X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=inc%2Fmodules%2Fadmin%2Fwhat-theme_edit.php;h=cab625416edcd70d0dd3d75191eb7c3c90fc5f2b;hb=19b197c32c96ce8eea26561fb7b40e87c57716ae;hp=a76d8e46e61ebad61742fe4a827ae04a532005b7;hpb=18e32f1a8971b18bace4f051094acf27800bd7d9;p=mailer.git

diff --git a/inc/modules/admin/what-theme_edit.php b/inc/modules/admin/what-theme_edit.php
index a76d8e46e6..cab625416e 100644
--- a/inc/modules/admin/what-theme_edit.php
+++ b/inc/modules/admin/what-theme_edit.php
@@ -59,21 +59,21 @@ if (countPostSelection() > 0) {
 		if (isPostRequestParameterSet(('status'))) {
 			// Change status
 			if (postRequestParameter('active', $id) == 'Y') {
-				$sql = "UPDATE `{?_MYSQL_PREFIX?}_themes` SET theme_active='N' WHERE `id`='".$id."' LIMIT 1";
+				$sql = "UPDATE `{?_MYSQL_PREFIX?}_themes` SET `theme_active`='N' WHERE `id`=%s LIMIT 1";
 			} else {
-				$sql = "UPDATE `{?_MYSQL_PREFIX?}_themes` SET theme_active='Y' WHERE `id`='".$id."' LIMIT 1";
+				$sql = "UPDATE `{?_MYSQL_PREFIX?}_themes` SET `theme_active`='Y' WHERE `id`=%s LIMIT 1";
 			}
 			$OUT = getMessage('ADMIN_THEMES_UPDATED');
 		} elseif (isFormSent('del')) {
 			// Delete themes
-			$sql = "DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_themes` WHERE `id`='".$id."' LIMIT 1";
+			$sql = "DELETE LOW_PRIORITY FROM `{?_MYSQL_PREFIX?}_themes` WHERE `id`=%s LIMIT 1";
 			$OUT = getMessage('ADMIN_THEMES_DELETED');
 		}
 
 		// Run SQL command?
 		if (!empty($sql)) {
 			// Run it
-			$result = SQL_QUERY($sql, __FILE__, __LINE__);
+			$result = SQL_QUERY_ESC($sql, array(bigintval($id)), __FILE__, __LINE__);
 
 			// Rebuild cache
 			rebuildCache('themes', 'them');
@@ -129,16 +129,14 @@ if (SQL_NUMROWS($result) > 0) {
 
 		// Prepare data for the row template
 		$content = array(
-			'sw'        => $SW,
-			'id'        => $content['id'],
-			'active'    => $content['theme_active'],
-			'link'      => $LINK,
-			'name'      => $content['theme_name'],
-			'is_act'    => translateYesNo($content['theme_active']),
-			'email'     => '<a href="mailto:' . $GLOBALS['theme_data']['email'] . '?Subject=[Theme:] ' . $GLOBALS['theme_data']['name'] . ' (' . $content['theme_path'] . ')\>' . $GLOBALS['theme_data']['author'] . '</a>',
-			'url_link'  => generateDerefererUrl($GLOBALS['theme_data']['url']),
-			'url_title' => $GLOBALS['theme_data']['url'],
-			'ver'       => $content['theme_ver'],
+			'sw'            => $SW,
+			'id'            => $content['id'],
+			'link'          => $LINK,
+			'theme_name'    => $content['theme_name'],
+			'theme_active'  => $content['theme_active'],
+			'email'         => '<a href="mailto:' . $GLOBALS['theme_data']['email'] . '?Subject=[Theme:] ' . $GLOBALS['theme_data']['name'] . ' (' . $content['theme_path'] . ')\>' . $GLOBALS['theme_data']['author'] . '</a>',
+			'url'           => $GLOBALS['theme_data']['url'],
+			'theme_version' => $content['theme_version'],
 		);
 
 		// Load row template and switch color
@@ -150,11 +148,11 @@ if (SQL_NUMROWS($result) > 0) {
 	SQL_FREERESULT($result);
 } else {
 	// No themes found???
-	$OUT .= "<tr>
-  <td colspan=\"7\" class=\"bottom\" height=\"60\">
-    ".loadTemplate('admin_settings_saved', true, getMessage('ADMIN_NO_THEMES_FOUND'))."
+	$OUT .= '<tr>
+  <td colspan="7" class="bottom" height="60">
+    ' . loadTemplate('admin_settings_saved', true, getMessage('ADMIN_NO_THEMES_FOUND')) . '
   </td>
-</tr>\n";
+</tr>';
 }
 
 // Load template