ADD_DESCR("admin", __FILE__);
// Check if the admin has entered title and what-php file name...
-if (((empty($_POST['title'])) || (empty($_POST['menu'])) || (empty($_POST['descr']))) && (isset($_POST['ok']))) {
- unset($_POST['ok']);
+if (((!REQUEST_ISSET_POST(('title'))) || (!REQUEST_ISSET_POST(('menu'))) || (!REQUEST_ISSET_POST(('descr')))) && (IS_FORM_SENT())) {
+ REQUEST_UNSET_POST('ok');
}
-if (!isset($_POST['ok']))
+if (!IS_FORM_SENT())
{
// Create arrays
$menus = array(); $titles = array(); $below = array();
LOAD_TEMPLATE("admin_admin_add");
} elseif (!IS_DEMO()) {
// Insert new menu entry
- if (!empty($_POST['menu'])) {
+ if (REQUEST_ISSET_POST(('menu'))) {
// Add sub menu
SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_admin_menu` (`action`,`what`,`title`,`descr`,`sort`) VALUES ('%s','%s','%s','%s','%s')",
array(
- $_POST['menu'],
- $_POST['name'],
- $_POST['title'],
- $_POST['descr'],
- bigintval($_POST['sort']),
+ REQUEST_POST('menu'),
+ REQUEST_POST('name'),
+ REQUEST_POST('title'),
+ REQUEST_POST('descr'),
+ bigintval(REQUEST_POST('sort')),
), __FILE__, __LINE__
);
- CACHE_PURGE_ADMIN_MENU(0, $_POST['menu'], $_POST['name']);
+ CACHE_PURGE_ADMIN_MENU(0, REQUEST_POST('menu'), REQUEST_POST('name'));
} else {
// Add main menu
SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_admin_menu` (action, title, descr, sort) VALUES ('%s','%s','%s','%s')",
array(
- $_POST['name'],
- $_POST['title'],
- $_POST['descr'],
- bigintval($_POST['sort']),
+ REQUEST_POST('name'),
+ REQUEST_POST('title'),
+ REQUEST_POST('descr'),
+ bigintval(REQUEST_POST('sort')),
), __FILE__, __LINE__
);
- CACHE_PURGE_ADMIN_MENU(0, $_POST['name']);
+ CACHE_PURGE_ADMIN_MENU(0, REQUEST_POST('name'));
}
LOAD_TEMPLATE("admin_settings_saved", false, getMessage('SETTINGS_SAVED'));
} else {