************************************************************************/
// Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
+
// Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
if (empty($_GET['do'])) unset($_GET['do']);
-if (((empty($_POST['t_wait'])) || (empty($_POST['payment']))) && (!empty($_GET['do'])) && ($_GET['do'] == "add"))
-{
+
+if (((empty($_POST['t_wait'])) || (empty($_POST['payment']))) && (!empty($_GET['do'])) && ($_GET['do'] == "add")) {
unset($_POST['ok']);
}
-if (isset($_POST['ok']))
-{
+if (isset($_POST['ok'])) {
$SQL = array();
- switch ($_GET['do'])
- {
+ switch ($_GET['do']) {
case "add":
- $SQL[] = "INSERT INTO "._MYSQL_PREFIX."_payments (time, payment, mail_title, price) VALUES ('".$_POST['t_wait']."', '".$_POST['payment']."', '".$_POST['title']."', '".$_POST['price']."')";
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_payments WHERE time='%s' LIMIT 1",
+ $SQLs[] = "INSERT INTO `{!MYSQL_PREFIX!}_payments` (time, payment, mail_title, price) VALUES ('".$_POST['t_wait']."','".$_POST['payment']."','".$_POST['title']."','".$_POST['price']."')";
+ $result = SQL_QUERY_ESC("SELECT id FROM `{!MYSQL_PREFIX!}_payments` WHERE time='%s' LIMIT 1",
array($_POST['t_wait']), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
+ if (SQL_NUMROWS($result) == 1) {
// Free memory
- $SQL[0] = "";
+ $SQLs[0] = "";
SQL_FREERESULT($result);
}
break;
case "edit":
- foreach ($_POST['time'] as $id=>$value)
- {
- $SQL[] = "UPDATE "._MYSQL_PREFIX."_payments SET time='".$value."', payment='".$_POST['pay'][$id]."', price='".$_POST['price'][$id]."', mail_title='".$_POST['title'][$id]."' WHERE id='".$id."' LIMIT 1";
+ foreach ($_POST['time'] as $id => $value) {
+ $SQLs[] = "UPDATE `{!MYSQL_PREFIX!}_payments` SET time='".$value."', payment='".$_POST['pay'][$id]."', price='".$_POST['price'][$id]."', mail_title='".$_POST['title'][$id]."' WHERE id='".$id."' LIMIT 1";
}
break;
case "del":
- foreach ($_POST['id'] as $id=>$value)
- {
- $SQL[] = "DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_payments WHERE id='".$id."' LIMIT 1";
+ foreach ($_POST['id'] as $id => $value) {
+ $SQLs[] = "DELETE LOW_PRIORITY FROM `{!MYSQL_PREFIX!}_payments` WHERE id='".$id."' LIMIT 1";
}
break;
}
- // Daten abspeichern
- if ((count($SQL) > 0) || (!empty($SQL[0])))
- {
- foreach ($SQL as $s)
- {
- if (!empty($s))
- {
- // Only run non-empty strings
- $result = SQL_QUERY(trim($s), __FILE__, __LINE__);
- if (empty($content))
- {
- if (SQL_AFFECTEDROWS() == 1)
- {
- $content = "<SPAN class=\"admin_done\">".SETTINGS_SAVED."</SPAN>";
- }
- else
- {
- $content = "<SPAN class=\"admin_failed\">".SETTINGS_NOT_SAVED."</SPAN>";
- }
- }
- }
- }
- }
- else
- {
- $content = "<SPAN class=\"admin_failed\">".SETTINGS_NOT_SAVED."</SPAN>";
+
+ // Save settings
+ if (count($SQLs) > 0) {
+ // Run all queries
+ RUN_FILTER('run_sqls', array('dry_run' => false, 'sqls' => $SQLs));
+ $content = "<span class=\"admin_failed\">".SETTINGS_SAVED."</span>";
+ } else {
+ // Nothing has changed!
+ $content = "<span class=\"admin_failed\">".SETTINGS_NOT_SAVED."</span>";
}
+
+ // Output template
LOAD_TEMPLATE("admin_settings_saved", false, $content);
-}
- elseif ((isset($_POST['del'])) && (SELECTION_COUNT($_POST['sel']) > 0))
-{
+} elseif ((isset($_POST['del'])) && (SELECTION_COUNT($_POST['sel']) > 0)) {
// Delete entries here
$SW = 2; $OUT = "";
- foreach ($_POST['sel'] as $id=>$value)
- {
- $result = SQL_QUERY_ESC("SELECT time, mail_title FROM "._MYSQL_PREFIX."_payments WHERE id=%s LIMIT 1",
- array(bigintval($id)), __FILE__, __LINE__);
+ foreach ($_POST['sel'] as $id => $value) {
+ $result = SQL_QUERY_ESC("SELECT time, mail_title FROM `{!MYSQL_PREFIX!}_payments` WHERE id=%s LIMIT 1",
+ array(bigintval($id)), __FILE__, __LINE__);
list($time, $title) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
// Load main template
LOAD_TEMPLATE("admin_del_payments");
-}
- elseif ((isset($_POST['edit'])) && (SELECTION_COUNT($_POST['sel']) > 0))
-{
+} elseif ((isset($_POST['edit'])) && (SELECTION_COUNT($_POST['sel']) > 0)) {
// Edit entries
$SW = 2; $OUT = "";
- foreach ($_POST['sel'] as $id=>$value)
- {
- $result = SQL_QUERY_ESC("SELECT time, payment, mail_title, price FROM "._MYSQL_PREFIX."_payments WHERE id=%s LIMIT 1",
+ foreach ($_POST['sel'] as $id => $value) {
+ $result = SQL_QUERY_ESC("SELECT time, payment, mail_title, price FROM `{!MYSQL_PREFIX!}_payments` WHERE id=%s LIMIT 1",
array(bigintval($id)), __FILE__, __LINE__);
list($time, $pay, $title, $price) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
// Load main template
LOAD_TEMPLATE("admin_edit_payments");
-}
- else
-{
- // Referral levels
- $result = SQL_QUERY("SELECT id, time, payment, mail_title, price FROM "._MYSQL_PREFIX."_payments ORDER BY time", __FILE__, __LINE__);
- if (SQL_NUMROWS($result) > 0)
- {
- // Make referral levels editable and deletable
+} else {
+ // Referal levels
+ $result = SQL_QUERY("SELECT id, time, payment, mail_title, price FROM `{!MYSQL_PREFIX!}_payments` ORDER BY time", __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) > 0) {
+ // Make referal levels editable and deletable
$SW = 2; $OUT = "";
// List already existing categories for editing
- while (list($id, $time, $pay, $title, $price) = SQL_FETCHROW($result))
- {
+ while (list($id, $time, $pay, $title, $price) = SQL_FETCHROW($result)) {
$pay = TRANSLATE_COMMA($pay);
$price = TRANSLATE_COMMA($price);
LOAD_TEMPLATE("admin_list_payments");
}
- // Form for adding new referral levels
+ // Form for adding new referal levels
LOAD_TEMPLATE("admin_add_payment");
}
projects / mailer.git / blobdiff