if (!empty($_POST['menu']))
{
// Add sub menu
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admin_menu (`action`,`what`,`title`,`descr`,`sort`)
-VALUES('%s','%s','%s','%s','%s')",
- array(
- $_POST['menu'],
- $_POST['name'],
- $_POST['title'],
- addslashes($_POST['descr']),
- bigintval($_POST['sort']),
-), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admin_menu (`action`,`what`,`title`,`descr`,`sort`) VALUES ('%s','%s','%s','%s','%s')",
+ array(
+ $_POST['menu'],
+ $_POST['name'],
+ $_POST['title'],
+ $_POST['descr'],
+ bigintval($_POST['sort']),
+ ), __FILE__, __LINE__
+ );
CACHE_PURGE_ADMIN_MENU(0, $_POST['menu'], $_POST['name']);
}
else
{
// Add main menu
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admin_menu (action, title, descr, sort)
-VALUES('%s','%s','%s','%s')",
- array(
- $_POST['name'],
- $_POST['title'],
- addslashes($_POST['descr']),
- bigintval($_POST['sort']),
-), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admin_menu (action, title, descr, sort) VALUES ('%s','%s','%s','%s')",
+ array(
+ $_POST['name'],
+ $_POST['title'],
+ $_POST['descr'],
+ bigintval($_POST['sort']),
+ ), __FILE__, __LINE__
+ );
CACHE_PURGE_ADMIN_MENU(0, $_POST['name']);
}
LOAD_TEMPLATE("admin_settings_saved", false, SAVING_DONE);