// Add description as navigation point
ADD_DESCR("admin", __FILE__);
-if ((isset($_POST['ok'])) && (empty($_POST['id']))) {
- unset($_POST['ok']);
+if ((IS_FORM_SENT()) && (!REQUEST_ISSET_POST(('id')))) {
+ REQUEST_UNSET_POST('ok');
}
$result = SQL_QUERY("SELECT id, sender, subject, payment_id, cat_id FROM `{!_MYSQL_PREFIX!}_pool` ORDER BY timestamp", __FILE__, __LINE__);
if (SQL_NUMROWS($result) > 0) {
- if (isset($_POST['ok'])) {
+ if (IS_FORM_SENT()) {
// Make mail editable...
$result = SQL_QUERY_ESC("SELECT subject, text, url FROM `{!_MYSQL_PREFIX!}_pool` WHERE id=%s LIMIT 1",
- array(bigintval($_POST['id'])), __FILE__, __LINE__);
+ array(bigintval(REQUEST_POST('id'))), __FILE__, __LINE__);
list($subj, $text, $url) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
- define('__ID_VALUE' , $_POST['id']);
+ define('__ID_VALUE' , REQUEST_POST('id'));
define('__URL_VALUE' , $url);
define('__SUBJ_VALUE', $subj);
define('__TEXT_VALUE', $text);
// Load template
LOAD_TEMPLATE("admin_edit_email");
- } elseif (!empty($_POST['save'])) {
+ } elseif (REQUEST_ISSET_POST(('save'))) {
// Save changes
SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_pool` SET
subject='%s',
url='%s'
WHERE id=%s LIMIT 1",
array(
- $_POST['subj'],
- $_POST['text'],
- $_POST['url'],
- bigintval($_POST['id']),
+ REQUEST_POST('subj'),
+ REQUEST_POST('text'),
+ REQUEST_POST('url'),
+ bigintval(REQUEST_POST('id')),
), __FILE__, __LINE__);
if (SQL_AFFECTEDROWS() == 1) {