X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-guestedit.php;h=8d295b27dc8606be94bef7868e76699afcb43b2d;hb=8de8b629e44e395877e196ebbb163c98030b35bd;hp=d27a0f11c59e4349f39e5db513ee5f2a633c93e2;hpb=80e2def8ef2125fd4d7d1312ee3993ab613f0846;p=mailer.git diff --git a/inc/modules/admin/what-guestedit.php b/inc/modules/admin/what-guestedit.php index d27a0f11c5..8d295b27dc 100644 --- a/inc/modules/admin/what-guestedit.php +++ b/inc/modules/admin/what-guestedit.php @@ -32,22 +32,21 @@ ************************************************************************/ // Some security stuff... -if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN())) -{ +if ((!defined('__SECURITY')) || (!IS_ADMIN())) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); } + // Add description as navigation point -ADD_DESCR("admin", basename(__FILE__)); +ADD_DESCR("admin", __FILE__); // Do we edit/delete/change main menus or sub menus? -$AND = "what = ''"; $SUB = ""; +$AND = "(what = '' OR what IS NULL)"; $SUB = ""; -if (!empty($_GET['sub'])) -{ - $AND = sprintf("action='%s'", SQL_ESCAPE($_GET['sub'])); +if (!empty($_GET['sub'])) { + $AND = sprintf("action='%s' AND what IS NOT NULL", SQL_ESCAPE($_GET['sub'])); $SUB = SQL_ESCAPE($_GET['sub']); -} +} // END - if // Get count of (maybe) selected menu points $chk = 0; @@ -66,12 +65,12 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) if ($confirm == 1) { $cnt++; - $query = SQL_QUERY_ESC("SELECT title, action, what FROM "._MYSQL_PREFIX."_guest_menu WHERE ".$AND." AND id=%s LIMIT 1", + $result = SQL_QUERY_ESC("SELECT title, action, what FROM "._MYSQL_PREFIX."_guest_menu WHERE ".$AND." AND id=%s LIMIT 1", array(bigintval($sel)), __FILE__, __LINE__); - if (SQL_NUMROWS($query) == 1) + if (SQL_NUMROWS($result) == 1) { // Entry found so we load the stuff... - list($menu, $act, $wht) = SQL_FETCHROW($query); + list($menu, $act, $wht) = SQL_FETCHROW($result); SQL_FREERESULT($result); $DATA = array( 'cnt' => $cnt, @@ -113,12 +112,12 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) if ($confirm == 1) { $cnt++; - $query = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_guest_menu WHERE ".$AND." AND id=%s LIMIT 1", + $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_guest_menu WHERE ".$AND." AND id=%s LIMIT 1", array(bigintval($sel)), __FILE__, __LINE__); - if (SQL_NUMROWS($query) == 1) + if (SQL_NUMROWS($result) == 1) { // Entry found so we load the stuff... - list($menu) = SQL_FETCHROW($query); + list($menu) = SQL_FETCHROW($result); SQL_FREERESULT($result); $DATA = array( 'cnt' => $cnt, @@ -158,20 +157,20 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) $sel = bigintval($sel); // Update entry - $query = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_guest_menu SET title='%s', action='%s', what='%s' WHERE ".$AND." AND id=%s LIMIT 1", + $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_guest_menu SET title='%s', action='%s', what='%s' WHERE ".$AND." AND id=%s LIMIT 1", array($menu, $_POST['sel_action'][$sel], $_POST['sel_what'][$sel], $sel),__FILE__, __LINE__); } - LOAD_TEMPLATE("admin_data_saved"); + LOAD_TEMPLATE("admin_settings_saved", false, SAVING_DONE); break; case "del": // Delete menu foreach ($_POST['sel'] as $sel => $menu) { // Delete enty - $query = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_guest_menu WHERE ".$AND." AND id=%s LIMIT 1", + $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_guest_menu WHERE ".$AND." AND id=%s LIMIT 1", array(bigintval($sel)), __FILE__, __LINE__); } - LOAD_TEMPLATE("admin_data_saved"); + LOAD_TEMPLATE("admin_settings_saved", false, SAVING_DONE); break; case "status": // Change access levels @@ -184,11 +183,12 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_guest_menu SET visible='%s', locked='%s' WHERE ".$AND." AND id=%s LIMIT 1", array($_POST['visible'][$sel], $_POST['locked'][$sel], $sel), __FILE__, __LINE__); } - LOAD_TEMPLATE("admin_data_saved"); + LOAD_TEMPLATE("admin_settings_saved", false, SAVING_DONE); break; default: // Unexpected action define('__OK_VALUE', $_POST['ok']); + DEBUG_LOG(__FILE__, __LINE__, sprintf("Unsupported action %s detected.", $_POST['ok'])); LOAD_TEMPLATE("admin_menu_unknown_okay"); break; } @@ -242,14 +242,10 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) // Load template LOAD_TEMPLATE("admin_gmenu_status"); -} - else -{ - if ((!empty($_GET['act'])) && (!empty($_GET['tid'])) && (!empty($_GET['fid']))) - { +} else { + if ((!empty($_GET['act'])) && (!empty($_GET['tid'])) && (!empty($_GET['fid']))) { // Get IDs - if (!empty($_GET['w'])) - { + if (!empty($_GET['w'])) { // Sub menus selected $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_guest_menu WHERE action='%s' AND sort='%s' LIMIT 1", array($_GET['act'], bigintval($_GET['tid'])), __FILE__, __LINE__); @@ -259,9 +255,7 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) array($_GET['act'], bigintval($_GET['fid'])), __FILE__, __LINE__); list($fid) = SQL_FETCHROW($result); SQL_FREERESULT($result); - } - else - { + } else { // Main menu selected $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_guest_menu WHERE (what='' OR what IS NULL) AND sort='%s' LIMIT 1", array(bigintval($_GET['tid'])), __FILE__, __LINE__); @@ -273,47 +267,34 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) SQL_FREERESULT($result); } - if ((!empty($tid)) && (!empty($fid))) - { + if ((!empty($tid)) && (!empty($fid))) { // Sort menu $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_guest_menu SET sort='%s' WHERE ".$AND." AND id=%s LIMIT 1", - array(bigintval($_GET['tid']), bigintval($fid)), __FILE__, __LINE__); + array(bigintval($_GET['tid']), bigintval($fid)), __FILE__, __LINE__); $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_guest_menu SET sort='%s' WHERE ".$AND." AND id=%s LIMIT 1", - array(bigintval($_GET['fid']), bigintval($tid)), __FILE__, __LINE__); - } - } + array(bigintval($_GET['fid']), bigintval($tid)), __FILE__, __LINE__); + } // END - if + } // END - if // By default list menus - if (empty($SUB)) - { + if (empty($SUB)) { // List only main menus - $query = SQL_QUERY("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_guest_menu WHERE (what='' OR what IS NULL) ORDER BY sort ASC", __FILE__, __LINE__); - } - else - { + $result = SQL_QUERY("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_guest_menu WHERE (what='' OR what IS NULL) ORDER BY sort ASC", __FILE__, __LINE__); + } else { // List sub menus - $query = SQL_QUERY_ESC("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_guest_menu WHERE action='%s' AND what != '' ORDER BY sort ASC", + $result = SQL_QUERY_ESC("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_guest_menu WHERE action='%s' AND what != '' AND what IS NOT NULL ORDER BY sort ASC", array($SUB), __FILE__, __LINE__); } // Get number of menu entries - $max = SQL_NUMROWS($query); + $max = SQL_NUMROWS($result); if ($max > 0) { - // Some entties does exist! - if (!empty($SUB)) - { - // Set sub value - define('__SUB_VALUE', $SUB); - } - else - { - // No sub menu selected - define('__SUB_VALUE', ""); - } + // Set sub value + define('__SUB_VALUE', $SUB); $SW = 2; $cnt = 0; $OUT = ""; - while (list($id, $act, $wht, $title, $sort) = SQL_FETCHROW($query)) + while (list($id, $act, $wht, $title, $sort) = SQL_FETCHROW($result)) { $cnt++; if (($sort == 0) || (($sort == 1) && (!empty($SUB)))) @@ -348,7 +329,7 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) } // Free memory - SQL_FREERESULT($query); + SQL_FREERESULT($result); define('__MENU_ROWS', $OUT); // Load template