X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-config_cats.php;h=2789835efb00b024e7124982ff5a728209ce9014;hp=3f9584d921b7ff3fa2a0c21d7b4979cfa98d3743;hb=d8148e3f1f3a6762b2e786dbe99ada269dcf2ea0;hpb=7f104f6fe558bb56b4205241435a2357c2feece1
diff --git a/inc/modules/admin/what-config_cats.php b/inc/modules/admin/what-config_cats.php
index 3f9584d921..2789835efb 100644
--- a/inc/modules/admin/what-config_cats.php
+++ b/inc/modules/admin/what-config_cats.php
@@ -39,23 +39,23 @@ if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
}
// Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
// Init variable to avoid a notice
$CATS = "";
-if (isset($_POST['add'])) {
+if (REQUEST_ISSET_POST(('add'))) {
// Add a new category
- $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_cats WHERE cat='%s' LIMIT 1",
- array(addslashes($_POST['catname'])), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_cats` WHERE cat='%s' LIMIT 1",
+ array(REQUEST_POST('catname')), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 0) {
// Category does not exists, we simply add it...
- $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_cats (cat, visible, sort) VALUES ('%s','%s','%s')",
- array(addslashes($_POST['catname']), $_POST['visible'], bigintval($_POST['parent'] + 1)), __FILE__, __LINE__);
- $content = "".CATEGORY_ADDED."";
+ SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_cats` (cat, visible, sort) VALUES ('%s','%s','%s')",
+ array(REQUEST_POST('catname'), REQUEST_POST('visible'), bigintval(REQUEST_POST('parent') + 1)), __FILE__, __LINE__);
+ $content = CATEGORY_ADDED;
} else {
// Category does already exists
- $content = "".CATEGORY_ALREADY_EXISTS."";
+ $content = "".CATEGORY_ALREADY_EXISTS."";
}
// Free memory
@@ -63,28 +63,33 @@ if (isset($_POST['add'])) {
// Display message
LOAD_TEMPLATE("admin_settings_saved", false, $content);
-} elseif ((isset($_POST['ok'])) && (isset($_POST['id'])) && (is_array($_POST['id']))) {
+} elseif ((IS_FORM_SENT()) && (REQUEST_ISSET_POST(('id'))) && (is_array(REQUEST_POST('id')))) {
// Change or delete categories...
$TEXT = "";
- foreach ($_POST['id'] as $id => $cat) {
+ foreach (REQUEST_POST('id') as $id => $cat) {
// Secure ID
$id = bigintval($id);
// Is the entry set?
if (!empty($cat)) {
- switch ($_GET['do'])
+ switch (REQUEST_GET('do'))
{
case "edit": // Change categories
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_cats SET cat='%s', visible='%s', sort=%s WHERE id=%s LIMIT 1",
- array($cat, $_POST['vis'][$id], $_POST['sort'][$id], $id), __FILE__, __LINE__);
+ SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_cats` SET cat='%s', `visible`='%s', sort=%s WHERE id=%s LIMIT 1",
+ array(
+ $cat,
+ REQUEST_POST('vis', $id),
+ REQUEST_POST('sort', $id),
+ $id
+ ), __FILE__, __LINE__);
$TEXT = CATEGORIES_SAVED;
break;
case "del": // Delete categories
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_cats WHERE id=%s LIMIT 1",
- array($id), __FILE__, __LINE__);
- $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_user_cats WHERE cat_id=%s",
- array($id), __FILE__, __LINE__);
+ SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_cats` WHERE id=%s LIMIT 1",
+ array($id), __FILE__, __LINE__);
+ SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_user_cats` WHERE cat_id=%s",
+ array($id), __FILE__, __LINE__);
$TEXT = CATEGORIES_DELETED;
break;
}
@@ -98,16 +103,13 @@ if (isset($_POST['add'])) {
// Display message
LOAD_TEMPLATE("admin_settings_saved", false, $TEXT);
}
-}
- elseif ((isset($_POST['del'])) && ((SELECTION_COUNT($_POST['sel']) > 0) || (isset($_POST['sel'][0]))))
-{
+} elseif ((REQUEST_ISSET_POST(('del'))) && ((SELECTION_COUNT(REQUEST_POST('sel')) > 0) || (REQUEST_ISSET_POST(('sel', 0))))) {
// Delete categories
$SW = 2; $OUT = "";
- foreach ($_POST['sel'] as $id => $value)
- {
+ foreach (REQUEST_POST('sel') as $id => $value) {
// Load data of category
- $result = SQL_QUERY_ESC("SELECT cat FROM "._MYSQL_PREFIX."_cats WHERE id=%s LIMIT 1",
- array(bigintval($id)), __FILE__, __LINE__);
+ $result = SQL_QUERY_ESC("SELECT cat FROM `{!_MYSQL_PREFIX!}_cats` WHERE id=%s LIMIT 1",
+ array(bigintval($id)), __FILE__, __LINE__);
list($cat) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
@@ -126,13 +128,13 @@ if (isset($_POST['add'])) {
// Load main template
LOAD_TEMPLATE("admin_del_cats");
-} elseif ((isset($_POST['edit'])) && ((SELECTION_COUNT($_POST['sel']) > 0) || (isset($_POST['sel'][0])))) {
+} elseif ((REQUEST_ISSET_POST(('edit'))) && ((SELECTION_COUNT(REQUEST_POST('sel')) > 0) || (REQUEST_ISSET_POST(('sel', 0))))) {
// Edit categories
$SW = 2; $OUT = "";
- foreach ($_POST['sel'] as $id => $value)
+ foreach (REQUEST_POST('sel') as $id => $value)
{
// Load data from the category
- $result = SQL_QUERY_ESC("SELECT cat, visible, sort FROM "._MYSQL_PREFIX."_cats WHERE id=%s LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT cat, visible, sort FROM `{!_MYSQL_PREFIX!}_cats` WHERE id=%s LIMIT 1",
array(bigintval($id)), __FILE__, __LINE__);
list($cat, $vis, $sort) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
@@ -158,7 +160,7 @@ if (isset($_POST['add'])) {
else
{
// Load all categories
- $result = SQL_QUERY("SELECT id, cat, visible, sort FROM "._MYSQL_PREFIX."_cats ORDER BY sort", __FILE__, __LINE__);
+ $result = SQL_QUERY("SELECT id, cat, visible, sort FROM `{!_MYSQL_PREFIX!}_cats` ORDER BY `sort`", __FILE__, __LINE__);
if (SQL_NUMROWS($result) > 0)
{
// List already existing categories for editing
@@ -176,7 +178,7 @@ if (isset($_POST['add'])) {
// Put cat descriptions into variable for the selection box
if (strlen($cat) > 20) $cat = substr($cat, 0, 17)."...";
- $CATS .= " \n";
+ $CATS .= " \n";
// Load row template and switch color
$OUT .= LOAD_TEMPLATE("admin_config_cats_row", true, $content);