X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-adminedit.php;h=9416731ffdaa1fd3efb591fe549e57a99d38a5f2;hp=88db098f49578b9b0fe627dc913e1a5388c1ae5b;hb=f9a9c09e1ae257449bfd98f8854e321efba1dc3c;hpb=7f104f6fe558bb56b4205241435a2357c2feece1

diff --git a/inc/modules/admin/what-adminedit.php b/inc/modules/admin/what-adminedit.php
index 88db098f49..9416731ffd 100644
--- a/inc/modules/admin/what-adminedit.php
+++ b/inc/modules/admin/what-adminedit.php
@@ -38,13 +38,13 @@ if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
 }
 
 // Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
 
 // Do we edit/delete/change main menus or sub menus?
 $AND = "(what = '' OR what IS NULL)"; $SUB = "";
 if (!empty($_GET['sub']))
 {
-	$AND = sprintf("action='%s'", SQL_ESCAPE($_GET['sub']));
+	$AND = sprintf("action='%s' AND what IS NOT NULL", SQL_ESCAPE($_GET['sub']));
 	$SUB = SQL_ESCAPE($_GET['sub']);
 }
 
@@ -63,7 +63,7 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) {
 		if ($confirm == 1)
 		{
 			$cnt++;
-			$result = SQL_QUERY_ESC("SELECT title, action, what, descr FROM "._MYSQL_PREFIX."_admin_menu WHERE ".$AND." AND id=%s LIMIT 1",
+			$result = SQL_QUERY_ESC("SELECT title, action, what, descr FROM `"._MYSQL_PREFIX."_admin_menu` WHERE ".$AND." AND id=%s LIMIT 1",
 			 array(bigintval($sel)), __FILE__, __LINE__);
 			if (SQL_NUMROWS($result) == 1)
 			{
@@ -112,7 +112,7 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) {
 		if ($confirm == 1)
 		{
 			$cnt++;
-			$result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_admin_menu WHERE ".$AND." AND id=%s LIMIT 1",
+			$result = SQL_QUERY_ESC("SELECT title FROM `"._MYSQL_PREFIX."_admin_menu` WHERE ".$AND." AND id=%s LIMIT 1",
 			 array(bigintval($sel)), __FILE__, __LINE__);
 			if (SQL_NUMROWS($result) == 1)
 			{
@@ -146,20 +146,17 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) {
 
 	// Load template
 	LOAD_TEMPLATE("admin_amenu_delete");
-}
- elseif ((isset($_POST['ok'])) && (!IS_DEMO()))
-{
+} elseif ((isset($_POST['ok'])) && (!IS_DEMO())) {
 	// An action is done...
 	switch ($_POST['ok'])
 	{
 	case "edit": // Edit menu
-		foreach ($_POST['sel'] as $sel => $menu)
-		{
+		foreach ($_POST['sel'] as $sel => $menu) {
 			// Secure ID
 			$sel = bigintval($sel);
 
 			// Update entry
-			$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admin_menu SET
+			$result = SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_admin_menu` SET
 title='%s',
 action='%s',
 what='%s',
@@ -169,43 +166,45 @@ WHERE ".$AND." AND id=%s LIMIT 1",
 	$menu,
 	$_POST['sel_action'][$sel],
 	$_POST['sel_what'][$sel],
-	addslashes($_POST['sel_desc'][$sel]),
+	$_POST['sel_desc'][$sel],
 	$sel,
 ), __FILE__, __LINE__);
 		}
+
+		// Purge admin menu cache
 		CACHE_PURGE_ADMIN_MENU(0, $_POST['sel_action'][$sel], $_POST['sel_what'][$sel]);
-		LOAD_TEMPLATE("admin_data_saved");
+
+		// Load template
+		LOAD_TEMPLATE("admin_settings_saved", false, SAVING_DONE);
 		break;
 
 	case "del": // Delete menu
-		foreach ($_POST['sel'] as $sel => $menu)
-		{
-			$result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_admin_menu WHERE ".$AND." AND id=%s LIMIT 1",
+		foreach ($_POST['sel'] as $sel => $menu) {
+			$result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `"._MYSQL_PREFIX."_admin_menu` WHERE ".$AND." AND id=%s LIMIT 1",
 			 array(bigintval($sel)), __FILE__, __LINE__);
 			CACHE_PURGE_ADMIN_MENU(0, "", "", $AND);
-		}
-		LOAD_TEMPLATE("admin_data_saved");
+		} // END - foreach
+
+		// Load template
+		LOAD_TEMPLATE("admin_settings_saved", false, SAVING_DONE);
 		break;
 
 	default: // Unexpected action
+		DEBUG_LOG(__FILE__, __LINE__, sprintf("Unsupported action %s detected.", $_POST['ok']));
 		define('__OK_VALUE', $_POST['ok']);
 		LOAD_TEMPLATE("admin_menu_unknown_okay");
 		break;
 	}
-}
- else
-{
-	if ((!empty($_GET['act'])) && (!empty($_GET['tid'])) && (!empty($_GET['fid'])))
-	{
+} else {
+	if ((!empty($_GET['act'])) && (!empty($_GET['tid'])) && (!empty($_GET['fid']))) {
 		// Get IDs
-		if (!empty($_GET['w']))
-		{
+		if (!empty($_GET['w'])) {
 			// Sub menus selected
-			$result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admin_menu WHERE action='%s' AND sort='%s' LIMIT 1",
+			$result = SQL_QUERY_ESC("SELECT id FROM `"._MYSQL_PREFIX."_admin_menu` WHERE action='%s' AND sort='%s' LIMIT 1",
 			 array($_GET['act'], bigintval($_GET['tid'])), __FILE__, __LINE__);
 			list($tid) = SQL_FETCHROW($result);
 			SQL_FREERESULT($result);
-			$result = SQL_QUERY("SELECT id FROM "._MYSQL_PREFIX."_admin_menu WHERE action='%s' AND sort='%s' LIMIT 1",
+			$result = SQL_QUERY("SELECT id FROM `"._MYSQL_PREFIX."_admin_menu` WHERE action='%s' AND sort='%s' LIMIT 1",
 			 array($_GET['act'], bigintval($_GET['fid'])), __FILE__, __LINE__);
 			list($fid) = SQL_FETCHROW($result);
 			SQL_FREERESULT($result);
@@ -213,11 +212,11 @@ WHERE ".$AND." AND id=%s LIMIT 1",
 		 else
 		{
 			// Main menu selected
-			$result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admin_menu WHERE (what='' OR what IS NULL) AND sort='%s' LIMIT 1",
+			$result = SQL_QUERY_ESC("SELECT id FROM `"._MYSQL_PREFIX."_admin_menu` WHERE (what='' OR what IS NULL) AND sort='%s' LIMIT 1",
 			 array(bigintval($_GET['tid'])), __FILE__, __LINE__);
 			list($tid) = SQL_FETCHROW($result);
 			SQL_FREERESULT($result);
-			$result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admin_menu WHERE (what='' OR what IS NULL) AND sort='%s' LIMIT 1",
+			$result = SQL_QUERY_ESC("SELECT id FROM `"._MYSQL_PREFIX."_admin_menu` WHERE (what='' OR what IS NULL) AND sort='%s' LIMIT 1",
 			 array(bigintval($_GET['fid'])), __FILE__, __LINE__);
 			list($fid) = SQL_FETCHROW($result);
 			SQL_FREERESULT($result);
@@ -226,9 +225,9 @@ WHERE ".$AND." AND id=%s LIMIT 1",
 		if ((!empty($tid)) && (!empty($fid)))
 		{
 			// Sort menu
-			$result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admin_menu SET sort='%s' WHERE ".$AND." AND id=%s LIMIT 1",
+			$result_sort = SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_admin_menu` SET sort='%s' WHERE ".$AND." AND id=%s LIMIT 1",
 			 array(bigintval($_GET['tid']), bigintval($fid)), __FILE__, __LINE__);
-			$result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admin_menu SET sort='%s' WHERE ".$AND." AND id=%s LIMIT 1",
+			$result_sort = SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_admin_menu` SET sort='%s' WHERE ".$AND." AND id=%s LIMIT 1",
 			 array(bigintval($_GET['fid']), bigintval($tid)), __FILE__, __LINE__);
 			CACHE_PURGE_ADMIN_MENU(0, "", "", $AND);
 		}
@@ -238,13 +237,13 @@ WHERE ".$AND." AND id=%s LIMIT 1",
 	if (!empty($SUB))
 	{
 		// Sub menus of a main menu
-		$result = SQL_QUERY_ESC("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_admin_menu WHERE action='%s' AND what != '' AND what IS NOT NULL ORDER BY sort ASC",
+		$result = SQL_QUERY_ESC("SELECT id, action, what, title, sort FROM `"._MYSQL_PREFIX."_admin_menu` WHERE action='%s' AND what != '' AND what IS NOT NULL ORDER BY sort ASC",
 		 array($SUB), __FILE__, __LINE__);
 	}
 	 else
 	{
 		// Main menus
-		$result = SQL_QUERY("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_admin_menu WHERE (what='' OR what IS NULL) ORDER BY sort ASC", __FILE__, __LINE__);
+		$result = SQL_QUERY("SELECT id, action, what, title, sort FROM `"._MYSQL_PREFIX."_admin_menu` WHERE (what='' OR what IS NULL) ORDER BY sort ASC", __FILE__, __LINE__);
 	}
 	$max = SQL_NUMROWS($result);
 	if ($max > 0)