Naming convention applied, rewritten to use filter

[mailer.git] / inc / modules / admin / what-edit_emails.php

diff --git a/inc/modules/admin/what-edit_emails.php b/inc/modules/admin/what-edit_emails.php
index 2a5e85516245aace2150a6d833988b0b2f48e80a..9c8359b8441960ca5bafa77e3882988f175110c2 100644 (file)
--- a/inc/modules/admin/what-edit_emails.php
+++ b/inc/modules/admin/what-edit_emails.php
@@ -32,23 +32,21 @@
  ************************************************************************/
 
 // Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
        $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
        require($INC);
 }
+
 // Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
 
 if ((isset($_POST['ok'])) && (empty($_POST['id']))) {
        unset($_POST['ok']);
 }
 
 $result = SQL_QUERY("SELECT id, sender, subject, payment_id, cat_id FROM "._MYSQL_PREFIX."_pool ORDER BY timestamp", __FILE__, __LINE__);
-if (SQL_NUMROWS($result) > 0)
-{
-       if (isset($_POST['ok']))
-       {
+if (SQL_NUMROWS($result) > 0) {
+       if (isset($_POST['ok'])) {
                // Make mail editable...
                $result = SQL_QUERY_ESC("SELECT subject, text, url FROM "._MYSQL_PREFIX."_pool WHERE id=%s LIMIT 1",
                 array(bigintval($_POST['id'])), __FILE__, __LINE__);
@@ -61,46 +59,32 @@ if (SQL_NUMROWS($result) > 0)
 
                // Load template
                LOAD_TEMPLATE("admin_edit_email");
-       }
-        elseif (!empty($_POST['save']))
-       {
+       } elseif (!empty($_POST['save'])) {
                // Save changes
-               if (!empty($SQL))
-               {
-                       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_pool SET
+               SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_pool SET
 subject='%s',
 text='%s',
 url='%s'
 WHERE id=%s LIMIT 1",
  array(
-       addslashes($_POST['subj']),
-       addslashes($_POST['text']),
-       addslashes($_POST['url']),
+       $_POST['subj'],
+       $_POST['text'],
+       $_POST['url'],
        bigintval($_POST['id']),
 ), __FILE__, __LINE__);
-                       if (SQL_AFFECTEDROWS() == 1)
-                       {
+
+               if (SQL_AFFECTEDROWS() == 1) {
                                $content = "<SPAN class=\"admin_done\">".SETTINGS_SAVED."</SPAN>";
-                       }
-                        else
-                       {
-                               $content = "<SPAN class=\"admin_failed\">".SETTINGS_NOT_SAVED."</SPAN>";
-                       }
-               }
-                else
-               {
+               } else {
                        $content = "<SPAN class=\"admin_failed\">".SETTINGS_NOT_SAVED."</SPAN>";
                }
 
                // Display message
                LOAD_TEMPLATE("admin_settings_saved", false, $content);
-       }
-        else
-       {
+       } else {
                // There are mail orders available
                $SW = 2; $OUT = "";
-               while (list($id, $sender, $subj, $pay, $cat) = SQL_FETCHROW($result))
-               {
+               while (list($id, $sender, $subj, $pay, $cat) = SQL_FETCHROW($result)) {
                        // Prepare data for the row template
                        $content = array(
                                'sw'   => $SW,