************************************************************************/
// Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
+
// Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
// Check if the admin has entered title and what-php file name...
-if (((empty($_POST['title'])) || (empty($_POST['menu'])) || (empty($_POST['descr']))) && (isset($_POST['ok'])))
-{
+if (((empty($_POST['title'])) || (empty($_POST['menu'])) || (empty($_POST['descr']))) && (isset($_POST['ok']))) {
unset($_POST['ok']);
}
if (!empty($_POST['menu']))
{
// Add sub menu
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admin_menu (action, what, title, descr, sort)
-VALUES('%s', '%s', '%s', '%s', '%s')",
+ $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admin_menu (`action`,`what`,`title`,`descr`,`sort`)
+VALUES('%s','%s','%s','%s','%s')",
array(
$_POST['menu'],
$_POST['name'],
addslashes($_POST['descr']),
bigintval($_POST['sort']),
), __FILE__, __LINE__);
+ CACHE_PURGE_ADMIN_MENU(0, $_POST['menu'], $_POST['name']);
}
else
{
// Add main menu
$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admin_menu (action, title, descr, sort)
-VALUES('%s', '%s', '%s', '%s')",
+VALUES('%s','%s','%s','%s')",
array(
$_POST['name'],
$_POST['title'],
addslashes($_POST['descr']),
bigintval($_POST['sort']),
), __FILE__, __LINE__);
+ CACHE_PURGE_ADMIN_MENU(0, $_POST['name']);
}
LOAD_TEMPLATE("admin_settings_saved", false, SAVING_DONE);
}