// First fix all main menus (what="")...
$result_fix = SQL_QUERY("SELECT id, action FROM "._MYSQL_PREFIX."_member_menu WHERE (what='' OR what IS NULL) AND action != 'logout' ORDER BY sort ASC", __FILE__, __LINE__);
$cnt = 0; $REP = 0;
-while(list($id, $act) = SQL_FETCHROW($result_fix))
-{
+while(list($id, $act) = SQL_FETCHROW($result_fix)) {
// Store action value for later usage in sorting sub menus
$ACTIONS[] = $act;
// Fix weight
- $result_sort = SQL_QUERY("UPDATE "._MYSQL_PREFIX."_member_menu SET sort='".$cnt."' WHERE id='".$id."' LIMIT 1", __FILE__, __LINE__);
+ $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET sort=%s WHERE id=%s LIMIT 1",
+ array($cnt, $id), __FILE__, __LINE__);
$REP += SQL_AFFECTEDROWS();
// Count one up
$result_sort = SQL_QUERY("UPDATE "._MYSQL_PREFIX."_member_menu SET sort='999' WHERE action='logout' AND (what='' OR what IS NULL) LIMIT 1", __FILE__, __LINE__);
// Now sort every each menu
-foreach ($ACTIONS as $act)
-{
- $result_fix = SQL_QUERY("SELECT id FROM "._MYSQL_PREFIX."_member_menu WHERE action='".$act."' AND what != '' AND what IS NOT NULL ORDER BY sort", __FILE__, __LINE__);
+foreach ($ACTIONS as $act) {
+ $result_fix = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_member_menu WHERE action='%s' AND what != '' AND what IS NOT NULL ORDER BY sort",
+ array($act), __FILE__, __LINE__);
$cnt = 1;
- while (list($id) = SQL_FETCHROW($result_fix))
- {
+ while (list($id) = SQL_FETCHROW($result_fix)) {
// Fix weight
- $result_sort = SQL_QUERY("UPDATE "._MYSQL_PREFIX."_member_menu SET sort='".$cnt."' WHERE id='".$id."' LIMIT 1", __FILE__, __LINE__);
+ $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET sort=%s WHERE id=%s LIMIT 1",
+ array($cnt, $id), __FILE__, __LINE__);
$REP += SQL_AFFECTEDROWS();
// Count one up
projects / mailer.git / blobdiff