************************************************************************/
// Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
// Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
// Do we want to save changes?
-if (isset($_POST['ok']))
-{
- foreach ($_POST['sel'] as $id=>$value)
- {
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_must_register SET field_required='%s' WHERE id=%d AND field_required != '%s' LIMIT 1",
+if (isset($_POST['ok'])) {
+ foreach ($_POST['sel'] as $id => $value) {
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_must_register SET field_required='%s' WHERE id=%s AND field_required != '%s' LIMIT 1",
array($value, bigintval($id), $value),__FILE__, __LINE__);
}
- LOAD_TEMPLATE ("admin_settings_saved", false, REGISTER_ADMIN_CHANGES_SAVED);
+ LOAD_TEMPLATE("admin_settings_saved", false, REGISTER_ADMIN_CHANGES_SAVED);
}
// List all register values
$result = SQL_QUERY("SELECT id, field_name, field_required FROM "._MYSQL_PREFIX."_must_register ORDER BY id", __FILE__, __LINE__);
$SW = 2; $OUT = "";
-while (list($id, $name, $required) = SQL_FETCHROW($result))
-{
- $eval = "\$name = ".strtoupper($name).";";
- eval($eval);
+while (list($id, $name, $required) = SQL_FETCHROW($result)) {
+ // Get constant value
+ $name = constant(strtoupper($name));
+
$OUT .= "<TR>
<TD align=\"center\" class=\"switch_sw".$SW." bottom2 right2\">".$id."</TD>
<TD class=\"switch_sw".$SW." bottom2 right2\"> ".$name."</TD>