************************************************************************/
// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
+if (!defined('__SECURITY')) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
-}
- elseif (!IS_LOGGED_IN())
-{
- LOAD_URL(URL."/modules.php[13~?module=index");
+} elseif (!IS_MEMBER()) {
+ LOAD_URL("modules.php[13~?module=index");
}
// Add description as navigation point
ADD_DESCR("member", basename(__FILE__));
$UID = $GLOBALS['userid'];
-$WHERE = " WHERE visible='Y'";
-if (IS_ADMIN()) $WHERE = "";
+$whereStatement = " WHERE visible='Y'";
+if (IS_ADMIN()) $whereStatement = "";
-$result = SQL_QUERY("SELECT id, cat FROM "._MYSQL_PREFIX."_cats".$WHERE." ORDER BY sort", __FILE__, __LINE__);
+$result = SQL_QUERY("SELECT id, cat FROM "._MYSQL_PREFIX."_cats".$whereStatement." ORDER BY sort", __FILE__, __LINE__);
$cats = SQL_NUMROWS($result);
if ($cats > 0)
if (isset($_POST['ok']))
{
$cnt = 0;
- foreach ($_POST['cat'] as $cat=>$joined)
+ foreach ($_POST['cat'] as $cat => $joined)
{
if ($joined == "N") $cnt++;
}
- if (($cats - $cnt) < $CONFIG['least_cats'])
+ if (($cats - $cnt) < $_CONFIG['least_cats'])
{
unset($_POST['ok']);
$LEAST = true;
}
if (isset($_POST['ok']))
{
- foreach ($_POST['cat'] as $cat=>$joined)
+ foreach ($_POST['cat'] as $cat => $joined)
{
switch ($joined)
{
- case "Y":
+ case 'Y':
$sql = "";
- $result_user = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_user_cats WHERE userid=%d AND cat_id=%d LIMIT 1",
+ $result_user = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_user_cats WHERE userid=%s AND cat_id=%s LIMIT 1",
array($UID, bigintval($cat)), __FILE__, __LINE__);
if (SQL_NUMROWS($result_user) == 0)
{
- $sql = "INSERT INTO "._MYSQL_PREFIX."_user_cats (userid, cat_id) VALUES ('%s', '%s')";
+ $sql = "INSERT INTO "._MYSQL_PREFIX."_user_cats (userid, cat_id) VALUES ('%s','%s')";
}
else
{
}
break;
- case "N":
- $sql = "DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_cats WHERE userid=%d AND cat_id=%d LIMIT 1";
+ case 'N':
+ $sql = "DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_cats WHERE userid=%s AND cat_id=%s LIMIT 1";
break;
}
if (!empty($sql))
if ($LEAST)
{
// Also here we have to secure it... :(
- LOAD_TEMPLATE("admin_settings_saved", true, CATS_LEAST.": ".$CONFIG['least_cats']);
+ LOAD_TEMPLATE("admin_settings_saved", true, CATS_LEAST.": ".$_CONFIG['least_cats']);
}
// Put some data into constants for the template
define('__ROWS', ($cats*2+4));
while (list($id, $cat) = SQL_FETCHROW($result))
{
// Default he has not joined
- $JOINED_N = " checked"; $JOINED_Y = "";
+ $JOINED_N = " checked=\"checked\""; $JOINED_Y = "";
// Check category selection
- $result_user = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_user_cats WHERE userid=%d AND cat_id=%d LIMIT 1",
+ $result_user = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_user_cats WHERE userid=%s AND cat_id=%s LIMIT 1",
array($UID, bigintval($id)), __FILE__, __LINE__);
// When we found an entry don't read it, just change the JOINED_x variables
if (isset($_POST['cat']))
{
- if ($_POST['cat'][$id] =="Y") { $JOINED_Y = " checked"; $JOINED_N = ""; }
+ if ($_POST['cat'][$id] =='Y') { $JOINED_Y = " checked=\"checked\""; $JOINED_N = ""; }
}
else
{
if (SQL_NUMROWS($result_user) == 1)
{
- $JOINED_Y = " checked"; $JOINED_N = "";
+ $JOINED_Y = " checked=\"checked\""; $JOINED_N = "";
}
// Free memory