SQL error fixed, query optimized

[mailer.git] / inc / modules / admin / what-config_rallye_prices.php

diff --git a/inc/modules/admin/what-config_rallye_prices.php b/inc/modules/admin/what-config_rallye_prices.php
index ddb605da4974e3274ba793bb252cefd1ced84f9c..f21bad00b33d7e39aa4dc7eef2c6c3fbc043c6e0 100644 (file)
--- a/inc/modules/admin/what-config_rallye_prices.php
+++ b/inc/modules/admin/what-config_rallye_prices.php
@@ -44,12 +44,12 @@ if ((!defined('__SECURITY')) || (!isAdmin())) {
 // Add description as navigation point
 addMenuDescription('admin', __FILE__);
 
-if (isGetRequestElementSet(('rallye'))) {
+if (isGetRequestElementSet('rallye')) {
        // Price submitted?
        if (isPostRequestElementSet('add')) {
                if ((isPostRequestElementSet(('level'))) && ((isPostRequestElementSet(('points'))) || (isPostRequestElementSet(('info'))))) {
                        // Submitted data is valid, but maybe we already have this price level?
-                       $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_rallye_prices` WHERE rallye_id=%s AND price_level='%s' LIMIT 1",
+                       $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_rallye_prices` WHERE `rallye_id`=%s AND `price_level`='%s' LIMIT 1",
                        array(bigintval(getRequestElement('rallye')), bigintval(postRequestElement('level'))), __FILE__, __LINE__);
 
                        if (SQL_NUMROWS($result) == 0) {
@@ -57,10 +57,10 @@ if (isGetRequestElementSet(('rallye'))) {
                                SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_rallye_prices` (rallye_id, price_level, points, info)
 VALUES ('%s','%s','%s','%s')",
                                array(
-                               bigintval(getRequestElement('rallye')),
-                               bigintval(postRequestElement('level')),
-                               postRequestElement('points'),
-                               postRequestElement('info')
+                                       bigintval(getRequestElement('rallye')),
+                                       bigintval(postRequestElement('level')),
+                                       postRequestElement('points'),
+                                       postRequestElement('info')
                                ), __FILE__, __LINE__);
                                loadTemplate('admin_settings_saved', false, getMessage('RALLYE_PRICE_LEVEL_SAVED'));
                        } else {
@@ -89,18 +89,27 @@ VALUES ('%s','%s','%s','%s')",
        } elseif (isPostRequestElementSet('change')) {
                // Change entries
                foreach (postRequestElement('level') as $id => $level) {
-                       // Secure ID
+                       // Secure id
                        $id = bigintval($id);
 
                        // Update entry
-                       SQL_QUERY_ESC("UPDATE `{?_MYSQL_PREFIX?}_rallye_prices` SET rallye_id=%s, price_level='%s', points='%s', info='%s' WHERE `id`=%s LIMIT 1",
-                       array(
-                       postRequestElement('rallye_id', $id),
-                       bigintval($level),
-                       postRequestElement('points', $id),
-                       postRequestElement('infos', $id),
-                       $id
-                       ), __FILE__, __LINE__);
+                       SQL_QUERY_ESC("UPDATE
+       `{?_MYSQL_PREFIX?}_rallye_prices`
+SET
+       `rallye_id`=%s,
+       `price_`level``='%s',
+       `points`='%s',
+       `info`='%s'
+WHERE
+       `id`=%s
+LIMIT 1",
+                               array(
+                                       postRequestElement('rallye_id', $id),
+                                       bigintval($level),
+                                       postRequestElement('points', $id),
+                                       postRequestElement('infos', $id),
+                                       $id
+                               ), __FILE__, __LINE__);
                }
 
                // Output message
@@ -116,7 +125,7 @@ VALUES ('%s','%s','%s','%s')",
                        foreach (postRequestElement('sel') as $id => $sel) {
                                // Load data to selected rallye
                                $result = SQL_QUERY_ESC("SELECT rallye_id, price_level, points, info FROM `{?_MYSQL_PREFIX?}_rallye_prices` WHERE `id`=%s LIMIT 1",
-                               array(bigintval($id)), __FILE__, __LINE__);
+                                       array(bigintval($id)), __FILE__, __LINE__);
                                list($rallye, $level, $points, $infos) = SQL_FETCHROW($result);
                                SQL_FREERESULT($result);
 
@@ -124,7 +133,7 @@ VALUES ('%s','%s','%s','%s')",
                                $content = array(
                                        'sw'      => $SW,
                                        'id'      => $id,
-                                       'rallyes' => generateOptionList("rallye_data", 'id', "title", $rallye),
+                                       'rallyes' => generateOptionList('rallye_data', 'id', 'title', $rallye),
                                        'level'   => $level,
                                        'points'  => $points,
                                        'infos'   => $infos,
@@ -154,8 +163,8 @@ VALUES ('%s','%s','%s','%s')",
                        $OUT = ''; $SW = 2;
                        foreach (postRequestElement('sel') as $id => $sel) {
                                // Load data to selected rallye
-                               $result = SQL_QUERY_ESC("SELECT rallye_id, price_level, points, info FROM `{?_MYSQL_PREFIX?}_rallye_prices` WHERE `id`=%s LIMIT 1",
-                               array(bigintval($id)), __FILE__, __LINE__);
+                               $result = SQL_QUERY_ESC("SELECT `rallye_id`, `price_level`, `points`, `info` FROM `{?_MYSQL_PREFIX?}_rallye_prices` WHERE `id`=%s LIMIT 1",
+                                       array(bigintval($id)), __FILE__, __LINE__);
                                list($rallye, $level, $points, $infos) = SQL_FETCHROW($result);
                                SQL_FREERESULT($result);
 
@@ -188,7 +197,7 @@ VALUES ('%s','%s','%s','%s')",
                }
        } else {
                // a rallye was selected, so check if there are already prices assigned...
-               $result = SQL_QUERY_ESC("SELECT `id`, `price_level`, points`, `info` FROM `{?_MYSQL_PREFIX?}_rallye_prices` WHERE `rallye_id`=%s ORDER BY `price_level` ASC",
+               $result = SQL_QUERY_ESC("SELECT `id`, `price_level`, `points`, `info` FROM `{?_MYSQL_PREFIX?}_rallye_prices` WHERE `rallye_id`=%s ORDER BY `price_level` ASC",
                        array(bigintval(getRequestElement('rallye'))), __FILE__, __LINE__);
 
                if (SQL_NUMROWS($result) > 0) {
@@ -247,17 +256,13 @@ ORDER BY
                // List found rallyes
                $OUT = ''; $SW = 2;
                while ($content = SQL_FETCHARRAY($result)) {
-                       $select = "<input type=\"checkbox\" name=\"sel[".$content['id']."]\" class=\"admin_normal\" value=\"1\">";
-                       if ($content['is_active'] == 'Y') $select = "<div class=\"big\">".$content['id']."</div>";
-
                        // Prepare data for the row template
                        $content = array(
                                'sw'         => $SW,
                                'id'         => $content['id'],
-                               'select'     => $select,
                                'title'      => $content['title'],
                                'admin_id'   => $content['admin_id'],
-                               'email_link' => generateEmailLink($content['admin_id']),
+                               'admin_link' => generateAdminLink($content['admin_id']),
                                'login'      => $content['login'],
                                'start'      => generateDateTime($content['start_time'], 3),
                                'end'        => generateDateTime($content['end_time'], 3),