X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-adminedit.php;h=b20760df3e0651e96f08d4804e032c6b90b85952;hp=761e902496f60d9393053f69619076b3ea5911e4;hb=7989ec603971c0dc8dc35d8be4e72f8098b83baa;hpb=8a9324b2d931f54f54f4319fd7234910af77012c diff --git a/inc/modules/admin/what-adminedit.php b/inc/modules/admin/what-adminedit.php index 761e902496..b20760df3e 100644 --- a/inc/modules/admin/what-adminedit.php +++ b/inc/modules/admin/what-adminedit.php @@ -32,19 +32,19 @@ ************************************************************************/ // Some security stuff... -if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN())) -{ +if ((!defined('__SECURITY')) || (!IS_ADMIN())) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); } + // Add description as navigation point -ADD_DESCR("admin", basename(__FILE__)); +ADD_DESCR("admin", __FILE__); // Do we edit/delete/change main menus or sub menus? -$AND = "what=''"; $SUB = ""; +$AND = "(`what` = '' OR `what` IS NULL)"; $SUB = ""; if (!empty($_GET['sub'])) { - $AND = sprintf("action='%s'", SQL_ESCAPE($_GET['sub'])); + $AND = sprintf("action='%s' AND `what` IS NOT NULL", SQL_ESCAPE($_GET['sub'])); $SUB = SQL_ESCAPE($_GET['sub']); } @@ -52,23 +52,18 @@ if (!empty($_GET['sub'])) $chk = 0; if (!empty($_POST['sel'])) $chk = SELECTION_COUNT($_POST['sel']); -OPEN_TABLE("100%", "admin_content admin_content_align", ""); - // List all menu points and make them editable -OUTPUT_HTML("

-
"); -if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) -{ +if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) { // Edit menu entries define('__SUB_VALUE', $SUB); define('__CHK_VALUE', $chk); $cnt = 0; $SW = 2; - foreach ($_POST['sel'] as $sel=>$confirm) + foreach ($_POST['sel'] as $sel => $confirm) { if ($confirm == 1) { $cnt++; - $result = SQL_QUERY_ESC("SELECT title, action, what, descr FROM "._MYSQL_PREFIX."_admin_menu WHERE ".$AND." AND id=%d LIMIT 1", + $result = SQL_QUERY_ESC("SELECT title, action, what, descr FROM `{!_MYSQL_PREFIX!}_admin_menu` WHERE ".$AND." AND id=%s LIMIT 1", array(bigintval($sel)), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { @@ -112,12 +107,12 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) define('__CHK_VALUE', $chk); // Del menu entries with or without confirmation $SW = 2; $cnt = 0; $OUT = ""; - foreach ($_POST['sel'] as $sel=>$confirm) + foreach ($_POST['sel'] as $sel => $confirm) { if ($confirm == 1) { $cnt++; - $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_admin_menu WHERE ".$AND." AND id=%d LIMIT 1", + $result = SQL_QUERY_ESC("SELECT title FROM `{!_MYSQL_PREFIX!}_admin_menu` WHERE ".$AND." AND id=%s LIMIT 1", array(bigintval($sel)), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { @@ -151,130 +146,122 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) // Load template LOAD_TEMPLATE("admin_amenu_delete"); -} - elseif ((isset($_POST['ok'])) && (!IS_DEMO())) -{ +} elseif ((isset($_POST['ok'])) && (!IS_DEMO())) { // An action is done... switch ($_POST['ok']) { case "edit": // Edit menu - foreach ($_POST['sel'] as $sel=>$menu) - { + foreach ($_POST['sel'] as $sel => $menu) { // Secure ID $sel = bigintval($sel); // Update entry - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admin_menu SET + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admin_menu` SET title='%s', action='%s', what='%s', descr='%s' -WHERE ".$AND." AND id=%d LIMIT 1", +WHERE ".$AND." AND id=%s LIMIT 1", array( $menu, $_POST['sel_action'][$sel], $_POST['sel_what'][$sel], - addslashes($_POST['sel_desc'][$sel]), + $_POST['sel_desc'][$sel], $sel, ), __FILE__, __LINE__); } - LOAD_TEMPLATE("admin_data_saved"); + + // Purge admin menu cache + CACHE_PURGE_ADMIN_MENU(0, $_POST['sel_action'][$sel], $_POST['sel_what'][$sel]); + + // Load template + LOAD_TEMPLATE("admin_settings_saved", false, getMessage('SETTINGS_SAVED')); break; case "del": // Delete menu - foreach ($_POST['sel'] as $sel=>$menu) - { - $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_admin_menu WHERE ".$AND." AND id=%d LIMIT 1", - array(bigintval($sel)), __FILE__, __LINE__); - } - LOAD_TEMPLATE("admin_data_saved"); + foreach ($_POST['sel'] as $sel => $menu) { + SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_admin_menu` WHERE ".$AND." AND id=%s LIMIT 1", + array(bigintval($sel)), __FILE__, __LINE__); + CACHE_PURGE_ADMIN_MENU(0, "", "", $AND); + } // END - foreach + + // Load template + LOAD_TEMPLATE("admin_settings_saved", false, getMessage('SETTINGS_SAVED')); break; default: // Unexpected action + DEBUG_LOG(__FILE__, __LINE__, sprintf("Unsupported action %s detected.", $_POST['ok'])); define('__OK_VALUE', $_POST['ok']); LOAD_TEMPLATE("admin_menu_unknown_okay"); break; } -} - else -{ - if ((!empty($_GET['act'])) && (!empty($_GET['tid'])) && (!empty($_GET['fid']))) - { +} else { + if ((!empty($_GET['act'])) && (!empty($_GET['tid'])) && (!empty($_GET['fid']))) { // Get IDs - if (!empty($_GET['w'])) - { + if (!empty($_GET['w'])) { // Sub menus selected - $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admin_menu WHERE action='%s' AND sort='%s' LIMIT 1", - array($_GET['act'], bigintval($_GET['tid'])), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_admin_menu` WHERE `action`='%s' AND `sort`='%s' LIMIT 1", + array($_GET['act'], bigintval($_GET['tid'])), __FILE__, __LINE__); list($tid) = SQL_FETCHROW($result); SQL_FREERESULT($result); - $result = SQL_QUERY("SELECT id FROM "._MYSQL_PREFIX."_admin_menu WHERE action='%s' AND sort='%s' LIMIT 1", - array($_GET['act'], bigintval($_GET['fid'])), __FILE__, __LINE__); + $result = SQL_QUERY("SELECT id FROM `{!_MYSQL_PREFIX!}_admin_menu` WHERE `action`='%s' AND `sort`='%s' LIMIT 1", + array($_GET['act'], bigintval($_GET['fid'])), __FILE__, __LINE__); list($fid) = SQL_FETCHROW($result); SQL_FREERESULT($result); - } - else - { + } else { // Main menu selected - $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admin_menu WHERE what='' AND sort='%s' LIMIT 1", - array(bigintval($_GET['tid'])), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_admin_menu` WHERE (what='' OR `what` IS NULL) AND `sort`='%s' LIMIT 1", + array(bigintval($_GET['tid'])), __FILE__, __LINE__); list($tid) = SQL_FETCHROW($result); SQL_FREERESULT($result); - $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_admin_menu WHERE what='' AND sort='%s' LIMIT 1", - array(bigintval($_GET['fid'])), __FILE__, __LINE__); + $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_admin_menu` WHERE (what='' OR `what` IS NULL) AND `sort`='%s' LIMIT 1", + array(bigintval($_GET['fid'])), __FILE__, __LINE__); list($fid) = SQL_FETCHROW($result); SQL_FREERESULT($result); } - if ((!empty($tid)) && (!empty($fid))) - { + if ((!empty($tid)) && (!empty($fid))) { // Sort menu - $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admin_menu SET sort='%s' WHERE ".$AND." AND id=%d LIMIT 1", - array(bigintval($_GET['tid']), bigintval($fid)), __FILE__, __LINE__); - $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admin_menu SET sort='%s' WHERE ".$AND." AND id=%d LIMIT 1", - array(bigintval($_GET['fid']), bigintval($tid)), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admin_menu` SET `sort`='%s' WHERE ".$AND." AND id=%s LIMIT 1", + array(bigintval($_GET['tid']), bigintval($fid)), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_admin_menu` SET `sort`='%s' WHERE ".$AND." AND id=%s LIMIT 1", + array(bigintval($_GET['fid']), bigintval($tid)), __FILE__, __LINE__); + CACHE_PURGE_ADMIN_MENU(0, "", "", $AND); } } // By default list menus - if (!empty($SUB)) - { + if (!empty($SUB)) { // Sub menus of a main menu - $result = SQL_QUERY_ESC("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_admin_menu WHERE action='%s' AND what != '' ORDER BY sort ASC", + $result = SQL_QUERY_ESC("SELECT id, action, what, title, sort FROM `{!_MYSQL_PREFIX!}_admin_menu` WHERE `action`='%s' AND `what` != '' AND `what` IS NOT NULL ORDER BY `sort` ASC", array($SUB), __FILE__, __LINE__); - } - else - { + } else { // Main menus - $result = SQL_QUERY("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_admin_menu WHERE what='' ORDER BY sort ASC", __FILE__, __LINE__); + $result = SQL_QUERY("SELECT id, action, what, title, sort FROM `{!_MYSQL_PREFIX!}_admin_menu` WHERE (what='' OR `what` IS NULL) ORDER BY `sort` ASC", __FILE__, __LINE__); } + $max = SQL_NUMROWS($result); - if ($max > 0) - { + if ($max > 0) { define('__SUB_VALUE', $SUB); - $SW = 2; $cnt = 0; $OUT = ""; - while (list($id, $act, $wht, $title, $sort) = SQL_FETCHROW($result)) - { + $SW = 2; + $cnt = 0; + $OUT = ""; + while (list($id, $act, $wht, $title, $sort) = SQL_FETCHROW($result)) { $cnt++; - if (($sort == 0) || (($sort == 1) && (!empty($SUB)))) - { + if (($sort == 0) || (($sort == 1) && (!empty($SUB)))) { // Is highest position - $NAVI = "".LOWER.""; - } - elseif ($cnt == $max) - { + $NAVI = "{--LOWER--}"; + } elseif ($cnt == $max) { // Is lowest position - $NAVI = "".HIGHER.""; - } - elseif ($sort > 0) - { + $NAVI = "{--HIGHER--}"; + } elseif ($sort > 0) { // Anything else between highest and lowest - $NAVI = "".HIGHER."/".LOWER.""; + $NAVI = "{--HIGHER--}/{--LOWER--}"; } - if (empty($act)) $act = " "; + if (empty($act)) $act = " "; if (empty($wht)) $wht = " "; - if (empty($title)) $title = " "; + if (empty($title)) $title = " "; $content = array( 'sw' => $SW, @@ -285,6 +272,7 @@ WHERE ".$AND." AND id=%d LIMIT 1", 'navi' => $NAVI, 'mode' => "admin", ); + $OUT .= LOAD_TEMPLATE("admin_menu_overview_row", true, $content); $SW = 3 - $SW; } @@ -295,14 +283,11 @@ WHERE ".$AND." AND id=%d LIMIT 1", // Load template LOAD_TEMPLATE("admin_amenu_edit"); - } - else - { + } else { // Menu entries are missing... (???) - LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_NO_MENUS_FOUND); + LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_NO_MENUS_FOUND')); } } -OUTPUT_HTML("
"); -CLOSE_TABLE(); + // ?>