Fix for newsletter

[mailer.git] / inc / modules / admin / what-mem_add.php

diff --git a/inc/modules/admin/what-mem_add.php b/inc/modules/admin/what-mem_add.php
index eaef1cdfdb0c442220e104825b4b6d148e8a4984..60ff92960f2326af97efbd9943c1b949fb433bbf 100644 (file)
--- a/inc/modules/admin/what-mem_add.php
+++ b/inc/modules/admin/what-mem_add.php
@@ -33,16 +33,13 @@
  ************************************************************************/
 
 // Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
        $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
        require($INC);
 }
+
 // Add desciption as navigation point
 ADD_DESCR("admin", basename(__FILE__));
-OUTPUT_HTML("</FONT><br />");
-
-OPEN_TABLE("100%", "admin_content admin_content_align", "");
 
 // Check if the admin has entered title and what-php file name...
 if ((empty($_POST['title'])) && (isset($_POST['ok'])))
@@ -77,7 +74,7 @@ if (!isset($_POST['ok']))
 
                // Remove double eintries
                $prev = ""; $dmy = $menus; $dmy2 = $titles; $dmy3 = $below;
-               foreach ($menus as $key=>$value)
+               foreach ($menus as $key => $value)
                {
                        if ($value == $prev)
                        {
@@ -93,7 +90,7 @@ if (!isset($_POST['ok']))
                }
                $menus = $dmy; $titles = $dmy2; $below = $dmy3;
                // Load sub menus :)
-               foreach ($menus as $key_main=>$value_main)
+               foreach ($menus as $key_main => $value_main)
                {
                        $result = SQL_QUERY_ESC("SELECT what, title, sort FROM "._MYSQL_PREFIX."_member_menu WHERE action='%s' AND what != '' ORDER BY sort",
                         array($value_main), __FILE__, __LINE__);
@@ -122,7 +119,7 @@ if (!isset($_POST['ok']))
 
                                // Remove double eintries
                                $prev = ""; $dmy = $menus[$value_main]; $dmy2 = $titles[$value_main]; $dmy3 = $below[$value_main];
-                               foreach ($menus[$value_main] as $key=>$value)
+                               foreach ($menus[$value_main] as $key => $value)
                                {
                                        if ($value == $prev)
                                        {
@@ -142,14 +139,14 @@ if (!isset($_POST['ok']))
 
        $OUT = "<SELECT class=\"admin_select\" name=\"sort\" size=\"1\">
       <OPTION value=\"\">".IS_FIRST_MENU."</OPTION>";
-       foreach ($below as $key=>$m)
+       foreach ($below as $key => $m)
        {
                if (is_array($m))
                {
-                       foreach ($m as $key2=>$m2)
+                       foreach ($m as $key2 => $m2)
                        {
                                $OUT .= "      <OPTION value=\"".$m2."\">".$titles[$key][$key2];
-                               foreach ($menus as $k=>$v)
+                               foreach ($menus as $k => $v)
                                {
                                        if (($v == $key) && (!is_array($v)))
                                        {
@@ -179,8 +176,8 @@ if (!isset($_POST['ok']))
        if (!empty($_POST['menu']))
        {
                $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_member_menu
-(action, what, title, visible, locked, sort)
-VALUES('%s', '%s', '%s', '%s', '%s', '%s')",
+(`action`,`what`,`title`,`visible`,`locked`,`sort`)
+VALUES('%s','%s','%s','%s','%s','%s')",
  array(
        $_POST['menu'],
        $_POST['name'],
@@ -193,8 +190,8 @@ VALUES('%s', '%s', '%s', '%s', '%s', '%s')",
         else
        {
                $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_member_menu
-(action, title, visible, locked, sort)
-VALUES('%s', '%s', '%s', '%s', '%s')",
+(`action`,`title`,`visible`,`locked`,`sort`)
+VALUES('%s','%s','%s','%s','%s')",
  array(
        $_POST['name'],
        $_POST['title'],
@@ -211,6 +208,5 @@ VALUES('%s', '%s', '%s', '%s', '%s')",
        LOAD_TEMPLATE("admin_settings_saved", false, SETTINGS_NOT_SAVED);
 }
 
-CLOSE_TABLE();
 //
 ?>