X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-admin_add.php;h=89d00727abc5eb9d2ad3f56d820998200ef9dda5;hb=ea295a391646261bc643264570404f6862abcbd4;hp=bd2d9f1b33f75a91a7cdbb7e5305b2019a48bee5;hpb=75ad748a68473ace540251427a74fb781b1145e9;p=mailer.git diff --git a/inc/modules/admin/what-admin_add.php b/inc/modules/admin/what-admin_add.php index bd2d9f1b33..89d00727ab 100644 --- a/inc/modules/admin/what-admin_add.php +++ b/inc/modules/admin/what-admin_add.php @@ -32,19 +32,16 @@ ************************************************************************/ // Some security stuff... -if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN())) -{ +if ((!defined('__SECURITY')) || (!IS_ADMIN())) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); } -// Add description as navigation point -ADD_DESCR("admin", basename(__FILE__)); -OPEN_TABLE("100%", "admin_content admin_content_align", ""); +// Add description as navigation point +ADD_DESCR("admin", __FILE__); // Check if the admin has entered title and what-php file name... -if (((empty($_POST['title'])) || (empty($_POST['menu'])) || (empty($_POST['descr']))) && (isset($_POST['ok']))) -{ +if (((empty($_POST['title'])) || (empty($_POST['menu'])) || (empty($_POST['descr']))) && (isset($_POST['ok']))) { unset($_POST['ok']); } @@ -54,7 +51,7 @@ if (!isset($_POST['ok'])) $menus = array(); $titles = array(); $below = array(); // Get all available main menus - $result = SQL_QUERY("SELECT action, title, sort FROM "._MYSQL_PREFIX."_admin_menu WHERE what='' ORDER BY sort", __FILE__, __LINE__); + $result = SQL_QUERY("SELECT action, title, sort FROM `{!_MYSQL_PREFIX!}_admin_menu` WHERE (what='' OR `what` IS NULL) ORDER BY `sort`", __FILE__, __LINE__); if (SQL_NUMROWS($result) > 0) { // Read menu structure @@ -75,7 +72,7 @@ if (!isset($_POST['ok'])) // Remove double eintries $prev = ""; $dmy = $menus; $dmy2 = $titles; $dmy3 = $below; - foreach ($menus as $key=>$value) + foreach ($menus as $key => $value) { if ($value == $prev) { @@ -90,9 +87,9 @@ if (!isset($_POST['ok'])) } $menus = $dmy; $titles = $dmy2; $below = $dmy3; // Load sub menus :) - foreach ($menus as $key_main=>$value_main) + foreach ($menus as $key_main => $value_main) { - $result = SQL_QUERY_ESC("SELECT what, title, sort FROM "._MYSQL_PREFIX."_admin_menu WHERE action='%s' AND what != '' ORDER BY sort", + $result = SQL_QUERY_ESC("SELECT what, title, sort FROM `{!_MYSQL_PREFIX!}_admin_menu` WHERE `action`='%s' AND `what` != '' AND `what` IS NOT NULL ORDER BY `sort`", array($value_main), __FILE__, __LINE__); if (SQL_NUMROWS($result) > 0) { @@ -117,7 +114,7 @@ if (!isset($_POST['ok'])) // Remove double eintries $prev = ""; $dmy = $menus[$value_main]; $dmy2 = $titles[$value_main]; $dmy3 = $below[$value_main]; - foreach ($menus[$value_main] as $key=>$value) + foreach ($menus[$value_main] as $key => $value) { if ($value == $prev) { @@ -134,31 +131,31 @@ if (!isset($_POST['ok'])) } } } - $OUT = " + \n"; + foreach ($below as $key => $m) { if (is_array($m)) { - foreach ($m as $key2=>$m2) + foreach ($m as $key2 => $m2) { - $OUT .= " \n"; + $OUT .= "\n"; } } else { - $OUT .= " \n"; + $OUT .= " \n"; } } - $OUT .= ""; + $OUT .= ""; define('__BELOW_SELECTION' , $OUT); define('__WHAT_SELECTION' , ADMIN_MAKE_MENU_SELECTION("admin", "what", "name")); @@ -166,43 +163,37 @@ if (!isset($_POST['ok'])) // Display form LOAD_TEMPLATE("admin_admin_add"); -} - elseif (!IS_DEMO()) -{ +} elseif (!IS_DEMO()) { // Insert new menu entry - if (!empty($_POST['menu'])) - { + if (!empty($_POST['menu'])) { // Add sub menu - $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admin_menu (action, what, title, descr, sort) -VALUES('%s', '%s', '%s', '%s', '%s')", - array( - $_POST['menu'], - $_POST['name'], - $_POST['title'], - addslashes($_POST['descr']), - bigintval($_POST['sort']), -), __FILE__, __LINE__); - } - else - { + SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('%s','%s','%s','%s','%s')", + array( + $_POST['menu'], + $_POST['name'], + $_POST['title'], + $_POST['descr'], + bigintval($_POST['sort']), + ), __FILE__, __LINE__ + ); + CACHE_PURGE_ADMIN_MENU(0, $_POST['menu'], $_POST['name']); + } else { // Add main menu - $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admin_menu (action, title, descr, sort) -VALUES('%s', '%s', '%s', '%s')", - array( - $_POST['name'], - $_POST['title'], - addslashes($_POST['descr']), - bigintval($_POST['sort']), -), __FILE__, __LINE__); + SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_admin_menu` (action, title, descr, sort) VALUES ('%s','%s','%s','%s')", + array( + $_POST['name'], + $_POST['title'], + $_POST['descr'], + bigintval($_POST['sort']), + ), __FILE__, __LINE__ + ); + CACHE_PURGE_ADMIN_MENU(0, $_POST['name']); } - LOAD_TEMPLATE("admin_settings_saved", false, SAVING_DONE); -} - else -{ + LOAD_TEMPLATE("admin_settings_saved", false, getMessage('SETTINGS_SAVED')); +} else { // Is demo login! - LOAD_TEMPLATE("admin_settings_saved", false, SETTINGS_NOT_SAVED); + LOAD_TEMPLATE("admin_settings_saved", false, getMessage('SETTINGS_NOT_SAVED')); } -CLOSE_TABLE(); // ?>