- if (empty($_GET['mode'])) $_GET['mode'] = "add";
- $SQL = "";
- switch ($_GET['mode'])
- {
- case "add":
- // Check if banner is already added
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_refbanner WHERE url='%s' LIMIT 1",
- array($_POST['url']), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 0)
- {
- // Add banner
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_refbanner (url, alternate, visible)
+ if (!isGetRequestParameterSet('mode')) setGetRequestParameter('mode', 'add');
+ $sql = '';
+ switch (getRequestParameter('mode')) {
+ case 'add':
+ // Check if banner is already added
+ $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_refbanner` WHERE url='%s' LIMIT 1",
+ array(postRequestParameter('url')), __FILE__, __LINE__);
+ if (SQL_HASZERONUMS($result)) {
+ // Add banner
+ SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_refbanner` (url, alternate, visible)