]> git.mxchange.org Git - mailer.git/blobdiff - inc/modules/admin/what-config_register.php
projects / mailer.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fixes for stripped HTML tags, and false warnings in debug log
[mailer.git] / inc / modules / admin / what-config_register.php
diff --git a/inc/modules/admin/what-config_register.php b/inc/modules/admin/what-config_register.php
index 3dca07b7c99bfbae3717f3603c2097ef148d3576..be5aab4947c102c4ebddd9c8a6b92440368637da 100644 (file)
--- a/inc/modules/admin/what-config_register.php
+++ b/inc/modules/admin/what-config_register.php
@@ -32,40 +32,37 @@
  ************************************************************************/
 
 // Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
        $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
        require($INC);
 }
 
 // Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
 
 // Do we want to save changes?
-if (isset($_POST['ok']))
-{
-       foreach ($_POST['sel'] as $id=>$value)
-       {
-               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_must_register SET field_required='%s' WHERE id=%d AND field_required != '%s' LIMIT 1",
-                array($value, bigintval($id), $value),__FILE__, __LINE__);
+if (IS_FORM_SENT()) {
+       foreach (REQUEST_POST('sel') as $id => $value) {
+               SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_must_register` SET field_required='%s' WHERE id=%s AND field_required != '%s' LIMIT 1",
+                       array($value, bigintval($id), $value),__FILE__, __LINE__);
        }
-       LOAD_TEMPLATE ("admin_settings_saved", false, REGISTER_ADMIN_CHANGES_SAVED);
+       LOAD_TEMPLATE("admin_settings_saved", false, REGISTER_ADMIN_CHANGES_SAVED);
 }
 
 // List all register values
-$result = SQL_QUERY("SELECT id, field_name, field_required FROM "._MYSQL_PREFIX."_must_register ORDER BY id", __FILE__, __LINE__);
+$result = SQL_QUERY("SELECT id, field_name, field_required FROM `{!_MYSQL_PREFIX!}_must_register` ORDER BY `id`", __FILE__, __LINE__);
 $SW = 2; $OUT = "";
-while (list($id, $name, $required) = SQL_FETCHROW($result))
-{
-       $eval = "\$name = ".strtoupper($name).";";
-       eval($eval);
-       $OUT .= "<TR>
-  <TD align=\"center\" class=\"switch_sw".$SW." bottom2 right2\">".$id."</TD>
-  <TD class=\"switch_sw".$SW." bottom2 right2\">&nbsp;&nbsp;".$name."</TD>
-  <TD align=\"center\" class=\"switch_sw".$SW." bottom2 right2\">
+while (list($id, $name, $required) = SQL_FETCHROW($result)) {
+       // Get constant value
+       $name =  constant(strtoupper($name));
+
+       $OUT .= "<tr>
+  <td align=\"center\" class=\"switch_sw".$SW." bottom2 right2\">".$id."</td>
+  <td class=\"switch_sw".$SW." bottom2 right2\">&nbsp;&nbsp;".$name."</td>
+  <td align=\"center\" class=\"switch_sw".$SW." bottom2 right2\">
     ".ADD_SELECTION("yn", $required, "sel[".$id."]")."
-  </TD>
-</TR>\n";
+  </td>
+</tr>\n";
        $SW = 3 - $SW;
 }
 
Mailer-Project repository