************************************************************************/
// Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
+
// Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
-if (empty($_GET['do'])) unset($_GET['do']);
-if (((empty($_POST['t_wait'])) || (empty($_POST['payment']))) && (!empty($_GET['do'])) && ($_GET['do'] == "add"))
-{
- unset($_POST['ok']);
+if (((!REQUEST_ISSET_POST(('t_wait'))) || (!REQUEST_ISSET_POST(('payment')))) && (REQUEST_ISSET_GET(('do'))) && (REQUEST_GET('do') == "add")) {
+ REQUEST_UNSET_POST('ok');
}
-if (isset($_POST['ok']))
-{
+if (IS_FORM_SENT()) {
$SQL = array();
- switch ($_GET['do'])
- {
+ switch (REQUEST_GET('do')) {
case "add":
- $SQL[] = "INSERT INTO "._MYSQL_PREFIX."_payments (time, payment, mail_title, price) VALUES ('".$_POST['t_wait']."', '".$_POST['payment']."', '".$_POST['title']."', '".$_POST['price']."')";
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_payments WHERE time='%s' LIMIT 1",
- array($_POST['t_wait']), __FILE__, __LINE__);
- if (SQL_NUMROWS($result) == 1)
- {
+ ADD_SQL("INSERT INTO `{!_MYSQL_PREFIX!}_payments` (time, payment, mail_title, price) VALUES ('".REQUEST_POST('t_wait')."','".REQUEST_POST('payment')."','".REQUEST_POST('title')."','".REQUEST_POST('price')."')");
+ $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_payments` WHERE time='%s' LIMIT 1",
+ array(REQUEST_POST('t_wait')), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1) {
+ // Re-init the array here
+ INIT_SQLS();
+
// Free memory
- $SQL[0] = "";
SQL_FREERESULT($result);
}
break;
case "edit":
- foreach ($_POST['time'] as $id => $value)
- {
- $SQL[] = "UPDATE "._MYSQL_PREFIX."_payments SET time='".$value."', payment='".$_POST['pay'][$id]."', price='".$_POST['price'][$id]."', mail_title='".$_POST['title'][$id]."' WHERE id='".$id."' LIMIT 1";
+ foreach (REQUEST_POST('time') as $id => $value) {
+ ADD_SQL("UPDATE `{!_MYSQL_PREFIX!}_payments` SET time='".$value."', payment='".REQUEST_POST('pay', $id)."', price='".REQUEST_POST('price', $id)."', mail_title='".REQUEST_POST('title', $id)."' WHERE id='".$id."' LIMIT 1");
}
break;
case "del":
- foreach ($_POST['id'] as $id => $value)
- {
- $SQL[] = "DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_payments WHERE id='".$id."' LIMIT 1";
+ foreach (REQUEST_POST('id') as $id => $value) {
+ ADD_SQL("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_payments` WHERE id='".$id."' LIMIT 1");
}
break;
}
- // Daten abspeichern
- if ((count($SQL) > 0) || (!empty($SQL[0])))
- {
- foreach ($SQL as $s)
- {
- if (!empty($s))
- {
- // Only run non-empty strings
- $result = SQL_QUERY(trim($s), __FILE__, __LINE__);
- if (empty($content))
- {
- if (SQL_AFFECTEDROWS() == 1)
- {
- $content = "<SPAN class=\"admin_done\">".SETTINGS_SAVED."</SPAN>";
- }
- else
- {
- $content = "<SPAN class=\"admin_failed\">".SETTINGS_NOT_SAVED."</SPAN>";
- }
- }
- }
- }
- }
- else
- {
- $content = "<SPAN class=\"admin_failed\">".SETTINGS_NOT_SAVED."</SPAN>";
+
+ // Save settings
+ if (COUNT_SQLS() > 0) {
+ // Run all queries
+ RUN_FILTER('run_sqls', array('dry_run' => false));
+ $content = "<span class=\"admin_failed\">".SETTINGS_SAVED."</span>";
+ } else {
+ // Nothing has changed!
+ $content = "<span class=\"admin_failed\">{--SETTINGS_NOT_SAVED--}</span>";
}
+
+ // Output template
LOAD_TEMPLATE("admin_settings_saved", false, $content);
-}
- elseif ((isset($_POST['del'])) && (SELECTION_COUNT($_POST['sel']) > 0))
-{
+} elseif ((REQUEST_ISSET_POST(('del'))) && (SELECTION_COUNT(REQUEST_POST('sel')) > 0)) {
// Delete entries here
$SW = 2; $OUT = "";
- foreach ($_POST['sel'] as $id => $value)
- {
- $result = SQL_QUERY_ESC("SELECT time, mail_title FROM "._MYSQL_PREFIX."_payments WHERE id=%s LIMIT 1",
- array(bigintval($id)), __FILE__, __LINE__);
+ foreach (REQUEST_POST('sel') as $id => $value) {
+ $result = SQL_QUERY_ESC("SELECT time, mail_title FROM `{!_MYSQL_PREFIX!}_payments` WHERE id=%s LIMIT 1",
+ array(bigintval($id)), __FILE__, __LINE__);
list($time, $title) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
// Load main template
LOAD_TEMPLATE("admin_del_payments");
-}
- elseif ((isset($_POST['edit'])) && (SELECTION_COUNT($_POST['sel']) > 0))
-{
+} elseif ((REQUEST_ISSET_POST(('edit'))) && (SELECTION_COUNT(REQUEST_POST('sel')) > 0)) {
// Edit entries
$SW = 2; $OUT = "";
- foreach ($_POST['sel'] as $id => $value)
- {
- $result = SQL_QUERY_ESC("SELECT time, payment, mail_title, price FROM "._MYSQL_PREFIX."_payments WHERE id=%s LIMIT 1",
+ foreach (REQUEST_POST('sel') as $id => $value) {
+ $result = SQL_QUERY_ESC("SELECT time, payment, mail_title, price FROM `{!_MYSQL_PREFIX!}_payments` WHERE id=%s LIMIT 1",
array(bigintval($id)), __FILE__, __LINE__);
list($time, $pay, $title, $price) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
// Load main template
LOAD_TEMPLATE("admin_edit_payments");
-}
- else
-{
- // Referral levels
- $result = SQL_QUERY("SELECT id, time, payment, mail_title, price FROM "._MYSQL_PREFIX."_payments ORDER BY time", __FILE__, __LINE__);
- if (SQL_NUMROWS($result) > 0)
- {
- // Make referral levels editable and deletable
+} else {
+ // Referal levels
+ $result = SQL_QUERY("SELECT id, time, payment, mail_title, price FROM `{!_MYSQL_PREFIX!}_payments` ORDER BY time", __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) > 0) {
+ // Make referal levels editable and deletable
$SW = 2; $OUT = "";
// List already existing categories for editing
- while (list($id, $time, $pay, $title, $price) = SQL_FETCHROW($result))
- {
+ while (list($id, $time, $pay, $title, $price) = SQL_FETCHROW($result)) {
$pay = TRANSLATE_COMMA($pay);
$price = TRANSLATE_COMMA($price);
LOAD_TEMPLATE("admin_list_payments");
}
- // Form for adding new referral levels
+ // Form for adding new referal levels
LOAD_TEMPLATE("admin_add_payment");
}
projects / mailer.git / blobdiff