$act = GET_ACTION($GLOBALS['module'], $wht);
// Define admin login name and ID number
- define('__ADMIN_LOGIN', SQL_ESCAPE(get_session('admin_login')));
+ define('__ADMIN_LOGIN', get_session('admin_login'));
define('__ADMIN_ID' , GET_ADMIN_ID(get_session('admin_login')));
// Preload templates
}
else
{
- $OUT .= "[ <A href=\"".URL."/modules.php?module=admin&action=".$menu."\">";
+ $OUT .= "[<A href=\"".URL."/modules.php?module=admin&action=".$menu."\">";
}
$OUT .= $title;
if (($menu == $act) && (empty($wht)))
}
else
{
- $OUT .= "</A> ]";
+ $OUT .= "</A>]";
}
$OUT .= "</NOBR></TD>
</TR>\n";
}
else
{
- $OUT .= "[ <A href=\"".URL."/modules.php?module=admin&what=".$wht_sub."\">";
+ $OUT .= "[<A href=\"".URL."/modules.php?module=admin&what=".$wht_sub."\">";
}
}
else
}
else
{
- $OUT .= "</A> ]";
+ $OUT .= "</A>]";
}
}
else
}
//
function ADMIN_MAKE_MENU_SELECTION($menu, $type, $name, $default="") {
+ // Open the requested menu directory
+ $handle = opendir(sprintf("%sinc/modules/%s/", PATH, $menu)) or mxchange_die("Cannot load menu ".$menu."!");
+
// Init the selection box
$OUT = "<SELECT name=\"".$name."\" class=\"admin_select\" size=\"1\">\n <OPTION value=\"\">".IS_TOP_MENU."</OPTION>\n";
-
- // Open the requested menu directory
- $handle = opendir(PATH."inc/modules/".$menu."/") or mxchange_die("Cannot load menu ".$menu."!");
+ // Walk through all files
while ($file = readdir($handle)) {
// Is this a PHP script?
if (($file != ".") && ($file != "..") && ($file != "lost+found") && (strpos($file, "".$type."-") > -1) && (strpos($file, ".php") > 0)) {
// Then test if the file is readable
- $test = PATH."inc/modules/".$menu."/".$file;
- if (is_readable($test)) {
+ $test = sprintf("%sinc/modules/%s/%s", PATH, $menu, $file);
+ if ((is_file($test)) && (is_readable($test))) {
// Extract the value for what=xxx
$part = substr($file, (strlen($type) + 1)); $part = substr($part, 0, strpos($part, ".php"));
$OUT .= " <OPTION value=\"".$part."\"";
if ($part == $default) $OUT .= "selected";
$OUT .= ">".$part."</OPTION>\n";
- }
- }
- }
+ } // END - if
+ } // END - if
+ } // END - if
}
closedir($handle);
$OUT .= "</SELECT>\n";
// Should always be 1 ;-)
if ($selected == 1) {
// Determine new status
- $result = SQL_QUERY_ESC("SELECT %s FROM "._MYSQL_PREFIX."_%s WHERE %s=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT %s FROM "._MYSQL_PREFIX."_%s WHERE %s=%s LIMIT 1",
array($row, $table, $idRow, $id), __FILE__, __LINE__);
// Row found?
if ($currStatus == "Y") $newStatus='N'; else $newStatus = "Y";
// Change this status
- SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_%s SET %s='%s' WHERE %s=%d LIMIT 1",
+ SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_%s SET %s='%s' WHERE %s=%s LIMIT 1",
array($table, $row, $newStatus, $idRow, $id), __FILE__, __LINE__);
// Count up affected rows