More fixes, thanks to Piter01

[mailer.git] / inc / modules / admin / what-mem_add.php

diff --git a/inc/modules/admin/what-mem_add.php b/inc/modules/admin/what-mem_add.php
index 8c90ff9847c0231fbc9d8d54e2281ec275202480..d1d611cd900a7daa225c0164fd44c8ab3e44d134 100644 (file)
--- a/inc/modules/admin/what-mem_add.php
+++ b/inc/modules/admin/what-mem_add.php
@@ -33,13 +33,13 @@
  ************************************************************************/
 
 // Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
        $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
        require($INC);
 }
+
 // Add desciption as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
 
 // Check if the admin has entered title and what-php file name...
 if ((empty($_POST['title'])) && (isset($_POST['ok'])))
@@ -175,9 +175,7 @@ if (!isset($_POST['ok']))
        // Insert new menu entry
        if (!empty($_POST['menu']))
        {
-               $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_member_menu
-(action, what, title, visible, locked, sort)
-VALUES('%s', '%s', '%s', '%s', '%s', '%s')",
+               $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_member_menu (`action`,`what`,`title`,`visible`,`locked`,`sort`) VALUES ('%s','%s','%s','%s','%s','%s')",
  array(
        $_POST['menu'],
        $_POST['name'],
@@ -189,9 +187,7 @@ VALUES('%s', '%s', '%s', '%s', '%s', '%s')",
        }
         else
        {
-               $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_member_menu
-(action, title, visible, locked, sort)
-VALUES('%s', '%s', '%s', '%s', '%s')",
+               $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_member_menu (`action`,`title`,`visible`,`locked`,`sort`) VALUES ('%s','%s','%s','%s','%s')",
  array(
        $_POST['name'],
        $_POST['title'],