X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-admin_add.php;h=1766d4708297e7a0e8204794be567a2ff859abf8;hb=8454545089b9b77695498cd855cf50075151d957;hp=fa44c2de380af8a0ece0ccf0876240d565493d43;hpb=7f104f6fe558bb56b4205241435a2357c2feece1;p=mailer.git

diff --git a/inc/modules/admin/what-admin_add.php b/inc/modules/admin/what-admin_add.php
index fa44c2de38..1766d47082 100644
--- a/inc/modules/admin/what-admin_add.php
+++ b/inc/modules/admin/what-admin_add.php
@@ -38,7 +38,7 @@ if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
 }
 
 // Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
 
 // Check if the admin has entered title and what-php file name...
 if (((empty($_POST['title'])) || (empty($_POST['menu'])) || (empty($_POST['descr']))) && (isset($_POST['ok']))) {
@@ -51,7 +51,7 @@ if (!isset($_POST['ok']))
 	$menus = array(); $titles = array(); $below = array();
 
 	// Get all available main menus
-	$result = SQL_QUERY("SELECT action, title, sort FROM "._MYSQL_PREFIX."_admin_menu WHERE (what='' OR what IS NULL) ORDER BY sort", __FILE__, __LINE__);
+	$result = SQL_QUERY("SELECT action, title, sort FROM `"._MYSQL_PREFIX."_admin_menu` WHERE (what='' OR what IS NULL) ORDER BY sort", __FILE__, __LINE__);
 	if (SQL_NUMROWS($result) > 0)
 	{
 		// Read menu structure
@@ -89,7 +89,7 @@ if (!isset($_POST['ok']))
 		// Load sub menus :)
 		foreach ($menus as $key_main => $value_main)
 		{
-			$result = SQL_QUERY_ESC("SELECT what, title, sort FROM "._MYSQL_PREFIX."_admin_menu WHERE action='%s' AND what != '' AND what IS NOT NULL ORDER BY sort",
+			$result = SQL_QUERY_ESC("SELECT what, title, sort FROM `"._MYSQL_PREFIX."_admin_menu` WHERE action='%s' AND what != '' AND what IS NOT NULL ORDER BY sort",
 			 array($value_main), __FILE__, __LINE__);
 			if (SQL_NUMROWS($result) > 0)
 			{
@@ -170,28 +170,28 @@ if (!isset($_POST['ok']))
 	if (!empty($_POST['menu']))
 	{
 		// Add sub menu
-		$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admin_menu (`action`,`what`,`title`,`descr`,`sort`)
-VALUES('%s','%s','%s','%s','%s')",
- array(
-	$_POST['menu'],
-	$_POST['name'],
-	$_POST['title'],
-	addslashes($_POST['descr']),
-	bigintval($_POST['sort']),
-), __FILE__, __LINE__);
+		$result = SQL_QUERY_ESC("INSERT INTO `"._MYSQL_PREFIX."_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('%s','%s','%s','%s','%s')",
+			array(
+				$_POST['menu'],
+				$_POST['name'],
+				$_POST['title'],
+				$_POST['descr'],
+				bigintval($_POST['sort']),
+			), __FILE__, __LINE__
+		);
 		CACHE_PURGE_ADMIN_MENU(0, $_POST['menu'], $_POST['name']);
 	}
 	 else
 	{
 		// Add main menu
-		$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admin_menu (action, title, descr, sort)
-VALUES('%s','%s','%s','%s')",
- array(
-	$_POST['name'],
-	$_POST['title'],
-	addslashes($_POST['descr']),
-	bigintval($_POST['sort']),
-), __FILE__, __LINE__);
+		$result = SQL_QUERY_ESC("INSERT INTO `"._MYSQL_PREFIX."_admin_menu` (action, title, descr, sort) VALUES ('%s','%s','%s','%s')",
+			array(
+				$_POST['name'],
+				$_POST['title'],
+				$_POST['descr'],
+				bigintval($_POST['sort']),
+			), __FILE__, __LINE__
+		);
 		CACHE_PURGE_ADMIN_MENU(0, $_POST['name']);
 	}
 	LOAD_TEMPLATE("admin_settings_saved", false, SAVING_DONE);