X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-memedit.php;h=8e9fb5466c1e703973efde30988520823beaac84;hb=aa106991e88b0dab33bf2a2d2409638e26a4c656;hp=e8e635dbbf15f091d4553240b3b96cdc79a30be9;hpb=8383fc52cd2340ea1756f9e1808fa3589e27c341;p=mailer.git diff --git a/inc/modules/admin/what-memedit.php b/inc/modules/admin/what-memedit.php index e8e635dbbf..8e9fb5466c 100644 --- a/inc/modules/admin/what-memedit.php +++ b/inc/modules/admin/what-memedit.php @@ -32,16 +32,16 @@ ************************************************************************/ // Some security stuff... -if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN())) -{ +if ((!defined('__SECURITY')) || (!IS_ADMIN())) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); } + // Add description as navigation point -ADD_DESCR("admin", basename(__FILE__)); +ADD_DESCR("admin", __FILE__); // Do we edit/delete/change main menus or sub menus? -$AND = "what = ''"; $SUB = ""; +$AND = "(what = '' OR what IS NULL)"; $SUB = ""; if (!empty($_GET['sub'])) { @@ -53,22 +53,19 @@ if (!empty($_GET['sub'])) $chk = 0; if (!empty($_POST['sel'])) $chk = SELECTION_COUNT($_POST['sel']); -OPEN_TABLE("100%", "admin_content admin_content_align", ""); // List all menu points and make them editable -OUTPUT_HTML("

-
"); if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) { // Edit menu entries define('__SUB_VALUE', $SUB); define('__CHK_VALUE', $chk); $SW = 2; $cnt = 0; $OUT = ""; - foreach ($_POST['sel'] as $sel=>$confirm) + foreach ($_POST['sel'] as $sel => $confirm) { if ($confirm == 1) { $cnt++; - $result = SQL_QUERY_ESC("SELECT title, action, what, descr FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND id=%d LIMIT 1", + $result = SQL_QUERY_ESC("SELECT title, action, what FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND id=%s LIMIT 1", array(bigintval($sel)), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { @@ -110,12 +107,12 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) define('__SUB_VALUE', $SUB); define('__CHK_VALUE', $chk); $SW = 2; $cnt = 0; $OUT = ""; - foreach ($_POST['sel'] as $sel=>$confirm) + foreach ($_POST['sel'] as $sel => $confirm) { if ($confirm == 1) { $cnt++; - $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND id=%d LIMIT 1", + $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND id=%s LIMIT 1", array(bigintval($sel)), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { @@ -152,12 +149,12 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) define('__SUB_VALUE', $SUB); define('__CHK_VALUE', $chk); $SW = 2; $cnt = 0; $OUT = ""; - foreach ($_POST['sel'] as $sel=>$confirm) + foreach ($_POST['sel'] as $sel => $confirm) { if ($confirm == 1) { $cnt++; - $result = SQL_QUERY_ESC("SELECT title, visible, locked FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND id=%d LIMIT 1", + $result = SQL_QUERY_ESC("SELECT title, visible, locked FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND id=%s LIMIT 1", array(bigintval($sel)), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { @@ -196,25 +193,25 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) elseif ((isset($_POST['ok'])) && (!IS_DEMO())) { // An act is done... - foreach ($_POST['sel'] as $sel=>$menu) + foreach ($_POST['sel'] as $sel => $menu) { - $AND = "what = ''"; + $AND = "(what = '' OR what IS NULL)"; $sel = bigintval($sel); if (!empty($SUB)) $AND = "action='".$SUB."'"; switch ($_POST['ok']) { case "edit": // Edit menu - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET title='%s', action='%s', what='%s', descr='%s' WHERE ".$AND." AND id=%d LIMIT 1", - array($menu, $_POST['sel_act'][$sel], $_POST['sel_what'][$sel], $_POST['sel_descr'][$sel], $sel), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET title='%s', action='%s', what='%s' WHERE ".$AND." AND id=%s LIMIT 1", + array($menu, $_POST['sel_act'][$sel], $_POST['sel_what'][$sel], $sel), __FILE__, __LINE__); break; case "del": // Delete menu - $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND id=%d LIMIT 1", + $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND id=%s LIMIT 1", array($sel), __FILE__, __LINE__); break; case "status": // Change status of menus - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET visible='%s', locked='%s' WHERE ".$AND." AND id=%d LIMIT 1", + $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET visible='%s', locked='%s' WHERE ".$AND." AND id=%s LIMIT 1", array($_POST['visible'][$sel], $_POST['locked'][$sel], $sel), __FILE__, __LINE__); break; } @@ -244,10 +241,10 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) else { // Main menu selected - $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_member_menu WHERE what='' AND sort='%s' LIMIT 1", + $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_member_menu WHERE (what='' OR what IS NULL) AND sort='%s' LIMIT 1", array(bigintval($_GET['tid'])), __FILE__, __LINE__); list($tid) = SQL_FETCHROW($result); - $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_member_menu WHERE what='' AND sort='%s' LIMIT 1", + $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_member_menu WHERE (what='' OR what IS NULL) AND sort='%s' LIMIT 1", array(bigintval($_GET['fid'])), __FILE__, __LINE__); list($fid) = SQL_FETCHROW($result); } @@ -255,9 +252,9 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) if ((!empty($tid)) && (!empty($fid))) { // Sort menu - $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET sort='%s' WHERE ".$AND." AND id=%d LIMIT 1", + $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET sort='%s' WHERE ".$AND." AND id=%s LIMIT 1", array(bigintval($_GET['tid']), bigintval($fid)), __FILE__, __LINE__); - $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET sort='%s' WHERE ".$AND." AND id=%d LIMIT 1", + $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET sort='%s' WHERE ".$AND." AND id=%s LIMIT 1", array(bigintval($_GET['fid']), bigintval($tid)), __FILE__, __LINE__); } } @@ -265,12 +262,12 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) if (!empty($SUB)) { // Edit sub menus - $result = SQL_QUERY("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND what != '' ORDER BY sort ASC", __FILE__, __LINE__); + $result = SQL_QUERY("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND what != '' AND what IS NOT NULL ORDER BY sort ASC", __FILE__, __LINE__); } else { // Edit main menus - $result = SQL_QUERY("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_member_menu WHERE what='' ORDER BY sort ASC", __FILE__, __LINE__); + $result = SQL_QUERY("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_member_menu WHERE (what='' OR what IS NULL) ORDER BY sort ASC", __FILE__, __LINE__); } $max = SQL_NUMROWS($result); if ($max > 0) @@ -325,7 +322,6 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_NO_MENUS_FOUND); } } -OUTPUT_HTML("
"); -CLOSE_TABLE(); + // ?>