************************************************************************/
// Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
-// Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
-OPEN_TABLE("100%", "admin_content admin_content_align", "");
-global $link;
+// Add description as navigation point
+ADD_DESCR("admin", __FILE__);
-if ((isset($_POST['ok'])) && (empty($_POST['id'])))
-{
- unset($_POST['ok']);
+if ((IS_FORM_SENT()) && (!REQUEST_ISSET_POST(('id')))) {
+ REQUEST_UNSET_POST('ok');
}
-$result = SQL_QUERY("SELECT id, sender, subject, payment_id, cat_id FROM "._MYSQL_PREFIX."_pool ORDER BY timestamp", __FILE__, __LINE__);
-if (SQL_NUMROWS($result) > 0)
-{
- if (isset($_POST['ok']))
- {
+$result = SQL_QUERY("SELECT id, sender, subject, payment_id, cat_id FROM `{!_MYSQL_PREFIX!}_pool` ORDER BY timestamp", __FILE__, __LINE__);
+if (SQL_NUMROWS($result) > 0) {
+ if (IS_FORM_SENT()) {
// Make mail editable...
- $result = SQL_QUERY_ESC("SELECT subject, text, url FROM "._MYSQL_PREFIX."_pool WHERE id=%d LIMIT 1",
- array(bigintval($_POST['id'])), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT subject, text, url FROM `{!_MYSQL_PREFIX!}_pool` WHERE id=%s LIMIT 1",
+ array(bigintval(REQUEST_POST('id'))), __FILE__, __LINE__);
list($subj, $text, $url) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
- define('__ID_VALUE' , $_POST['id']);
+ // @TODO More constants to rewrite
+ define('__ID_VALUE' , REQUEST_POST('id'));
define('__URL_VALUE' , $url);
define('__SUBJ_VALUE', $subj);
define('__TEXT_VALUE', $text);
// Load template
LOAD_TEMPLATE("admin_edit_email");
- }
- elseif (!empty($_POST['save']))
- {
+ } elseif (REQUEST_ISSET_POST(('save'))) {
// Save changes
- if (!empty($SQL))
- {
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_pool SET
+ SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_pool` SET
subject='%s',
text='%s',
url='%s'
-WHERE id=%d LIMIT 1",
+WHERE id=%s LIMIT 1",
array(
- addslashes($_POST['subj']),
- addslashes($_POST['text']),
- addslashes($_POST['url']),
- bigintval($_POST['id']),
+ REQUEST_POST('subj'),
+ REQUEST_POST('text'),
+ REQUEST_POST('url'),
+ bigintval(REQUEST_POST('id')),
), __FILE__, __LINE__);
- if (SQL_AFFECTEDROWS($link, __FILE__, __LINE__) == 1)
- {
- $content = "<SPAN class=\"admin_done\">".SETTINGS_SAVED."</SPAN>";
- }
- else
- {
- $content = "<SPAN class=\"admin_failed\">".SETTINGS_NOT_SAVED."</SPAN>";
- }
- }
- else
- {
- $content = "<SPAN class=\"admin_failed\">".SETTINGS_NOT_SAVED."</SPAN>";
+
+ if (SQL_AFFECTEDROWS() == 1) {
+ $content = getMessage('SETTINGS_SAVED');
+ } else {
+ $content = "<span class=\"admin_failed\">{--SETTINGS_NOT_SAVED--}</span>";
}
// Display message
LOAD_TEMPLATE("admin_settings_saved", false, $content);
- }
- else
- {
+ } else {
// There are mail orders available
- $SW = 2; $OUT = "";
- while (list($id, $sender, $subj, $pay, $cat) = SQL_FETCHROW($result))
- {
+ $OUT = ""; $SW = 2;
+ while ($content = SQL_FETCHARRAY($result)) {
// Prepare data for the row template
+ // @TODO Rewritings: subj->subject in template
$content = array(
'sw' => $SW,
- 'id' => $id,
- 'subj' => $subj,
- 'uid' => ADMIN_USER_PROFILE_LINK($sender),
- 'pay' => GET_PAYMENT($pay),
- 'cat' => GET_CATEGORY($cat),
+ 'id' => $content['id'],
+ 'subj' => $content['subject'],
+ 'uid' => ADMIN_USER_PROFILE_LINK($content['sender']),
+ 'pay' => GET_PAYMENT($content['payment_id']),
+ 'cat' => GET_CATEGORY($content['cat_id']),
);
// Load row template and switch colors
// Free memory
SQL_FREERESULT($result);
+
+ // @TODO Yet another constant to rewrite
define('__EMAIL_SELECT_ROWS', $OUT);
// Load email template
LOAD_TEMPLATE("admin_edit_email_select");
}
-}
- else
-{
+} else {
// No mail orders left in pool
- OUTPUT_HTML("<SPAN class=\"admin_failed\">".ADMIN_NO_MAILS_IN_POOL."</SPAN>");
+ LOAD_TEMPLATE("admin_settings_saved", false, "<span class=\"admin_failed\">{--ADMIN_NO_MAILS_IN_POOL--}</span>");
}
-CLOSE_TABLE();
+
//
?>