// Add description as navigation point
ADD_DESCR("admin", __FILE__);
-if ((!empty($_GET['id'])) && (!empty($_GET['mode']))) {
+if ((REQUEST_ISSET_GET(('id'))) && (REQUEST_ISSET_GET(('mode')))) {
// Check for selected sponsor
$result = SQL_QUERY_ESC("SELECT company, position, gender, surname, family, street_nr1, street_nr2, zip, city, country, phone, fax, cell, email, url, tax_ident, receive_warnings, warning_interval FROM `{!_MYSQL_PREFIX!}_sponsor_data` WHERE id='%s' LIMIT 1",
- array(bigintval($_GET['id'])), __FILE__, __LINE__);
+ array(bigintval(REQUEST_GET('id'))), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Load sponsor details
$DATA = SQL_FETCHARRAY($result);
// Prepare all data for the template
// Sponsor's ID
- define('__SPONSOR_ID' , bigintval($_GET['id']));
+ define('__SPONSOR_ID' , bigintval(REQUEST_GET('id')));
// Company's data
define('__COMPANY' , $DATA['company']);
define('__POSITION' , $DATA['position']);
define('__INTERVAL' , CREATE_TIME_SELECTIONS($DATA['warning_interval'], "warning_interval", "MWDh"));
// Init variables here
- $TPL = sprintf("admin_edit_sponsor_%s", SQL_ESCAPE($_GET['mode']));
+ $TPL = sprintf("admin_edit_sponsor_%s", REQUEST_GET(('mode')));
$SQLs = array();
// Sponsor was found
- if ((isset($_POST['ok'])) || (isset($_POST['edit']))) {
+ if ((IS_FORM_SENT()) || (REQUEST_ISSET_POST(('edit')))) {
// Perform action on mode
- switch ($_GET['mode'])
+ switch (REQUEST_GET('mode'))
{
case "add_points": // Add points
- if (strval($_POST['points']) > 0) {
+ if (strval(REQUEST_POST('points')) > 0) {
// Replace german decimal comma with computer's decimal dot
- $POINTS = strval(REVERT_COMMA($_POST['points']));
+ $POINTS = strval(REVERT_COMMA(REQUEST_POST('points')));
// Add points to account
SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET points_amount=points_amount+%s WHERE id='%s' LIMIT 1",
- array($POINTS, bigintval($_GET['id'])), __FILE__, __LINE__);
+ array($POINTS, bigintval(REQUEST_GET('id'))), __FILE__, __LINE__);
// Remember points /reason for the template
define('__POINTS' , TRANSLATE_COMMA($POINTS));
- define('__REASON' , $_POST['reason']);
+ define('__REASON' , REQUEST_POST('reason'));
// Send email
- $msg = LOAD_EMAIL_TEMPLATE("sponsor_add_points", $_POST['reason'], true);
- SEND_EMAIL(__EMAIL, ADMIN_SPONSOR_ADD_POINTS, $msg);
+ $msg = LOAD_EMAIL_TEMPLATE("sponsor_add_points", REQUEST_POST('reason'), true);
+ SEND_EMAIL(__EMAIL, ADMIN_SPONSOR_ADD_POINTS_SUBJ, $msg);
$MSG = ADMIN_SPONSOR_POINTS_ADDED;
} else {
// No points entered to add!
break;
case "sub_points": // Subtract points
- if (strval($_POST['points']) > 0) {
+ if (strval(REQUEST_POST('points')) > 0) {
// Replace german decimal comma with computer's decimal dot
- $POINTS = strval(REVERT_COMMA($_POST['points']));
+ $POINTS = strval(REVERT_COMMA(REQUEST_POST('points')));
// Add points to account
SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_sponsor_data` SET points_used=points_used+%s WHERE id='%s' LIMIT 1",
- array($POINTS, bigintval($_GET['id'])), __FILE__, __LINE__);
+ array($POINTS, bigintval(REQUEST_GET('id'))), __FILE__, __LINE__);
// Remember points /reason for the template
define('__POINTS' , TRANSLATE_COMMA($POINTS));
- define('__REASON' , $_POST['reason']);
+ define('__REASON' , REQUEST_POST('reason'));
// Send email
- $msg = LOAD_EMAIL_TEMPLATE("sponsor_sub_points", $_POST['reason'], true);
- SEND_EMAIL(__EMAIL, ADMIN_SPONSOR_SUB_POINTS, $msg);
+ $msg = LOAD_EMAIL_TEMPLATE("sponsor_sub_points", REQUEST_POST('reason'), true);
+ SEND_EMAIL(__EMAIL, ADMIN_SPONSOR_SUB_POINTS_SUBJ, $msg);
$MSG = ADMIN_SPONSOR_POINTS_SUBTRACTED;
} else {
// No points entered to add!
case "edit": // Edit sponsor account
$PASS = true;
- if (($_POST['pass1'] != $_POST['pass2']) || ((empty($_POST['pass1'])) && (empty($_POST['pass1'])))) {
+ if ((REQUEST_POST('pass1') != REQUEST_POST('pass2')) || ((!REQUEST_ISSET_POST(('pass1'))) && (!REQUEST_ISSET_POST(('pass1'))))) {
// Remove passwords
- unset($_POST['pass1']);
- unset($_POST['pass2']);
+ REQUEST_UNSET_POST(('pass1'));
+ REQUEST_UNSET_POST(('pass2'));
$PASS = false;
}
// Convert time selection
$DATA = array(); $id = "warning_interval_ye"; $skip = false;
- CONVERT_SELECTIONS_TO_TIMESTAMP($_POST, $DATA, $id, $skip);
+ CONVERT_SELECTIONS_TO_TIMESTAMP(REQUEST_POST_ARRAY(), $DATA, $id, $skip);
// Save the sponsor
- SPONSOR_HANDLE_SPONSOR($_POST);
+ SPONSOR_HANDLE_SPONSOR(REQUEST_POST_ARRAY());
// Convert some data for the email template
- $_POST['gender'] = TRANSLATE_GENDER($_POST['gender']);
- $_POST['warning_interval'] = CREATE_FANCY_TIME($_POST['warning_interval']);
- if (!$PASS) $_POST['pass1'] = SPONSOR_PASS_UNCHANGED;
+ REQUEST_POST('gender' , TRANSLATE_GENDER(REQUEST_POST('gender')));
+ REQUEST_POST('warning_interval', CREATE_FANCY_TIME(REQUEST_POST('warning_interval')));
+
+ if (!$PASS) REQUEST_SET_POST('pass1', getMessage('SPONSOR_PASS_UNCHANGED'));
// Load email template and send the mail away
- $msg = LOAD_EMAIL_TEMPLATE("admin_sponsor_edit", $_POST, false);
- SEND_EMAIL($_POST['email'], ADMIN_SPONSOR_EDIT_SUBJECT, $msg);
+ $msg = LOAD_EMAIL_TEMPLATE("admin_sponsor_edit", REQUEST_POST_ARRAY(), false);
+ SEND_EMAIL(REQUEST_POST('email'), getMessage('ADMIN_SPONSOR_EDIT_SUBJECT'), $msg);
break;
default: // Unknown mode
- DEBUG_LOG(__FILE__, __LINE__, sprintf("Unknown mode %s detected.", $_GET['mode']));
- $MSG = sprintf(getMessage('ADMIN_SPONSOR_INVALID_MODE'), SQL_ESCAPE($_GET['mode']));
+ DEBUG_LOG(__FILE__, __LINE__, sprintf("Unknown mode %s detected.", REQUEST_GET('mode')));
+ $MSG = sprintf(getMessage('ADMIN_SPONSOR_INVALID_MODE'), REQUEST_GET(('mode')));
break;
}
LOAD_TEMPLATE($TPL);
} else {
// Template not found!
- LOAD_TEMPLATE("admin_settings_saved", false, sprintf(getMessage('ADMIN_SPONSOR_MODUS_TPL_404'), SQL_ESCAPE($_GET['mode'])));
+ LOAD_TEMPLATE("admin_settings_saved", false, sprintf(getMessage('ADMIN_SPONSOR_MODUS_TPL_404'), REQUEST_GET(('mode'))));
}
} else {
// Sponsor not found!
- LOAD_TEMPLATE("admin_settings_saved", false, sprintf(getMessage('ADMIN_SPONSOR_404'), bigintval($_GET['id'])));
+ LOAD_TEMPLATE("admin_settings_saved", false, sprintf(getMessage('ADMIN_SPONSOR_404'), bigintval(REQUEST_GET('id'))));
}
} else {
// Not called by what-list_sponsor.php