************************************************************************/
// Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
+
// Add desciption as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
// Check if the admin has entered title and what-php file name...
if ((empty($_POST['title'])) && (isset($_POST['ok'])))
$menus = array(); $titles = array(); $below = array();
// Get all available main menus
- $result = SQL_QUERY("SELECT action, title, sort FROM "._MYSQL_PREFIX."_member_menu WHERE (what='' OR what IS NULL) ORDER BY sort", __FILE__, __LINE__);
+ $result = SQL_QUERY("SELECT action, title, sort FROM `"._MYSQL_PREFIX."_member_menu` WHERE (what='' OR what IS NULL) ORDER BY sort", __FILE__, __LINE__);
if (SQL_NUMROWS($result) > 0)
{
// Read menu structure
// Load sub menus :)
foreach ($menus as $key_main => $value_main)
{
- $result = SQL_QUERY_ESC("SELECT what, title, sort FROM "._MYSQL_PREFIX."_member_menu WHERE action='%s' AND what != '' ORDER BY sort",
+ $result = SQL_QUERY_ESC("SELECT what, title, sort FROM `"._MYSQL_PREFIX."_member_menu` WHERE action='%s' AND what != '' ORDER BY sort",
array($value_main), __FILE__, __LINE__);
if (SQL_NUMROWS($result) > 0)
{
}
}
- $OUT = "<SELECT class=\"admin_select\" name=\"sort\" size=\"1\">
- <OPTION value=\"\">".IS_FIRST_MENU."</OPTION>";
+ $OUT = "<select class=\"admin_select\" name=\"sort\" size=\"1\">
+ <option value=\"\">".IS_FIRST_MENU."</option>";
foreach ($below as $key => $m)
{
if (is_array($m))
{
foreach ($m as $key2 => $m2)
{
- $OUT .= " <OPTION value=\"".$m2."\">".$titles[$key][$key2];
+ $OUT .= " <option value=\"".$m2."\">".$titles[$key][$key2];
foreach ($menus as $k => $v)
{
if (($v == $key) && (!is_array($v)))
$OUT .= " (".$titles[$k].")";
}
}
- $OUT .= "</OPTION>\n";
+ $OUT .= "</option>\n";
}
}
else
{
- $OUT .= " <OPTION value=\"".$m."\">".$titles[$key]."</OPTION>\n";
+ $OUT .= " <option value=\"".$m."\">".$titles[$key]."</option>\n";
}
}
- $OUT .= "</SELECT>";
+ $OUT .= "</select>";
define('__BELOW_SELECTION' , $OUT);
define('__WHAT_SELECTION' , ADMIN_MAKE_MENU_SELECTION("member", "what", "name"));
// Insert new menu entry
if (!empty($_POST['menu']))
{
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_member_menu
-(action, what, title, visible, locked, sort)
-VALUES('%s', '%s', '%s', '%s', '%s', '%s')",
+ SQL_QUERY_ESC("INSERT INTO `"._MYSQL_PREFIX."_member_menu` (`action`,`what`,`title`,`visible`,`locked`,`sort`) VALUES ('%s','%s','%s','%s','%s','%s')",
array(
$_POST['menu'],
$_POST['name'],
}
else
{
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_member_menu
-(action, title, visible, locked, sort)
-VALUES('%s', '%s', '%s', '%s', '%s')",
+ SQL_QUERY_ESC("INSERT INTO `"._MYSQL_PREFIX."_member_menu` (`action`,`title`,`visible`,`locked`,`sort`) VALUES ('%s','%s','%s','%s','%s')",
array(
$_POST['name'],
$_POST['title'],