X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-memedit.php;h=038b52fd0ce5f14591554aaf5336b00339a0ed20;hb=4c83f0cc7459cad9ec9c1c68963f5365155ee935;hp=fb80b42047b90a0411285c1d40192394449e2853;hpb=08b3c51b70b6498fd92a2760979d64470ad1b586;p=mailer.git

diff --git a/inc/modules/admin/what-memedit.php b/inc/modules/admin/what-memedit.php
index fb80b42047..038b52fd0c 100644
--- a/inc/modules/admin/what-memedit.php
+++ b/inc/modules/admin/what-memedit.php
@@ -43,22 +43,22 @@ ADD_DESCR("admin", __FILE__);
 // Do we edit/delete/change main menus or sub menus?
 $AND = "(`what` = '' OR `what` IS NULL)"; $SUB = "";
 
-if (!empty($_GET['sub'])) {
-	$AND = sprintf("action='%s' AND `what` IS NOT NULL", SQL_ESCAPE($_GET['sub']));
-	$SUB = SQL_ESCAPE($_GET['sub']);
+if (REQUEST_ISSET_GET(('sub'))) {
+	$AND = sprintf("action='%s' AND `what` IS NOT NULL", REQUEST_GET(('sub')));
+	$SUB = REQUEST_GET(('sub'));
 }
 
 // Get count of (maybe) selected menu points
 $chk = 0;
-if (!empty($_POST['sel'])) $chk = SELECTION_COUNT($_POST['sel']);
+if (REQUEST_ISSET_POST(('sel'))) $chk = SELECTION_COUNT(REQUEST_POST('sel'));
 
 // List all menu points and make them editable
-if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) {
+if ((REQUEST_ISSET_POST(('edit'))) && ($chk > 0) && (!IS_DEMO())) {
 	// Edit menu entries
 	define('__SUB_VALUE', $SUB);
 	define('__CHK_VALUE', $chk);
 	$SW = 2; $cnt = 0; $OUT = "";
-	foreach ($_POST['sel'] as $sel => $confirm) {
+	foreach (REQUEST_POST('sel') as $sel => $confirm) {
 		if ($confirm == 1) {
 			$cnt++;
 			$result = SQL_QUERY_ESC("SELECT title, action, what FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE ".$AND." AND id=%s LIMIT 1",
@@ -93,12 +93,12 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) {
 
 	// Load template
 	LOAD_TEMPLATE("admin_mmenu_edit");
-} elseif ((isset($_POST['del'])) && ($chk > 0) && (!IS_DEMO())) {
+} elseif ((REQUEST_ISSET_POST(('del'))) && ($chk > 0) && (!IS_DEMO())) {
 	// Del menu entries with or without confirmation
 	define('__SUB_VALUE', $SUB);
 	define('__CHK_VALUE', $chk);
 	$SW = 2; $cnt = 0; $OUT = "";
-	foreach ($_POST['sel'] as $sel => $confirm) {
+	foreach (REQUEST_POST('sel') as $sel => $confirm) {
 		if ($confirm == 1) {
 			$cnt++;
 			$result = SQL_QUERY_ESC("SELECT title FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE ".$AND." AND id=%s LIMIT 1",
@@ -131,12 +131,12 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) {
 
 	// Load template
 	LOAD_TEMPLATE("admin_mmenu_delete");
-} elseif ((isset($_POST['status'])) && ($chk > 0) && (!IS_DEMO())) {
+} elseif ((REQUEST_ISSET_POST(('status'))) && ($chk > 0) && (!IS_DEMO())) {
 	// Change status (visible / locked)
 	define('__SUB_VALUE', $SUB);
 	define('__CHK_VALUE', $chk);
 	$SW = 2; $cnt = 0; $OUT = "";
-	foreach ($_POST['sel'] as $sel => $confirm) {
+	foreach (REQUEST_POST('sel') as $sel => $confirm) {
 		if ($confirm == 1) {
 			$cnt++;
 			$result = SQL_QUERY_ESC("SELECT title, visible, locked FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE ".$AND." AND id=%s LIMIT 1",
@@ -173,17 +173,17 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) {
 	define('__CNT_VALUE', $cnt);
 	//
 	LOAD_TEMPLATE("admin_mmenu_status");
-} elseif ((isset($_POST['ok'])) && (!IS_DEMO())) {
+} elseif ((IS_FORM_SENT()) && (!IS_DEMO())) {
 	// An act is done...
-	foreach ($_POST['sel'] as $sel => $menu) {
+	foreach (REQUEST_POST('sel') as $sel => $menu) {
 		$AND = "(`what` = '' OR `what` IS NULL)";
 		$sel = bigintval($sel);
 		if (!empty($SUB)) $AND = "action='".$SUB."'";
-		switch ($_POST['ok'])
+		switch (REQUEST_POST('ok'))
 		{
 		case "edit": // Edit menu
 			SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_member_menu` SET `title`='%s', `action`='%s', `what`='%s' WHERE ".$AND." AND id=%s LIMIT 1",
-				array($menu, $_POST['sel_act'][$sel], $_POST['sel_what'][$sel], $sel), __FILE__, __LINE__);
+				array($menu, REQUEST_POST('sel_act', $sel), REQUEST_POST('sel_what', $sel), $sel), __FILE__, __LINE__);
 			break;
 
 		case "del": // Delete menu
@@ -193,7 +193,7 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) {
 
 		case "status": // Change status of menus
 			SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_member_menu` SET `visible`='%s', `locked`='%s' WHERE ".$AND." AND id=%s LIMIT 1",
-				array($_POST['visible'][$sel], $_POST['locked'][$sel], $sel), __FILE__, __LINE__);
+				array(REQUEST_POST('visible', $sel), REQUEST_POST('locked', $sel), $sel), __FILE__, __LINE__);
 			break;
 		}
 		break;
@@ -202,37 +202,37 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) {
 	// Load template
 	LOAD_TEMPLATE("admin_settings_saved", false, getMessage('SETTINGS_SAVED'));
 } else {
-	if ((!empty($_GET['act'])) && (!empty($_GET['tid'])) && (!empty($_GET['fid']))) {
+	if ((REQUEST_ISSET_GET(('act'))) && (REQUEST_ISSET_GET(('tid'))) && (REQUEST_ISSET_GET(('fid')))) {
 		// Init
 		$tid = ""; $fid = "";
 
 		// Get IDs
-		if (!empty($_GET['w'])) {
+		if (REQUEST_ISSET_GET(('w'))) {
 			// Sub menus selected
 			$result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE `action`='%s' AND `sort`='%s' LIMIT 1",
-			 array(bigintval($_GET['act']), bigintval($_GET['tid'])), __FILE__, __LINE__);
+			 array(bigintval(REQUEST_GET('act')), bigintval(REQUEST_GET('tid'))), __FILE__, __LINE__);
 			list($tid) = SQL_FETCHROW($result);
 			SQL_FREERESULT($result);
 			$result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE `action`='%s' AND `sort`='%s' LIMIT 1",
-			 array(bigintval($_GET['act']), bigintval($_GET['fid'])), __FILE__, __LINE__);
+			 array(bigintval(REQUEST_GET('act')), bigintval(REQUEST_GET('fid'))), __FILE__, __LINE__);
 			list($fid) = SQL_FETCHROW($result);
 			SQL_FREERESULT($result);
 		} else {
 			// Main menu selected
 			$result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE (what='' OR `what` IS NULL) AND `sort`='%s' LIMIT 1",
-			 array(bigintval($_GET['tid'])), __FILE__, __LINE__);
+			 array(bigintval(REQUEST_GET('tid'))), __FILE__, __LINE__);
 			list($tid) = SQL_FETCHROW($result);
 			$result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE (what='' OR `what` IS NULL) AND `sort`='%s' LIMIT 1",
-			 array(bigintval($_GET['fid'])), __FILE__, __LINE__);
+			 array(bigintval(REQUEST_GET('fid'))), __FILE__, __LINE__);
 			list($fid) = SQL_FETCHROW($result);
 		}
 
 		if ((!empty($tid)) && (!empty($fid))) {
 			// Sort menu
 			SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_member_menu` SET `sort`='%s' WHERE ".$AND." AND id=%s LIMIT 1",
-				array(bigintval($_GET['tid']), bigintval($fid)), __FILE__, __LINE__);
+				array(bigintval(REQUEST_GET('tid')), bigintval($fid)), __FILE__, __LINE__);
 			SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_member_menu` SET `sort`='%s' WHERE ".$AND." AND id=%s LIMIT 1",
-				array(bigintval($_GET['fid']), bigintval($tid)), __FILE__, __LINE__);
+				array(bigintval(REQUEST_GET('fid')), bigintval($tid)), __FILE__, __LINE__);
 		} // END - -fi
 	}