************************************************************************/
// Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN())) {
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
} elseif ((isset($_POST['ok'])) && (isset($_GET['do']))) {
// Change or delete entries...
$TEXT = "";
- foreach ($_POST['id'] as $id=>$value) {
+ foreach ($_POST['id'] as $id => $value) {
// Secure ID
$id = bigintval($id);
switch ($_GET['do'])
{
case "edit": // Change entries
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_max_receive SET value='%s', comment='%s' WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_max_receive SET value='%s', comment='%s' WHERE id=%s LIMIT 1",
array(bigintval($_POST['val'][$id]), $_POST['comm'][$id], $id),__FILE__, __LINE__);
$TEXT = MRECEIVE_SAVED;
break;
case "del":
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_max_receive WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_max_receive WHERE id=%s LIMIT 1",
array($id), __FILE__, __LINE__);
$TEXT = MRECEIVE_DELETED;
break;
} elseif ((isset($_POST['del'])) && ((SELECTION_COUNT($_POST['sel']) > 0) || (isset($_POST['sel'][0])))) {
// Delete entries
$SW = 2; $OUT = "";
- foreach ($_POST['sel'] as $id=>$value)
+ foreach ($_POST['sel'] as $id => $value)
{
// Load data
- $result = SQL_QUERY_ESC("SELECT value, comment FROM "._MYSQL_PREFIX."_max_receive WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT value, comment FROM "._MYSQL_PREFIX."_max_receive WHERE id=%s LIMIT 1",
array(bigintval($id)), __FILE__, __LINE__);
list($value, $comment) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
} elseif ((isset($_POST['edit'])) && ((SELECTION_COUNT($_POST['sel']) > 0) || (isset($_POST['sel'][0])))) {
// Edit entries
$SW = 2; $OUT = "";
- foreach ($_POST['sel'] as $id=>$value) {
+ foreach ($_POST['sel'] as $id => $value) {
// Load data
- $result = SQL_QUERY_ESC("SELECT value, comment FROM "._MYSQL_PREFIX."_max_receive WHERE id=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT value, comment FROM "._MYSQL_PREFIX."_max_receive WHERE id=%s LIMIT 1",
array(bigintval($id)), __FILE__, __LINE__);
list($value, $comment) = SQL_FETCHROW($result);
SQL_FREERESULT($result);