Security line in all includes changed

[mailer.git] / inc / modules / admin / what-list_surfbar_urls.php

diff --git a/inc/modules/admin/what-list_surfbar_urls.php b/inc/modules/admin/what-list_surfbar_urls.php
index 9911842e84b83a8f333170385be6ed6e3c31eeaa..67a6ce9797d07eaa78ec9632317bcdd3370dad54 100644 (file)
--- a/inc/modules/admin/what-list_surfbar_urls.php
+++ b/inc/modules/admin/what-list_surfbar_urls.php
@@ -32,7 +32,7 @@
  ************************************************************************/
 
 // Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!is_admin())) {
+if ((!defined('__SECURITY')) || (!is_admin())) {
        $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
        require($INC);
 } // END - if
@@ -45,25 +45,59 @@ $show = true;
 
 // Edit or delete button hit?
 if (isset($_POST['edit'])) {
-       // Delete entries (with confirmation)
+       // Show entries for editing
        ADMIN_EDIT_ENTRIES_CONFIRM(
                $_POST['id'],
                "surfbar_urls",
-               array("id", "url", "reward", "costs"),
-               array("bigintval", "", "TRANSLATE_COMMA", "TRANSLATE_COMMA"),
-               array("", "", "")
+               array("id", "userid", "url", "reward", "costs"),
+               array("bigintval", "ADD_MEMBER_SELECTION_BOX", "", "TRANSLATE_COMMA", "TRANSLATE_COMMA"),
+               array("", array(false, true, true), "", "", "")
        );
        $show = false;
 } elseif (isset($_POST['do_edit'])) {
-       // Delete entries (with confirmation)
-       ADMIN_EDIT_ENTRIES_CONFIRM($_POST['id'], "surfbar_urls", array(), array(), array(), true);
+       // Change data of entries
+       ADMIN_EDIT_ENTRIES_CONFIRM(
+               $_POST['id'],
+               "surfbar_urls",
+               array("", ""),
+               array('reward' => "REVERT_COMMA", 'costs' => "REVERT_COMMA"),
+               array('reward' => "", 'costs' => ""),
+               true
+       );
 } elseif (isset($_POST['delete'])) {
-       // Delete entries (with confirmation)
-       ADMIN_DELETE_ENTRIES_CONFIRM($_POST['id'], "surfbar_urls", array("id", "url", "registered"), array("bigintval", "", "MAKE_DATETIME"), array("", "", "2"));
+       // Show entries for deletion
+       ADMIN_DELETE_ENTRIES_CONFIRM(
+               $_POST['id'],
+               "surfbar_urls",
+               array("id", "userid", "url", "registered"),
+               array("bigintval", "ADMIN_USER_PROFILE_LINK", "FRAMETESTER", "MAKE_DATETIME"),
+               array("", "", "", "2")
+       );
        $show = false;
-} elseif (isset($_POST['remove'])) {
-       // Delete entries (with confirmation)
+} elseif (isset($_POST['do_delete'])) {
+       // Remove entries from database
        ADMIN_DELETE_ENTRIES_CONFIRM($_POST['id'], "surfbar_urls", array(), array(), array(), true);
+} elseif (isset($_POST['lock'])) {
+       // Un-/lock selected URLs. This does not work for pending URLs
+       ADMIN_LOCK_ENTRIES_CONFIRM(
+               $_POST['id'],
+               "surfbar_urls",
+               array("id", "userid", "url", "registered", "status"),
+               array("bigintval", "ADMIN_USER_PROFILE_LINK", "FRAMETESTER", "MAKE_DATETIME", "SURFBAR_TRANSLATE_STATUS"),
+               array("", "", "", "2", "")
+       );
+       $show = false;
+} elseif (isset($_POST['do_lock'])) {
+       // Un-/lock selected URLs. This does not work for pending URLs
+       ADMIN_LOCK_ENTRIES_CONFIRM(
+               $_POST['id'],
+               "surfbar_urls",
+               array(),
+               array(),
+               array(),
+               array("status" => array("CONFIRMED" => "LOCKED", "LOCKED" => "CONFIRMED")),
+               true
+       );
 }
 
 // Show entries?