// Add description as navigation point
ADD_DESCR("admin", __FILE__);
-if (!empty($_GET['rallye']))
+if (REQUEST_ISSET_GET(('rallye')))
{
// Price submitted?
- if (isset($_POST['add']))
+ if (REQUEST_ISSET_POST(('add')))
{
- if ((!empty($_POST['level'])) && ((!empty($_POST['points'])) || (!empty($_POST['info']))))
+ if ((REQUEST_ISSET_POST(('level'))) && ((REQUEST_ISSET_POST(('points'))) || (REQUEST_ISSET_POST(('info')))))
{
// Submitted data is valid, but maybe we already have this price level?
$result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_rallye_prices` WHERE rallye_id=%s AND price_level='%s' LIMIT 1",
- array(bigintval($_GET['rallye']), bigintval($_POST['level'])), __FILE__, __LINE__);
+ array(bigintval(REQUEST_GET('rallye')), bigintval(REQUEST_POST('level'))), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 0)
{
SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_rallye_prices` (rallye_id, price_level, points, info)
VALUES ('%s','%s','%s','%s')",
array(
- bigintval($_GET['rallye']),
- bigintval($_POST['level']),
- $_POST['points'],
- $_POST['info']
+ bigintval(REQUEST_GET('rallye')),
+ bigintval(REQUEST_POST('level')),
+ REQUEST_POST('points'),
+ REQUEST_POST('info')
), __FILE__, __LINE__);
LOAD_TEMPLATE("admin_settings_saved", false, RALLYE_PRICE_LEVEL_SAVED);
}
LOAD_TEMPLATE("admin_settings_saved", false, RALLYE_PRICE_ALREADY_FOUND);
}
}
- } elseif (isset($_POST['remove'])) {
+ } elseif (REQUEST_ISSET_POST(('remove'))) {
// Check if at last one line is selected
- $SEL = SELECTION_COUNT($_POST['sel']);
+ $SEL = SELECTION_COUNT(REQUEST_POST('sel'));
if ($SEL > 0) {
// Delete selected entries
- foreach ($_POST['sel'] as $id => $sel) {
+ foreach (REQUEST_POST('sel') as $id => $sel) {
SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_rallye_prices` WHERE id=%s LIMIT 1",
array(bigintval($id)), __FILE__, __LINE__);
}
} else {
LOAD_TEMPLATE("admin_settings_saved", false, RALLYE_ENTRIES_NOT_DELETED);
}
- } elseif (isset($_POST['change'])) {
+ } elseif (REQUEST_ISSET_POST(('change'))) {
// Change entries
- foreach ($_POST['level'] as $id => $level) {
+ foreach (REQUEST_POST('level') as $id => $level) {
// Secure ID
$id = bigintval($id);
// Update entry
SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_rallye_prices` SET rallye_id=%s, price_level='%s', points='%s', info='%s' WHERE id=%s LIMIT 1",
- array($_POST['rallye_id'][$id], bigintval($level), $_POST['points'][$id], $_POST['infos'][$id], $id), __FILE__, __LINE__);
+ array(
+ REQUEST_POST('rallye_id', $id),
+ bigintval($level),
+ REQUEST_POST('points', $id]),
+ REQUEST_POST('infos', $id),
+ $id
+ ), __FILE__, __LINE__);
}
// Output message
LOAD_TEMPLATE("admin_settings_saved", false, RALLYE_ENTRIES_CHANGED);
}
- if (isset($_POST['edit'])) {
+ if (REQUEST_ISSET_POST(('edit'))) {
// Check if at last one line is selected
- $SEL = SELECTION_COUNT($_POST['sel']);
- if ($SEL > 0)
- {
+ $SEL = SELECTION_COUNT(REQUEST_POST('sel'));
+ if ($SEL > 0) {
// Make selected editable
$SW = 2; $OUT = "";
- foreach ($_POST['sel'] as $id => $sel)
- {
+ foreach (REQUEST_POST('sel') as $id => $sel) {
// Load data to selected rallye
$result = SQL_QUERY_ESC("SELECT rallye_id, price_level, points, info FROM `{!_MYSQL_PREFIX!}_rallye_prices` WHERE id=%s LIMIT 1",
- array(bigintval($id)), __FILE__, __LINE__);
+ array(bigintval($id)), __FILE__, __LINE__);
list($rallye, $level, $points, $infos) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
define('__PRICE_ROWS', $OUT);
// Prepare data for the main template
- define('__RALLYE_ID', $_GET['rallye']);
+ define('__RALLYE_ID', REQUEST_GET('rallye'));
// Load main template
LOAD_TEMPLATE("admin_config_rallye_edit");
else
{
// Nothing selected
- $content = RALLYE_NO_PRICES_SELECTED_1."<a href=\"{!URL!}/modules.php?module=admin&what=config_rallye_prices&rallye=".$_GET['rallye']."\">".RALLYE_NO_PRICES_SELECTED_2."</a>".RALLYE_NO_PRICES_SELECTED_3;
+ $content = RALLYE_NO_PRICES_SELECTED_1."<a href=\"{!URL!}/modules.php?module=admin&what=config_rallye_prices&rallye=".REQUEST_GET('rallye')."\">".RALLYE_NO_PRICES_SELECTED_2."</a>".RALLYE_NO_PRICES_SELECTED_3;
LOAD_TEMPLATE("admin_settings_saved", false, $content);
}
}
- elseif (isset($_POST['del']))
+ elseif (REQUEST_ISSET_POST(('del')))
{
// Check if at last one line is selected
- $SEL = SELECTION_COUNT($_POST['sel']);
+ $SEL = SELECTION_COUNT(REQUEST_POST('sel'));
if ($SEL > 0)
{
// List all prices
$SW = 2; $OUT = "";
- foreach ($_POST['sel'] as $id => $sel)
+ foreach (REQUEST_POST('sel') as $id => $sel)
{
// Load data to selected rallye
$result = SQL_QUERY_ESC("SELECT rallye_id, price_level, points, info FROM `{!_MYSQL_PREFIX!}_rallye_prices` WHERE id=%s LIMIT 1",
define('__PRICE_ROWS', $OUT);
// Prepare data for the main template
- define('__RALLYE_ID', $_GET['rallye']);
+ define('__RALLYE_ID', REQUEST_GET('rallye'));
// Load main template
LOAD_TEMPLATE("admin_config_rallye_del");
else
{
// Nothing selected
- $content = RALLYE_NO_PRICES_SELECTED_1."<a href=\"{!URL!}/modules.php?module=admin&what=config_rallye_prices&rallye=".$_GET['rallye']."\">".RALLYE_NO_PRICES_SELECTED_2."</a>".RALLYE_NO_PRICES_SELECTED_3;
+ $content = RALLYE_NO_PRICES_SELECTED_1."<a href=\"{!URL!}/modules.php?module=admin&what=config_rallye_prices&rallye=".REQUEST_GET('rallye')."\">".RALLYE_NO_PRICES_SELECTED_2."</a>".RALLYE_NO_PRICES_SELECTED_3;
LOAD_TEMPLATE("admin_settings_saved", false, $content);
}
}
{
// a rallye was selected, so check if there are already prices assigned...
$result = SQL_QUERY_ESC("SELECT id, price_level, points, info FROM `{!_MYSQL_PREFIX!}_rallye_prices` WHERE rallye_id=%s ORDER BY price_level",
- array(bigintval($_GET['rallye'])), __FILE__, __LINE__);
+ array(bigintval(REQUEST_GET('rallye'))), __FILE__, __LINE__);
if (SQL_NUMROWS($result) > 0)
{
define('__PRICE_ROWS', $OUT);
// Prepare data for the main template
- define('__RALLYE_ID', $_GET['rallye']);
+ define('__RALLYE_ID', REQUEST_GET('rallye'));
// Load main template
LOAD_TEMPLATE("admin_config_rallye_prices");
}
// Add form for adding new price level
- if (empty($_POST['edit']))
- {
- LOAD_TEMPLATE("admin_add_rallye_prices", false, $_GET['rallye']);
+ if (!REQUEST_ISSET_POST(('edit'))) {
+ LOAD_TEMPLATE("admin_add_rallye_prices", false, REQUEST_GET('rallye'));
}
-}
- else
-{
+} else {
// No rallye selected so display all available without prices
$result = SQL_QUERY("SELECT d.id, d.admin_id, d.start_time, d.end_time, d.title, a.login, d.is_active
FROM `{!_MYSQL_PREFIX!}_rallye_data` AS d, `{!_MYSQL_PREFIX!}_admins` AS a
projects / mailer.git / blobdiff