case 'edit':
foreach (postRequestParameter('time') as $id => $value) {
- addSql("UPDATE `{?_MYSQL_PREFIX?}_payments` SET time='".$value."', payment='".postRequestParameter('pay', $id)."', price='".postRequestParameter('price', $id)."', mail_title='".postRequestParameter('title', $id)."' WHERE `id`='".$id."' LIMIT 1");
+ addSql("UPDATE `{?_MYSQL_PREFIX?}_payments` SET `time`='" . $value . "', `payment`='".postRequestParameter('pay', $id)."', price='".postRequestParameter('price', $id)."', mail_title='".postRequestParameter('title', $id)."' WHERE `id`='".$id."' LIMIT 1");
}
break;
case 'del':
foreach (postRequestParameter('id') as $id => $value) {
- addSql("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_payments` WHERE `id`='".$id."' LIMIT 1");
+ addSql("DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_payments` WHERE `id`=" . bigintval($id) . " LIMIT 1");
}
break;
} // END - switch
// Output template
loadTemplate('admin_settings_saved', false, $content);
-} elseif ((isPostRequestParameterSet('del')) && (countPostSelection() > 0)) {
+} elseif ((isFormSent('del')) && (countPostSelection() > 0)) {
// Delete entries here
$OUT = ''; $SW = 2;
foreach (postRequestParameter('sel') as $id => $value) {
// Load main template
loadTemplate('admin_del_payments', false, $OUT);
-} elseif ((isPostRequestParameterSet('edit')) && (countPostSelection() > 0)) {
+} elseif ((isFormSent('edit')) && (countPostSelection() > 0)) {
// Edit entries
$OUT = ''; $SW = 2;
foreach (postRequestParameter('sel') as $id => $value) {