- if (!empty($SUB)) $AND = "action='".$SUB."'";
- switch ($_POST['ok'])
- {
- case "edit": // Edit menu
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET title='%s', action='%s', what='%s', descr='%s' WHERE ".$AND." AND id=%d LIMIT 1",
- array($menu, $_POST['sel_act'][$sel], $_POST['sel_what'][$sel], $_POST['sel_descr'][$sel], $sel), __FILE__, __LINE__);
- break;
-
- case "del": // Delete menu
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND id=%d LIMIT 1",
- array($sel), __FILE__, __LINE__);
- break;
-
- case "status": // Change status of menus
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET visible='%s', locked='%s' WHERE ".$AND." AND id=%d LIMIT 1",
- array($_POST['visible'][$sel], $_POST['locked'][$sel], $sel), __FILE__, __LINE__);
- break;
- }
- break;
- }
+
+ if (!empty($SUB)) $AND = "`action`='" . $SUB . "'";
+
+ switch (postRequestParameter('ok')) {
+ case 'edit': // Edit menu
+ SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_member_menu` SET `title`='%s', `action`='%s', `what`='%s' WHERE ".$AND." AND `id`=%s LIMIT 1",
+ array($menu, postRequestParameter('sel_act', $sel), postRequestParameter('sel_what', $sel), $sel), __FILE__, __LINE__);
+ break;
+
+ case 'del': // Delete menu
+ SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_member_menu` WHERE ".$AND." AND `id`=%s LIMIT 1",
+ array($sel), __FILE__, __LINE__);
+ break;
+
+ case 'status': // Change status of menus
+ SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_member_menu` SET `visible`='%s', `locked`='%s' WHERE ".$AND." AND `id`=%s LIMIT 1",
+ array(postRequestParameter('visible', $sel), postRequestParameter('locked', $sel), $sel), __FILE__, __LINE__);
+ break;
+
+ default: // Unexpected action
+ logDebugMessage(__FILE__, __LINE__, sprintf("Unsupported action %s detected.", postRequestParameter('ok')));
+ loadTemplate('admin_settings_saved', false, getMaskedMessage('ADMIN_UNKNOWN_OKAY', postRequestParameter('ok')));
+ break;
+ } // END - switch
+ } // END - foreach