************************************************************************/
// Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
+
// Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
// Do we edit/delete/change main menus or sub menus?
-$AND = "what = ''"; $SUB = "";
+$AND = "(`what` = '' OR `what` IS NULL)"; $SUB = "";
-if (!empty($_GET['sub']))
-{
- $AND = sprintf("action='%s'", SQL_ESCAPE($_GET['sub']));
- $SUB = SQL_ESCAPE($_GET['sub']);
+if (REQUEST_ISSET_GET(('sub'))) {
+ $AND = sprintf("action='%s' AND `what` IS NOT NULL", REQUEST_GET(('sub')));
+ $SUB = REQUEST_GET(('sub'));
}
// Get count of (maybe) selected menu points
$chk = 0;
-if (!empty($_POST['sel'])) $chk = SELECTION_COUNT($_POST['sel']);
+if (REQUEST_ISSET_POST('sel')) $chk = SELECTION_COUNT(REQUEST_POST('sel'));
// List all menu points and make them editable
-if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO()))
-{
+if ((REQUEST_ISSET_POST('edit')) && ($chk > 0) && (!IS_DEMO())) {
// Edit menu entries
define('__SUB_VALUE', $SUB);
define('__CHK_VALUE', $chk);
$SW = 2; $cnt = 0; $OUT = "";
- foreach ($_POST['sel'] as $sel => $confirm)
- {
- if ($confirm == 1)
- {
+ foreach (REQUEST_POST('sel') as $sel => $confirm) {
+ if ($confirm == 1) {
$cnt++;
- $result = SQL_QUERY_ESC("SELECT title, action, what, descr FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND id=%s LIMIT 1",
- array(bigintval($sel)), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
+ $result = SQL_QUERY_ESC("SELECT title, action, what FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE ".$AND." AND id=%s LIMIT 1",
+ array(bigintval($sel)), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1) {
// Entry found so we load the stuff...
list($menu, $act, $wht, $descr) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
'sel' => $sel,
'menu' => $menu,
'sw' => $SW,
- 'act' => ADMIN_MAKE_MENU_SELECTION("member", "act", "sel_act[".$sel."]", $act),
+ 'act' => ADMIN_MAKE_MENU_SELECTION("member", "act", "sel_act[".$sel."]", $act),
'what' => ADMIN_MAKE_MENU_SELECTION("member", "what", "sel_what[".$sel."]", $wht),
);
// Load template
$OUT .= LOAD_TEMPLATE("admin_mmenu_edit_row", true, $content);
- }
- else
- {
+ } else {
// Entry not found?
$content = array(
'sw' => $SW,
// Load template
LOAD_TEMPLATE("admin_mmenu_edit");
-}
- elseif ((isset($_POST['del'])) && ($chk > 0) && (!IS_DEMO()))
-{
+} elseif ((REQUEST_ISSET_POST('del')) && ($chk > 0) && (!IS_DEMO())) {
// Del menu entries with or without confirmation
define('__SUB_VALUE', $SUB);
define('__CHK_VALUE', $chk);
$SW = 2; $cnt = 0; $OUT = "";
- foreach ($_POST['sel'] as $sel => $confirm)
- {
- if ($confirm == 1)
- {
+ foreach (REQUEST_POST('sel') as $sel => $confirm) {
+ if ($confirm == 1) {
$cnt++;
- $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND id=%s LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT title FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE ".$AND." AND id=%s LIMIT 1",
array(bigintval($sel)), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1)
{
// Load template
LOAD_TEMPLATE("admin_mmenu_delete");
-}
- elseif ((isset($_POST['status'])) && ($chk > 0) && (!IS_DEMO()))
-{
+} elseif ((REQUEST_ISSET_POST(('status'))) && ($chk > 0) && (!IS_DEMO())) {
// Change status (visible / locked)
define('__SUB_VALUE', $SUB);
define('__CHK_VALUE', $chk);
$SW = 2; $cnt = 0; $OUT = "";
- foreach ($_POST['sel'] as $sel => $confirm)
- {
- if ($confirm == 1)
- {
+ foreach (REQUEST_POST('sel') as $sel => $confirm) {
+ if ($confirm == 1) {
$cnt++;
- $result = SQL_QUERY_ESC("SELECT title, visible, locked FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND id=%s LIMIT 1",
- array(bigintval($sel)), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
+ $result = SQL_QUERY_ESC("SELECT title, visible, locked FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE ".$AND." AND id=%s LIMIT 1",
+ array(bigintval($sel)), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1) {
// Entry found so we load the stuff...
list($menu, $vis, $locked) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
define('__CNT_VALUE', $cnt);
//
LOAD_TEMPLATE("admin_mmenu_status");
-}
- elseif ((isset($_POST['ok'])) && (!IS_DEMO()))
-{
+} elseif ((IS_FORM_SENT()) && (!IS_DEMO())) {
// An act is done...
- foreach ($_POST['sel'] as $sel => $menu)
- {
- $AND = "what = ''";
+ foreach (REQUEST_POST('sel') as $sel => $menu) {
+ $AND = "(`what` = '' OR `what` IS NULL)";
$sel = bigintval($sel);
if (!empty($SUB)) $AND = "action='".$SUB."'";
- switch ($_POST['ok'])
+ switch (REQUEST_POST('ok'))
{
case "edit": // Edit menu
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET title='%s', action='%s', what='%s', descr='%s' WHERE ".$AND." AND id=%s LIMIT 1",
- array($menu, $_POST['sel_act'][$sel], $_POST['sel_what'][$sel], $_POST['sel_descr'][$sel], $sel), __FILE__, __LINE__);
+ SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_member_menu` SET `title`='%s', `action`='%s', `what`='%s' WHERE ".$AND." AND id=%s LIMIT 1",
+ array($menu, REQUEST_POST('sel_act', $sel), REQUEST_POST('sel_what', $sel), $sel), __FILE__, __LINE__);
break;
case "del": // Delete menu
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND id=%s LIMIT 1",
- array($sel), __FILE__, __LINE__);
+ SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE ".$AND." AND id=%s LIMIT 1",
+ array($sel), __FILE__, __LINE__);
break;
case "status": // Change status of menus
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET visible='%s', locked='%s' WHERE ".$AND." AND id=%s LIMIT 1",
- array($_POST['visible'][$sel], $_POST['locked'][$sel], $sel), __FILE__, __LINE__);
+ SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_member_menu` SET `visible`='%s', `locked`='%s' WHERE ".$AND." AND id=%s LIMIT 1",
+ array(REQUEST_POST('visible', $sel), REQUEST_POST('locked', $sel), $sel), __FILE__, __LINE__);
break;
}
break;
}
// Load template
- LOAD_TEMPLATE("admin_data_saved");
-}
- else
-{
- if ((!empty($_GET['act'])) && (!empty($_GET['tid'])) && (!empty($_GET['fid'])))
- {
+ LOAD_TEMPLATE("admin_settings_saved", false, getMessage('SETTINGS_SAVED'));
+} else {
+ if ((REQUEST_ISSET_GET(('act'))) && (REQUEST_ISSET_GET(('tid'))) && (REQUEST_ISSET_GET(('fid')))) {
+ // Init
+ $tid = ""; $fid = "";
+
// Get IDs
- if (!empty($_GET['w']))
- {
+ if (REQUEST_ISSET_GET(('w'))) {
// Sub menus selected
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_member_menu WHERE action='%s' AND sort='%s' LIMIT 1",
- array(bigintval($_GET['act']), bigintval($_GET['tid'])), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE `action`='%s' AND `sort`='%s' LIMIT 1",
+ array(bigintval(REQUEST_GET('act')), bigintval(REQUEST_GET('tid'))), __FILE__, __LINE__);
list($tid) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_member_menu WHERE action='%s' AND sort='%s' LIMIT 1",
- array(bigintval($_GET['act']), bigintval($_GET['fid'])), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE `action`='%s' AND `sort`='%s' LIMIT 1",
+ array(bigintval(REQUEST_GET('act')), bigintval(REQUEST_GET('fid'))), __FILE__, __LINE__);
list($fid) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
- }
- else
- {
+ } else {
// Main menu selected
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_member_menu WHERE (what='' OR what IS NULL) AND sort='%s' LIMIT 1",
- array(bigintval($_GET['tid'])), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE (what='' OR `what` IS NULL) AND `sort`='%s' LIMIT 1",
+ array(bigintval(REQUEST_GET('tid'))), __FILE__, __LINE__);
list($tid) = SQL_FETCHROW($result);
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_member_menu WHERE (what='' OR what IS NULL) AND sort='%s' LIMIT 1",
- array(bigintval($_GET['fid'])), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE (what='' OR `what` IS NULL) AND `sort`='%s' LIMIT 1",
+ array(bigintval(REQUEST_GET('fid'))), __FILE__, __LINE__);
list($fid) = SQL_FETCHROW($result);
}
- if ((!empty($tid)) && (!empty($fid)))
- {
+ if ((!empty($tid)) && (!empty($fid))) {
// Sort menu
- $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET sort='%s' WHERE ".$AND." AND id=%s LIMIT 1",
- array(bigintval($_GET['tid']), bigintval($fid)), __FILE__, __LINE__);
- $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET sort='%s' WHERE ".$AND." AND id=%s LIMIT 1",
- array(bigintval($_GET['fid']), bigintval($tid)), __FILE__, __LINE__);
- }
+ SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_member_menu` SET `sort`='%s' WHERE ".$AND." AND id=%s LIMIT 1",
+ array(bigintval(REQUEST_GET('tid')), bigintval($fid)), __FILE__, __LINE__);
+ SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_member_menu` SET `sort`='%s' WHERE ".$AND." AND id=%s LIMIT 1",
+ array(bigintval(REQUEST_GET('fid')), bigintval($tid)), __FILE__, __LINE__);
+ } // END - -fi
}
- if (!empty($SUB))
- {
+ if (!empty($SUB)) {
// Edit sub menus
- $result = SQL_QUERY("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND what != '' ORDER BY sort ASC", __FILE__, __LINE__);
- }
- else
- {
+ $result = SQL_QUERY("SELECT id, action, what, title, sort FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE ".$AND." AND `what` != '' AND `what` IS NOT NULL ORDER BY `sort` ASC", __FILE__, __LINE__);
+ } else {
// Edit main menus
- $result = SQL_QUERY("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_member_menu WHERE (what='' OR what IS NULL) ORDER BY sort ASC", __FILE__, __LINE__);
+ $result = SQL_QUERY("SELECT id, action, what, title, sort FROM `{!_MYSQL_PREFIX!}_member_menu` WHERE (what='' OR `what` IS NULL) ORDER BY `sort` ASC", __FILE__, __LINE__);
}
+
$max = SQL_NUMROWS($result);
- if ($max > 0)
- {
- $SUB = "";
- if (!empty($SUB)) $SUB = $SUB;
+ if ($max > 0) {
+ // Set sub value
+ // @TODO Rewrite this constant
define('__SUB_VALUE', $SUB);
$SW = 2; $cnt = 0; $OUT = "";
- while (list($id, $act, $wht, $title, $sort) = SQL_FETCHROW($result))
- {
+ while ($content = SQL_FETCHARRAY($result)) {
+ // Init navigation
+ $content['navi'] = "";
$cnt++;
- if (($sort == 0) || (($sort == 1) && (!empty($SUB))))
- {
+ if (($content['sort'] == 0) || (($content['sort'] == 1) && (!empty($SUB)))) {
// Is highest position
- $NAVI = "<A href=\"".URL."/modules.php?module=admin&what=memedit&sub=".$SUB."&act=".$act."&w=".$wht."&tid=".($sort+1)."&fid=".$sort."\">".LOWER."</A>";
- }
- elseif ($cnt == $max)
- {
+ $content['navi'] = "<a href=\"{!URL!}/modules.php?module=admin&what=memedit&sub={!__SUB_VALUE!}&act=".$content['action']."&w=".$content['what']."&tid=".($content['sort']+1)."&fid=".$content['sort']."\">{--LOWER--}</a>";
+ } elseif ($cnt == $max) {
// Is lowest position
- $NAVI = "<A href=\"".URL."/modules.php?module=admin&what=memedit&sub=".$SUB."&act=".$act."&w=".$wht."&tid=".($sort-1)."&fid=".$sort."\">".HIGHER."</A>";
- }
- elseif ($sort > 0)
- {
+ $content['navi'] = "<a href=\"{!URL!}/modules.php?module=admin&what=memedit&sub={!__SUB_VALUE!}&act=".$content['action']."&w=".$content['what']."&tid=".($content['sort']-1)."&fid=".$content['sort']."\">{--HIGHER--}</a>";
+ } elseif ($content['sort'] > 0) {
// Anything else between highest and lowest
- $NAVI = "<A href=\"".URL."/modules.php?module=admin&what=memedit&sub=".$SUB."&act=".$act."&w=".$wht."&tid=".($sort-1)."&fid=".$sort."\">".HIGHER."</A>/<A href=\"".URL."/modules.php?module=admin&what=memedit&sub=".$SUB."&act=".$act."&w=".$wht."&tid=".($sort+1)."&fid=".$sort."\">".LOWER."</A>";
+ $content['navi'] = "<a href=\"{!URL!}/modules.php?module=admin&what=memedit&sub={!__SUB_VALUE!}&act=".$content['action']."&w=".$content['what']."&tid=".($content['sort']-1)."&fid=".$content['sort']."\">{--HIGHER--}</a>/<a href=\"{!URL!}/modules.php?module=admin&what=memedit&sub={!__SUB_VALUE!}&act=".$content['action']."&w=".$content['what']."&tid=".($content['sort']+1)."&fid=".$content['sort']."\">{--LOWER--}</a>";
}
- if (empty($act)) $act = " ";
- if (empty($wht)) $wht = " ";
- if (empty($title)) $title = " ";
- $content = array(
- 'sw' => $SW,
- 'id' => $id,
- 'action' => $act,
- 'what' => $wht,
- 'title' => $title,
- 'navi' => $NAVI,
- 'mode' => "mem",
- );
+
+ // Fix empty values for Firefox
+ if (empty($content['action'])) $content['action'] = " ";
+ if (empty($content['what'])) $content['what'] = " ";
+ if (empty($content['title'])) $content['title'] = " ";
+
+ // Add more entries
+ $content['sw'] = $SW;
+ $content['mode'] = "mem";
+
+ // Load row template and switch color
$OUT .= LOAD_TEMPLATE("admin_menu_overview_row", true, $content);
$SW = 3 - $SW;
}
// Free memory
SQL_FREERESULT($result);
+
+ // @TODO Rewrite this constant
define('__MENU_ROWS', $OUT);
+
+ // Load main template
LOAD_TEMPLATE("admin_mmenu_overview");
- }
- else
- {
+ } else {
// Menu entries are missing... (???)
- LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_NO_MENUS_FOUND);
+ LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_NO_MENUS_FOUND'));
}
}
projects / mailer.git / blobdiff