************************************************************************/
// Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
+
// Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
$ACTIONS = array();
// First fix all main menus (what="")...
$cnt++;
}
// Set logout weight to 999
-$result_sort = SQL_QUERY("UPDATE "._MYSQL_PREFIX."_guest_menu SET sort='999' WHERE act='logout' AND (what='' OR what IS NULL) LIMIT 1", __FILE__, __LINE__);
+$result_sort = SQL_QUERY("UPDATE "._MYSQL_PREFIX."_guest_menu SET sort='999' WHERE action='logout' AND (what='' OR what IS NULL) LIMIT 1", __FILE__, __LINE__);
// Now sort every each menu
-foreach ($ACTIONS as $act)
-{
- $result_fix = SQL_QUERY("SELECT id FROM "._MYSQL_PREFIX."_guest_menu WHERE act='".$act."' AND what != '' AND what IS NOT NULL ORDER BY sort", __FILE__, __LINE__);
+foreach ($ACTIONS as $act) {
+ $result_fix = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_guest_menu WHERE action='%s' AND what != '' AND what IS NOT NULL ORDER BY sort",
+ array($act), __FILE__, __LINE__);
$cnt = 1;
- while (list($id) = SQL_FETCHROW($result_fix))
- {
+ while (list($id) = SQL_FETCHROW($result_fix)) {
// Fix weight
- $result_sort = SQL_QUERY("UPDATE "._MYSQL_PREFIX."_guest_menu SET sort='".$cnt."' WHERE id='".$id."' LIMIT 1", __FILE__, __LINE__);
+ $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_guest_menu SET sort=%s WHERE id=%s LIMIT 1",
+ array($cnt, $id), __FILE__, __LINE__);
$REP += SQL_AFFECTEDROWS();
// Count one up