postRequestElement('sort')),
+ ), __FILE__, __LINE__);
+ } else {
+ SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_member_menu` (`action`,`title`,`visible`,`locked`,`sort`) VALUES ('%s','%s','%s','%s','%s')",
+ array(
+ postRequestElement('name'),
+ postRequestElement('title'),
+ postRequestElement('visible'),
+ postRequestElement('active'),
+ bigintval(postRequestElement('sort')),
+ ), __FILE__, __LINE__);