X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=inc%2Fmodules%2Fadmin%2Fwhat-adminedit.php;h=9416731ffdaa1fd3efb591fe549e57a99d38a5f2;hb=f9a9c09e1ae257449bfd98f8854e321efba1dc3c;hp=803b98bc38c87eca2a147057ca02bf66e2a59825;hpb=75ad748a68473ace540251427a74fb781b1145e9;p=mailer.git
diff --git a/inc/modules/admin/what-adminedit.php b/inc/modules/admin/what-adminedit.php
index 803b98bc38..9416731ffd 100644
--- a/inc/modules/admin/what-adminedit.php
+++ b/inc/modules/admin/what-adminedit.php
@@ -32,19 +32,19 @@
************************************************************************/
// Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
+
// Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
// Do we edit/delete/change main menus or sub menus?
-$AND = "what=''"; $SUB = "";
+$AND = "(what = '' OR what IS NULL)"; $SUB = "";
if (!empty($_GET['sub']))
{
- $AND = sprintf("action='%s'", SQL_ESCAPE($_GET['sub']));
+ $AND = sprintf("action='%s' AND what IS NOT NULL", SQL_ESCAPE($_GET['sub']));
$SUB = SQL_ESCAPE($_GET['sub']);
}
@@ -52,23 +52,18 @@ if (!empty($_GET['sub']))
$chk = 0;
if (!empty($_POST['sel'])) $chk = SELECTION_COUNT($_POST['sel']);
-OPEN_TABLE("100%", "admin_content admin_content_align", "");
-
// List all menu points and make them editable
-OUTPUT_HTML ("
-");
-if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO()))
-{
+if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) {
// Edit menu entries
define('__SUB_VALUE', $SUB);
define('__CHK_VALUE', $chk);
$cnt = 0; $SW = 2;
- foreach ($_POST['sel'] as $sel=>$confirm)
+ foreach ($_POST['sel'] as $sel => $confirm)
{
if ($confirm == 1)
{
$cnt++;
- $result = SQL_QUERY_ESC("SELECT title, action, what, descr FROM "._MYSQL_PREFIX."_admin_menu WHERE ".$AND." AND id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT title, action, what, descr FROM `"._MYSQL_PREFIX."_admin_menu` WHERE ".$AND." AND id=%s LIMIT 1",
array(bigintval($sel)), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1)
{
@@ -112,12 +107,12 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO()))
define('__CHK_VALUE', $chk);
// Del menu entries with or without confirmation
$SW = 2; $cnt = 0; $OUT = "";
- foreach ($_POST['sel'] as $sel=>$confirm)
+ foreach ($_POST['sel'] as $sel => $confirm)
{
if ($confirm == 1)
{
$cnt++;
- $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_admin_menu WHERE ".$AND." AND id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT title FROM `"._MYSQL_PREFIX."_admin_menu` WHERE ".$AND." AND id=%s LIMIT 1",
array(bigintval($sel)), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1)
{
@@ -151,64 +146,65 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO()))
// Load template
LOAD_TEMPLATE("admin_amenu_delete");
-}
- elseif ((isset($_POST['ok'])) && (!IS_DEMO()))
-{
+} elseif ((isset($_POST['ok'])) && (!IS_DEMO())) {
// An action is done...
switch ($_POST['ok'])
{
case "edit": // Edit menu
- foreach ($_POST['sel'] as $sel=>$menu)
- {
+ foreach ($_POST['sel'] as $sel => $menu) {
// Secure ID
$sel = bigintval($sel);
// Update entry
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admin_menu SET
+ $result = SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_admin_menu` SET
title='%s',
action='%s',
what='%s',
descr='%s'
-WHERE ".$AND." AND id=%d LIMIT 1",
+WHERE ".$AND." AND id=%s LIMIT 1",
array(
$menu,
$_POST['sel_action'][$sel],
$_POST['sel_what'][$sel],
- addslashes($_POST['sel_desc'][$sel]),
+ $_POST['sel_desc'][$sel],
$sel,
), __FILE__, __LINE__);
}
- LOAD_TEMPLATE("admin_data_saved");
+
+ // Purge admin menu cache
+ CACHE_PURGE_ADMIN_MENU(0, $_POST['sel_action'][$sel], $_POST['sel_what'][$sel]);
+
+ // Load template
+ LOAD_TEMPLATE("admin_settings_saved", false, SAVING_DONE);
break;
case "del": // Delete menu
- foreach ($_POST['sel'] as $sel=>$menu)
- {
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_admin_menu WHERE ".$AND." AND id=%d LIMIT 1",
+ foreach ($_POST['sel'] as $sel => $menu) {
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `"._MYSQL_PREFIX."_admin_menu` WHERE ".$AND." AND id=%s LIMIT 1",
array(bigintval($sel)), __FILE__, __LINE__);
- }
- LOAD_TEMPLATE("admin_data_saved");
+ CACHE_PURGE_ADMIN_MENU(0, "", "", $AND);
+ } // END - foreach
+
+ // Load template
+ LOAD_TEMPLATE("admin_settings_saved", false, SAVING_DONE);
break;
default: // Unexpected action
+ DEBUG_LOG(__FILE__, __LINE__, sprintf("Unsupported action %s detected.", $_POST['ok']));
define('__OK_VALUE', $_POST['ok']);
LOAD_TEMPLATE("admin_menu_unknown_okay");
break;
}
-}
- else
-{
- if ((!empty($_GET['act'])) && (!empty($_GET['tid'])) && (!empty($_GET['fid'])))
- {
+} else {
+ if ((!empty($_GET['act'])) && (!empty($_GET['tid'])) && (!empty($_GET['fid']))) {
// Get IDs
- if (!empty($_GET['w']))
- {
+ if (!empty($_GET['w'])) {
// Sub menus selected
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admin_menu WHERE action='%s' AND sort='%s' LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT id FROM `"._MYSQL_PREFIX."_admin_menu` WHERE action='%s' AND sort='%s' LIMIT 1",
array($_GET['act'], bigintval($_GET['tid'])), __FILE__, __LINE__);
list($tid) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
- $result = SQL_QUERY("SELECT id FROM "._MYSQL_PREFIX."_admin_menu WHERE action='%s' AND sort='%s' LIMIT 1",
+ $result = SQL_QUERY("SELECT id FROM `"._MYSQL_PREFIX."_admin_menu` WHERE action='%s' AND sort='%s' LIMIT 1",
array($_GET['act'], bigintval($_GET['fid'])), __FILE__, __LINE__);
list($fid) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
@@ -216,11 +212,11 @@ WHERE ".$AND." AND id=%d LIMIT 1",
else
{
// Main menu selected
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admin_menu WHERE what='' AND sort='%s' LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT id FROM `"._MYSQL_PREFIX."_admin_menu` WHERE (what='' OR what IS NULL) AND sort='%s' LIMIT 1",
array(bigintval($_GET['tid'])), __FILE__, __LINE__);
list($tid) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admin_menu WHERE what='' AND sort='%s' LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT id FROM `"._MYSQL_PREFIX."_admin_menu` WHERE (what='' OR what IS NULL) AND sort='%s' LIMIT 1",
array(bigintval($_GET['fid'])), __FILE__, __LINE__);
list($fid) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
@@ -229,10 +225,11 @@ WHERE ".$AND." AND id=%d LIMIT 1",
if ((!empty($tid)) && (!empty($fid)))
{
// Sort menu
- $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admin_menu SET sort='%s' WHERE ".$AND." AND id=%d LIMIT 1",
+ $result_sort = SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_admin_menu` SET sort='%s' WHERE ".$AND." AND id=%s LIMIT 1",
array(bigintval($_GET['tid']), bigintval($fid)), __FILE__, __LINE__);
- $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admin_menu SET sort='%s' WHERE ".$AND." AND id=%d LIMIT 1",
+ $result_sort = SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_admin_menu` SET sort='%s' WHERE ".$AND." AND id=%s LIMIT 1",
array(bigintval($_GET['fid']), bigintval($tid)), __FILE__, __LINE__);
+ CACHE_PURGE_ADMIN_MENU(0, "", "", $AND);
}
}
@@ -240,13 +237,13 @@ WHERE ".$AND." AND id=%d LIMIT 1",
if (!empty($SUB))
{
// Sub menus of a main menu
- $result = SQL_QUERY_ESC("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_admin_menu WHERE action='%s' AND what != '' ORDER BY sort ASC",
+ $result = SQL_QUERY_ESC("SELECT id, action, what, title, sort FROM `"._MYSQL_PREFIX."_admin_menu` WHERE action='%s' AND what != '' AND what IS NOT NULL ORDER BY sort ASC",
array($SUB), __FILE__, __LINE__);
}
else
{
// Main menus
- $result = SQL_QUERY("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_admin_menu WHERE what='' ORDER BY sort ASC", __FILE__, __LINE__);
+ $result = SQL_QUERY("SELECT id, action, what, title, sort FROM `"._MYSQL_PREFIX."_admin_menu` WHERE (what='' OR what IS NULL) ORDER BY sort ASC", __FILE__, __LINE__);
}
$max = SQL_NUMROWS($result);
if ($max > 0)
@@ -302,7 +299,6 @@ WHERE ".$AND." AND id=%d LIMIT 1",
LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_NO_MENUS_FOUND);
}
}
-OUTPUT_HTML ("
");
-CLOSE_TABLE();
+
//
?>