X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=inc%2Fmodules%2Fadmin%2Fwhat-memedit.php;h=2c464b2229240d136cd336bf45029ba1c9918b3c;hb=056162fe45aa0d850bb22870e1caf9595a847a9b;hp=e8e635dbbf15f091d4553240b3b96cdc79a30be9;hpb=8383fc52cd2340ea1756f9e1808fa3589e27c341;p=mailer.git
diff --git a/inc/modules/admin/what-memedit.php b/inc/modules/admin/what-memedit.php
index e8e635dbbf..2c464b2229 100644
--- a/inc/modules/admin/what-memedit.php
+++ b/inc/modules/admin/what-memedit.php
@@ -32,20 +32,19 @@
************************************************************************/
// Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
+
// Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
// Do we edit/delete/change main menus or sub menus?
-$AND = "what = ''"; $SUB = "";
+$AND = "(what = '' OR what IS NULL)"; $SUB = "";
-if (!empty($_GET['sub']))
-{
- $AND = sprintf("action='%s'", SQL_ESCAPE($_GET['sub']));
+if (!empty($_GET['sub'])) {
+ $AND = sprintf("action='%s' AND what IS NOT NULL", SQL_ESCAPE($_GET['sub']));
$SUB = SQL_ESCAPE($_GET['sub']);
}
@@ -53,22 +52,19 @@ if (!empty($_GET['sub']))
$chk = 0;
if (!empty($_POST['sel'])) $chk = SELECTION_COUNT($_POST['sel']);
-OPEN_TABLE("100%", "admin_content admin_content_align", "");
// List all menu points and make them editable
-OUTPUT_HTML("
-");
if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO()))
{
// Edit menu entries
define('__SUB_VALUE', $SUB);
define('__CHK_VALUE', $chk);
$SW = 2; $cnt = 0; $OUT = "";
- foreach ($_POST['sel'] as $sel=>$confirm)
+ foreach ($_POST['sel'] as $sel => $confirm)
{
if ($confirm == 1)
{
$cnt++;
- $result = SQL_QUERY_ESC("SELECT title, action, what, descr FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT title, action, what FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND id=%s LIMIT 1",
array(bigintval($sel)), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1)
{
@@ -80,7 +76,7 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO()))
'sel' => $sel,
'menu' => $menu,
'sw' => $SW,
- 'act' => ADMIN_MAKE_MENU_SELECTION("member", "act", "sel_act[".$sel."]", $act),
+ 'act' => ADMIN_MAKE_MENU_SELECTION("member", "act", "sel_act[".$sel."]", $act),
'what' => ADMIN_MAKE_MENU_SELECTION("member", "what", "sel_what[".$sel."]", $wht),
);
// Load template
@@ -110,12 +106,12 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO()))
define('__SUB_VALUE', $SUB);
define('__CHK_VALUE', $chk);
$SW = 2; $cnt = 0; $OUT = "";
- foreach ($_POST['sel'] as $sel=>$confirm)
+ foreach ($_POST['sel'] as $sel => $confirm)
{
if ($confirm == 1)
{
$cnt++;
- $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND id=%s LIMIT 1",
array(bigintval($sel)), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1)
{
@@ -152,12 +148,12 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO()))
define('__SUB_VALUE', $SUB);
define('__CHK_VALUE', $chk);
$SW = 2; $cnt = 0; $OUT = "";
- foreach ($_POST['sel'] as $sel=>$confirm)
+ foreach ($_POST['sel'] as $sel => $confirm)
{
if ($confirm == 1)
{
$cnt++;
- $result = SQL_QUERY_ESC("SELECT title, visible, locked FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT title, visible, locked FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND id=%s LIMIT 1",
array(bigintval($sel)), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1)
{
@@ -196,25 +192,25 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO()))
elseif ((isset($_POST['ok'])) && (!IS_DEMO()))
{
// An act is done...
- foreach ($_POST['sel'] as $sel=>$menu)
+ foreach ($_POST['sel'] as $sel => $menu)
{
- $AND = "what = ''";
+ $AND = "(what = '' OR what IS NULL)";
$sel = bigintval($sel);
if (!empty($SUB)) $AND = "action='".$SUB."'";
switch ($_POST['ok'])
{
case "edit": // Edit menu
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET title='%s', action='%s', what='%s', descr='%s' WHERE ".$AND." AND id=%d LIMIT 1",
- array($menu, $_POST['sel_act'][$sel], $_POST['sel_what'][$sel], $_POST['sel_descr'][$sel], $sel), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET title='%s', action='%s', what='%s' WHERE ".$AND." AND id=%s LIMIT 1",
+ array($menu, $_POST['sel_act'][$sel], $_POST['sel_what'][$sel], $sel), __FILE__, __LINE__);
break;
case "del": // Delete menu
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND id=%s LIMIT 1",
array($sel), __FILE__, __LINE__);
break;
case "status": // Change status of menus
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET visible='%s', locked='%s' WHERE ".$AND." AND id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET visible='%s', locked='%s' WHERE ".$AND." AND id=%s LIMIT 1",
array($_POST['visible'][$sel], $_POST['locked'][$sel], $sel), __FILE__, __LINE__);
break;
}
@@ -244,10 +240,10 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO()))
else
{
// Main menu selected
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_member_menu WHERE what='' AND sort='%s' LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_member_menu WHERE (what='' OR what IS NULL) AND sort='%s' LIMIT 1",
array(bigintval($_GET['tid'])), __FILE__, __LINE__);
list($tid) = SQL_FETCHROW($result);
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_member_menu WHERE what='' AND sort='%s' LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_member_menu WHERE (what='' OR what IS NULL) AND sort='%s' LIMIT 1",
array(bigintval($_GET['fid'])), __FILE__, __LINE__);
list($fid) = SQL_FETCHROW($result);
}
@@ -255,9 +251,9 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO()))
if ((!empty($tid)) && (!empty($fid)))
{
// Sort menu
- $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET sort='%s' WHERE ".$AND." AND id=%d LIMIT 1",
+ $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET sort='%s' WHERE ".$AND." AND id=%s LIMIT 1",
array(bigintval($_GET['tid']), bigintval($fid)), __FILE__, __LINE__);
- $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET sort='%s' WHERE ".$AND." AND id=%d LIMIT 1",
+ $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET sort='%s' WHERE ".$AND." AND id=%s LIMIT 1",
array(bigintval($_GET['fid']), bigintval($tid)), __FILE__, __LINE__);
}
}
@@ -265,18 +261,17 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO()))
if (!empty($SUB))
{
// Edit sub menus
- $result = SQL_QUERY("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND what != '' ORDER BY sort ASC", __FILE__, __LINE__);
+ $result = SQL_QUERY("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND what != '' AND what IS NOT NULL ORDER BY sort ASC", __FILE__, __LINE__);
}
else
{
// Edit main menus
- $result = SQL_QUERY("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_member_menu WHERE what='' ORDER BY sort ASC", __FILE__, __LINE__);
+ $result = SQL_QUERY("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_member_menu WHERE (what='' OR what IS NULL) ORDER BY sort ASC", __FILE__, __LINE__);
}
$max = SQL_NUMROWS($result);
if ($max > 0)
{
- $SUB = "";
- if (!empty($SUB)) $SUB = $SUB;
+ // Set sub value
define('__SUB_VALUE', $SUB);
$SW = 2; $cnt = 0; $OUT = "";
@@ -325,7 +320,6 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO()))
LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_NO_MENUS_FOUND);
}
}
-OUTPUT_HTML("
");
-CLOSE_TABLE();
+
//
?>