ADD_DESCR("admin", __FILE__);
// Check if the admin has entered title and what-php file name...
-if ((empty($_POST['title'])) && (isset($_POST['ok']))) {
- unset($_POST['ok']);
+if ((!REQUEST_ISSET_POST(('title'))) && (IS_FORM_SENT())) {
+ REQUEST_UNSET_POST('ok');
}
-if (!isset($_POST['ok'])) {
+if (!IS_FORM_SENT()) {
// Create arrays
$menus = array(); $titles = array(); $below = array();
// Load sub menus :)
foreach ($menus as $key_main => $value_main) {
- $result = SQL_QUERY_ESC("SELECT what, title, sort FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE action='%s' AND `what` != '' ORDER BY `sort`",
+ $result = SQL_QUERY_ESC("SELECT what, title, sort FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE `action`='%s' AND `what` != '' ORDER BY `sort`",
array($value_main), __FILE__, __LINE__);
if (SQL_NUMROWS($result) > 0) {
// Initialize arrays
LOAD_TEMPLATE("admin_member_add");
} elseif (!IS_DEMO()) {
// Insert new menu entry
- if (!empty($_POST['menu']))
+ if (REQUEST_ISSET_POST(('menu')))
{
SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_member_menu` (`action`,`what`,`title`,`visible`,`locked`,`sort`) VALUES ('%s','%s','%s','%s','%s','%s')",
array(
- $_POST['menu'],
- $_POST['name'],
- $_POST['title'],
- $_POST['visible'],
- $_POST['active'],
- bigintval($_POST['sort']),
+ REQUEST_POST('menu'),
+ REQUEST_POST('name'),
+ REQUEST_POST('title'),
+ REQUEST_POST('visible'),
+ REQUEST_POST('active'),
+ bigintval(REQUEST_POST('sort')),
), __FILE__, __LINE__);
} else {
SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_member_menu` (`action`,`title`,`visible`,`locked`,`sort`) VALUES ('%s','%s','%s','%s','%s')",
array(
- $_POST['name'],
- $_POST['title'],
- $_POST['visible'],
- $_POST['active'],
- bigintval($_POST['sort']),
+ REQUEST_POST('name'),
+ REQUEST_POST('title'),
+ REQUEST_POST('visible'),
+ REQUEST_POST('active'),
+ bigintval(REQUEST_POST('sort')),
), __FILE__, __LINE__);
}
LOAD_TEMPLATE("admin_settings_saved", false, getMessage('SETTINGS_SAVED'));