- } elseif ((isset($_POST['lock'])) || ($SEL > 0)) {
- if ($SEL > 0) {
- // Lock URLs
- foreach ($_POST['sel'] as $id => $url) {
- // Lookup in blacklist
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_url_blist WHERE url='%s' LIMIT 1",
- array($url), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 0) {
- // Did not find a record so we can add it... :)
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_url_blist (url, timestamp) VALUES ('%s', UNIX_TIMESTAMP())",
- array($url), __FILE__, __LINE__);
- } else {
- // Free memory
- SQL_FREERESULT($result);
- }
- }
-
- // Set message
- $MSG = ADMIN_URLS_BLOCKED;
- } else {
- // Nothing selected
- $MSG = ADMIN_MAILS_NOTHING_CHECKED;
- }
- LOAD_TEMPLATE("admin_settings_saved", false, $MSG);
- } elseif ((empty($_POST['lock'])) && (empty($_POST['accept'])) && (empty($_POST['reject']))) {
+ } elseif ((isFormSent('lock')) && (ifPostContainsSelections()) && (isUrlBlacklistEnabled())) {
+ // Lock URLs
+ foreach (postRequestParameter('sel') as $id => $url) {
+ // Secure id number
+ $id = bigintval($id);
+
+ // Lookup in blacklist
+ $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_url_blacklist` WHERE `url`='%s' LIMIT 1",
+ array($url), __FILE__, __LINE__);
+ if (SQL_HASZERONUMS($result)) {
+ // Did not find a record so we can add it... :)
+ SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_url_blacklist` (`url`,`pool_id`) VALUES ('%s',%s)",
+ array($url, $id), __FILE__, __LINE__);
+ } // END - if
+
+ // Free memory
+ SQL_FREERESULT($result);
+ } // END - foreach
+
+ // Output message
+ displayMessage('{--ADMIN_URLS_BLOCKED--}');
+ } elseif ((!isFormSent('lock')) && (!isFormSent('accept')) && (!isFormSent('reject'))) {