X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fmember%2Fwhat-categories.php;h=3a7bbc9e04e4bdb43af54342170cbc0bc0b7ed27;hb=497d9d8fcda61391c149af3747118bb2772c7c26;hp=13e65235e32ef219639a97f2a4fbdd1e90150011;hpb=75ad748a68473ace540251427a74fb781b1145e9;p=mailer.git diff --git a/inc/modules/member/what-categories.php b/inc/modules/member/what-categories.php index 13e65235e3..3a7bbc9e04 100644 --- a/inc/modules/member/what-categories.php +++ b/inc/modules/member/what-categories.php @@ -32,24 +32,21 @@ ************************************************************************/ // Some security stuff... -if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) -{ +if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); -} - elseif (!IS_LOGGED_IN()) -{ - LOAD_URL(URL."/modules.php[13~?module=index"); +} elseif (!IS_MEMBER()) { + LOAD_URL("modules.php[13~?module=index"); } // Add description as navigation point -ADD_DESCR("member", basename(__FILE__)); +ADD_DESCR("member", __FILE__); $UID = $GLOBALS['userid']; -$WHERE = " WHERE visible='Y'"; -if (IS_ADMIN()) $WHERE = ""; +$whereStatement = " WHERE visible='Y'"; +if (IS_ADMIN()) $whereStatement = ""; -$result = SQL_QUERY("SELECT id, cat FROM "._MYSQL_PREFIX."_cats".$WHERE." ORDER BY sort", __FILE__, __LINE__); +$result = SQL_QUERY("SELECT id, cat FROM "._MYSQL_PREFIX."_cats".$whereStatement." ORDER BY sort", __FILE__, __LINE__); $cats = SQL_NUMROWS($result); if ($cats > 0) @@ -58,11 +55,11 @@ if ($cats > 0) if (isset($_POST['ok'])) { $cnt = 0; - foreach ($_POST['cat'] as $cat=>$joined) + foreach ($_POST['cat'] as $cat => $joined) { if ($joined == "N") $cnt++; } - if (($cats - $cnt) < $CONFIG['least_cats']) + if (($cats - $cnt) < $_CONFIG['least_cats']) { unset($_POST['ok']); $LEAST = true; @@ -70,18 +67,18 @@ if ($cats > 0) } if (isset($_POST['ok'])) { - foreach ($_POST['cat'] as $cat=>$joined) + foreach ($_POST['cat'] as $cat => $joined) { switch ($joined) { - case "Y": + case 'Y': $sql = ""; - $result_user = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_user_cats WHERE userid=%d AND cat_id=%d LIMIT 1", + $result_user = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_user_cats WHERE userid=%s AND cat_id=%s LIMIT 1", array($UID, bigintval($cat)), __FILE__, __LINE__); if (SQL_NUMROWS($result_user) == 0) { - $sql = "INSERT INTO "._MYSQL_PREFIX."_user_cats (userid, cat_id) VALUES ('%s', '%s')"; + $sql = "INSERT INTO "._MYSQL_PREFIX."_user_cats (userid, cat_id) VALUES ('%s','%s')"; } else { @@ -90,8 +87,8 @@ if ($cats > 0) } break; - case "N": - $sql = "DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_cats WHERE userid=%d AND cat_id=%d LIMIT 1"; + case 'N': + $sql = "DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_cats WHERE userid=%s AND cat_id=%s LIMIT 1"; break; } if (!empty($sql)) @@ -108,7 +105,7 @@ if ($cats > 0) if ($LEAST) { // Also here we have to secure it... :( - LOAD_TEMPLATE("admin_settings_saved", true, CATS_LEAST.": ".$CONFIG['least_cats']); + LOAD_TEMPLATE("admin_settings_saved", true, CATS_LEAST.": ".$_CONFIG['least_cats']); } // Put some data into constants for the template define('__ROWS', ($cats*2+4)); @@ -121,22 +118,22 @@ if ($cats > 0) while (list($id, $cat) = SQL_FETCHROW($result)) { // Default he has not joined - $JOINED_N = " checked"; $JOINED_Y = ""; + $JOINED_N = " checked=\"checked\""; $JOINED_Y = ""; // Check category selection - $result_user = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_user_cats WHERE userid=%d AND cat_id=%d LIMIT 1", + $result_user = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_user_cats WHERE userid=%s AND cat_id=%s LIMIT 1", array($UID, bigintval($id)), __FILE__, __LINE__); // When we found an entry don't read it, just change the JOINED_x variables if (isset($_POST['cat'])) { - if ($_POST['cat'][$id] =="Y") { $JOINED_Y = " checked"; $JOINED_N = ""; } + if ($_POST['cat'][$id] =='Y') { $JOINED_Y = " checked=\"checked\""; $JOINED_N = ""; } } else { if (SQL_NUMROWS($result_user) == 1) { - $JOINED_Y = " checked"; $JOINED_N = ""; + $JOINED_Y = " checked=\"checked\""; $JOINED_N = ""; } // Free memory