ADD_DESCR("admin", __FILE__);
// Check if the admin has entered title and what-php file name...
-if (((empty($_POST['title'])) || (empty($_POST['menu'])) || (empty($_POST['descr']))) && (isset($_POST['ok']))) {
- unset($_POST['ok']);
+if (((!REQUEST_ISSET_POST(('title'))) || (!REQUEST_ISSET_POST(('menu'))) || (!REQUEST_ISSET_POST(('descr')))) && (IS_FORM_SENT())) {
+ REQUEST_UNSET_POST('ok');
}
-if (!isset($_POST['ok']))
+if (!IS_FORM_SENT())
{
// Create arrays
$menus = array(); $titles = array(); $below = array();
// Get all available main menus
- $result = SQL_QUERY("SELECT action, title, sort FROM `"._MYSQL_PREFIX."_admin_menu` WHERE (what='' OR what IS NULL) ORDER BY sort", __FILE__, __LINE__);
+ $result = SQL_QUERY("SELECT action, title, sort FROM `{!_MYSQL_PREFIX!}_admin_menu` WHERE (what='' OR `what` IS NULL) ORDER BY `sort`", __FILE__, __LINE__);
if (SQL_NUMROWS($result) > 0)
{
// Read menu structure
// Load sub menus :)
foreach ($menus as $key_main => $value_main)
{
- $result = SQL_QUERY_ESC("SELECT what, title, sort FROM `"._MYSQL_PREFIX."_admin_menu` WHERE action='%s' AND what != '' AND what IS NOT NULL ORDER BY sort",
+ $result = SQL_QUERY_ESC("SELECT what, title, sort FROM `{!_MYSQL_PREFIX!}_admin_menu` WHERE `action`='%s' AND `what` != '' AND `what` IS NOT NULL ORDER BY `sort`",
array($value_main), __FILE__, __LINE__);
if (SQL_NUMROWS($result) > 0)
{
// Display form
LOAD_TEMPLATE("admin_admin_add");
-}
- elseif (!IS_DEMO())
-{
+} elseif (!IS_DEMO()) {
// Insert new menu entry
- if (!empty($_POST['menu']))
- {
+ if (REQUEST_ISSET_POST(('menu'))) {
// Add sub menu
- SQL_QUERY_ESC("INSERT INTO `"._MYSQL_PREFIX."_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('%s','%s','%s','%s','%s')",
+ SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('%s','%s','%s','%s','%s')",
array(
- $_POST['menu'],
- $_POST['name'],
- $_POST['title'],
- $_POST['descr'],
- bigintval($_POST['sort']),
+ REQUEST_POST('menu'),
+ REQUEST_POST('name'),
+ REQUEST_POST('title'),
+ REQUEST_POST('descr'),
+ bigintval(REQUEST_POST('sort')),
), __FILE__, __LINE__
);
- CACHE_PURGE_ADMIN_MENU(0, $_POST['menu'], $_POST['name']);
- }
- else
- {
+ CACHE_PURGE_ADMIN_MENU(0, REQUEST_POST('menu'), REQUEST_POST('name'));
+ } else {
// Add main menu
- SQL_QUERY_ESC("INSERT INTO `"._MYSQL_PREFIX."_admin_menu` (action, title, descr, sort) VALUES ('%s','%s','%s','%s')",
+ SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_admin_menu` (action, title, descr, sort) VALUES ('%s','%s','%s','%s')",
array(
- $_POST['name'],
- $_POST['title'],
- $_POST['descr'],
- bigintval($_POST['sort']),
+ REQUEST_POST('name'),
+ REQUEST_POST('title'),
+ REQUEST_POST('descr'),
+ bigintval(REQUEST_POST('sort')),
), __FILE__, __LINE__
);
- CACHE_PURGE_ADMIN_MENU(0, $_POST['name']);
+ CACHE_PURGE_ADMIN_MENU(0, REQUEST_POST('name'));
}
- LOAD_TEMPLATE("admin_settings_saved", false, SAVING_DONE);
-}
- else
-{
+ LOAD_TEMPLATE("admin_settings_saved", false, getMessage('SETTINGS_SAVED'));
+} else {
// Is demo login!
- LOAD_TEMPLATE("admin_settings_saved", false, SETTINGS_NOT_SAVED);
+ LOAD_TEMPLATE("admin_settings_saved", false, getMessage('SETTINGS_NOT_SAVED'));
}
//
projects / mailer.git / blobdiff