Security line in all includes changed
[mailer.git] / inc / modules / admin / what-admin_add.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 09/27/2003 *
4  * ===============                              Last change: 12/13/2004 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : what-admin_add.php                               *
8  * -------------------------------------------------------------------- *
9  * Short description : Add more entries to the admin menu               *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Mehr Menueeintraege zum Admin-Bereich einfuegen  *
12  * -------------------------------------------------------------------- *
13  *                                                                      *
14  * -------------------------------------------------------------------- *
15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
16  * For more information visit: http://www.mxchange.org                  *
17  *                                                                      *
18  * This program is free software; you can redistribute it and/or modify *
19  * it under the terms of the GNU General Public License as published by *
20  * the Free Software Foundation; either version 2 of the License, or    *
21  * (at your option) any later version.                                  *
22  *                                                                      *
23  * This program is distributed in the hope that it will be useful,      *
24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
26  * GNU General Public License for more details.                         *
27  *                                                                      *
28  * You should have received a copy of the GNU General Public License    *
29  * along with this program; if not, write to the Free Software          *
30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
31  * MA  02110-1301  USA                                                  *
32  ************************************************************************/
33
34 // Some security stuff...
35 if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
36         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
37         require($INC);
38 }
39
40 // Add description as navigation point
41 ADD_DESCR("admin", basename(__FILE__));
42
43 // Check if the admin has entered title and what-php file name...
44 if (((empty($_POST['title'])) || (empty($_POST['menu'])) || (empty($_POST['descr']))) && (isset($_POST['ok']))) {
45         unset($_POST['ok']);
46 }
47
48 if (!isset($_POST['ok']))
49 {
50         // Create arrays
51         $menus = array(); $titles = array(); $below = array();
52
53         // Get all available main menus
54         $result = SQL_QUERY("SELECT action, title, sort FROM "._MYSQL_PREFIX."_admin_menu WHERE (what='' OR what IS NULL) ORDER BY sort", __FILE__, __LINE__);
55         if (SQL_NUMROWS($result) > 0)
56         {
57                 // Read menu structure
58                 while (list($act, $title, $sort) = SQL_FETCHROW($result))
59                 {
60                         // Menu actions
61                         $menus[] = $act;
62
63                         // Menu titles
64                         $titles[] = $title;
65
66                         // Below this menu point should the new be added so we simply increase the sort value by 1 :-)
67                         $below[] = $sort + 1;
68                 }
69
70                 // Free memory
71                 SQL_FREERESULT($result);
72
73                 // Remove double eintries
74                 $prev = ""; $dmy = $menus; $dmy2 = $titles; $dmy3 = $below;
75                 foreach ($menus as $key => $value)
76                 {
77                         if ($value == $prev)
78                         {
79                                 unset($dmy[$key]);
80                                 unset($dmy2[$key]);
81                                 unset($dmy3[$key]);
82                         }
83                          else
84                         {
85                                 $prev = $value;
86                         }
87                 }
88                 $menus = $dmy; $titles = $dmy2; $below = $dmy3;
89                 // Load sub menus :)
90                 foreach ($menus as $key_main => $value_main)
91                 {
92                         $result = SQL_QUERY_ESC("SELECT what, title, sort FROM "._MYSQL_PREFIX."_admin_menu WHERE action='%s' AND what != '' AND what IS NOT NULL ORDER BY sort",
93                          array($value_main), __FILE__, __LINE__);
94                         if (SQL_NUMROWS($result) > 0)
95                         {
96                                 $menus[$value_main] = array();
97                                 $titles[$value_main] = array();
98                                 $below[$value_main] = array();
99                                 // Read menu structure
100                                 while (list($act, $title, $sort) = SQL_FETCHROW($result))
101                                 {
102                                         // Menu actions
103                                         $menus[$value_main][] = $act;
104
105                                         // Menu titles
106                                         $titles[$value_main][] = $title;
107
108                                         // Below this menu point should the new be added so we simply increase the sort value by 1 :-)
109                                         $below[$value_main][] = $sort + 1;
110                                 }
111
112                                 // Free memory
113                                 SQL_FREERESULT($result);
114
115                                 // Remove double eintries
116                                 $prev = ""; $dmy = $menus[$value_main]; $dmy2 = $titles[$value_main]; $dmy3 = $below[$value_main];
117                                 foreach ($menus[$value_main] as $key => $value)
118                                 {
119                                         if ($value == $prev)
120                                         {
121                                                 unset($dmy[$key]);
122                                                 unset($dmy2[$key]);
123                                                 unset($dmy3[$key]);
124                                         }
125                                          else
126                                         {
127                                                 $prev = $value;
128                                         }
129                                 }
130                                 $menus[$value_main] = $dmy; $titles[$value_main] = $dmy2; $below[$value_main] = $dmy3;
131                         }
132                 }
133         }
134         $OUT = "    <SELECT class=\"admin_select\" name=\"sort\" size=\"1\">
135       <OPTION value=\"0\">".IS_FIRST_MENU."</OPTION>\n";
136         foreach ($below as $key => $m)
137         {
138                 if (is_array($m))
139                 {
140                         foreach ($m as $key2 => $m2)
141                         {
142                                 $OUT .= "      <OPTION value=\"".$m2."\">".$titles[$key][$key2];
143                                 foreach ($menus as $k => $v)
144                                 {
145                                         if (($v == $key) && (!is_array($v)))
146                                         {
147                                                 $OUT .= " (".$titles[$k].")";
148                                         }
149                                 }
150                                 $OUT .= "</OPTION>\n";
151                         }
152                 }
153                  else
154                 {
155                         $OUT .= "      <OPTION value=\"".$m."\">".$titles[$key]."</OPTION>\n";
156                 }
157         }
158         $OUT .= "</SELECT>";
159
160         define('__BELOW_SELECTION' , $OUT);
161         define('__WHAT_SELECTION'  , ADMIN_MAKE_MENU_SELECTION("admin", "what", "name"));
162         define('__ACTION_SELECTION', ADMIN_MAKE_MENU_SELECTION("admin", "action", "menu"));
163
164         // Display form
165         LOAD_TEMPLATE("admin_admin_add");
166 }
167  elseif (!IS_DEMO())
168 {
169         // Insert new menu entry
170         if (!empty($_POST['menu']))
171         {
172                 // Add sub menu
173                 $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admin_menu (action, what, title, descr, sort)
174 VALUES('%s', '%s', '%s', '%s', '%s')",
175  array(
176         $_POST['menu'],
177         $_POST['name'],
178         $_POST['title'],
179         addslashes($_POST['descr']),
180         bigintval($_POST['sort']),
181 ), __FILE__, __LINE__);
182                 CACHE_PURGE_ADMIN_MENU(0, $_POST['menu'], $_POST['name']);
183         }
184          else
185         {
186                 // Add main menu
187                 $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admin_menu (action, title, descr, sort)
188 VALUES('%s', '%s', '%s', '%s')",
189  array(
190         $_POST['name'],
191         $_POST['title'],
192         addslashes($_POST['descr']),
193         bigintval($_POST['sort']),
194 ), __FILE__, __LINE__);
195                 CACHE_PURGE_ADMIN_MENU(0, $_POST['name']);
196         }
197         LOAD_TEMPLATE("admin_settings_saved", false, SAVING_DONE);
198 }
199  else
200 {
201         // Is demo login!
202         LOAD_TEMPLATE("admin_settings_saved", false, SETTINGS_NOT_SAVED);
203 }
204
205 //
206 ?>