X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-memedit.php;h=f243e0ebe7d57a6c471608b52d82e8b2fc1770a7;hp=d240fc7d6349596bb412307850310f1f7cbeebcd;hb=cca98f57dff720b174d21d071cee8303462485d7;hpb=52690b87d4382bd4bc15905068ab99bb70b1e3c9 diff --git a/inc/modules/admin/what-memedit.php b/inc/modules/admin/what-memedit.php index d240fc7d63..f243e0ebe7 100644 --- a/inc/modules/admin/what-memedit.php +++ b/inc/modules/admin/what-memedit.php @@ -32,20 +32,19 @@ ************************************************************************/ // Some security stuff... -if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN())) -{ +if ((!defined('__SECURITY')) || (!IS_ADMIN())) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); } + // Add description as navigation point -ADD_DESCR("admin", basename(__FILE__)); +ADD_DESCR("admin", __FILE__); // Do we edit/delete/change main menus or sub menus? -$AND = "what = ''"; $SUB = ""; +$AND = "(what = '' OR what IS NULL)"; $SUB = ""; -if (!empty($_GET['sub'])) -{ - $AND = sprintf("action='%s'", SQL_ESCAPE($_GET['sub'])); +if (!empty($_GET['sub'])) { + $AND = sprintf("action='%s' AND what IS NOT NULL", SQL_ESCAPE($_GET['sub'])); $SUB = SQL_ESCAPE($_GET['sub']); } @@ -53,22 +52,19 @@ if (!empty($_GET['sub'])) $chk = 0; if (!empty($_POST['sel'])) $chk = SELECTION_COUNT($_POST['sel']); -OPEN_TABLE("100%", "admin_content admin_content_align", ""); // List all menu points and make them editable -OUTPUT_HTML("

-
"); if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) { // Edit menu entries define('__SUB_VALUE', $SUB); define('__CHK_VALUE', $chk); $SW = 2; $cnt = 0; $OUT = ""; - foreach ($_POST['sel'] as $sel=>$confirm) + foreach ($_POST['sel'] as $sel => $confirm) { if ($confirm == 1) { $cnt++; - $result = SQL_QUERY_ESC("SELECT title, action, what, descr FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND id=%d LIMIT 1", + $result = SQL_QUERY_ESC("SELECT title, action, what FROM `{!MYSQL_PREFIX!}_member_menu` WHERE ".$AND." AND id=%s LIMIT 1", array(bigintval($sel)), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { @@ -80,7 +76,7 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) 'sel' => $sel, 'menu' => $menu, 'sw' => $SW, - 'act' => ADMIN_MAKE_MENU_SELECTION("member", "act", "sel_act[".$sel."]", $act), + 'act' => ADMIN_MAKE_MENU_SELECTION("member", "act", "sel_act[".$sel."]", $act), 'what' => ADMIN_MAKE_MENU_SELECTION("member", "what", "sel_what[".$sel."]", $wht), ); // Load template @@ -110,12 +106,12 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) define('__SUB_VALUE', $SUB); define('__CHK_VALUE', $chk); $SW = 2; $cnt = 0; $OUT = ""; - foreach ($_POST['sel'] as $sel=>$confirm) + foreach ($_POST['sel'] as $sel => $confirm) { if ($confirm == 1) { $cnt++; - $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND id=%d LIMIT 1", + $result = SQL_QUERY_ESC("SELECT title FROM `{!MYSQL_PREFIX!}_member_menu` WHERE ".$AND." AND id=%s LIMIT 1", array(bigintval($sel)), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { @@ -152,12 +148,12 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) define('__SUB_VALUE', $SUB); define('__CHK_VALUE', $chk); $SW = 2; $cnt = 0; $OUT = ""; - foreach ($_POST['sel'] as $sel=>$confirm) + foreach ($_POST['sel'] as $sel => $confirm) { if ($confirm == 1) { $cnt++; - $result = SQL_QUERY_ESC("SELECT title, visible, locked FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND id=%d LIMIT 1", + $result = SQL_QUERY_ESC("SELECT title, visible, locked FROM `{!MYSQL_PREFIX!}_member_menu` WHERE ".$AND." AND id=%s LIMIT 1", array(bigintval($sel)), __FILE__, __LINE__); if (SQL_NUMROWS($result) == 1) { @@ -196,87 +192,82 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) elseif ((isset($_POST['ok'])) && (!IS_DEMO())) { // An act is done... - foreach ($_POST['sel'] as $sel=>$menu) + foreach ($_POST['sel'] as $sel => $menu) { - $AND = "what = ''"; + $AND = "(what = '' OR what IS NULL)"; $sel = bigintval($sel); if (!empty($SUB)) $AND = "action='".$SUB."'"; switch ($_POST['ok']) { case "edit": // Edit menu - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET title='%s', action='%s', what='%s', descr='%s' WHERE ".$AND." AND id=%d LIMIT 1", - array($menu, $_POST['sel_act'][$sel], $_POST['sel_what'][$sel], $_POST['sel_descr'][$sel], $sel), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!MYSQL_PREFIX!}_member_menu` SET title='%s', action='%s', what='%s' WHERE ".$AND." AND id=%s LIMIT 1", + array($menu, $_POST['sel_act'][$sel], $_POST['sel_what'][$sel], $sel), __FILE__, __LINE__); break; case "del": // Delete menu - $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND id=%d LIMIT 1", - array($sel), __FILE__, __LINE__); + SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!MYSQL_PREFIX!}_member_menu` WHERE ".$AND." AND id=%s LIMIT 1", + array($sel), __FILE__, __LINE__); break; case "status": // Change status of menus - $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET visible='%s', locked='%s' WHERE ".$AND." AND id=%d LIMIT 1", - array($_POST['visible'][$sel], $_POST['locked'][$sel], $sel), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!MYSQL_PREFIX!}_member_menu` SET visible='%s', locked='%s' WHERE ".$AND." AND id=%s LIMIT 1", + array($_POST['visible'][$sel], $_POST['locked'][$sel], $sel), __FILE__, __LINE__); break; } break; } // Load template - LOAD_TEMPLATE("admin_data_saved"); -} - else -{ - if ((!empty($_GET['act'])) && (!empty($_GET['tid'])) && (!empty($_GET['fid']))) - { + LOAD_TEMPLATE("admin_settings_saved", false, SAVING_DONE); +} else { + if ((!empty($_GET['act'])) && (!empty($_GET['tid'])) && (!empty($_GET['fid']))) { + // Init + $tid = ""; $fid = ""; + // Get IDs - if (!empty($_GET['w'])) - { + if (!empty($_GET['w'])) { // Sub menus selected - $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_member_menu WHERE action='%s' AND sort='%s' LIMIT 1", + $result = SQL_QUERY_ESC("SELECT id FROM `{!MYSQL_PREFIX!}_member_menu` WHERE action='%s' AND sort='%s' LIMIT 1", array(bigintval($_GET['act']), bigintval($_GET['tid'])), __FILE__, __LINE__); list($tid) = SQL_FETCHROW($result); SQL_FREERESULT($result); - $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_member_menu WHERE action='%s' AND sort='%s' LIMIT 1", + $result = SQL_QUERY_ESC("SELECT id FROM `{!MYSQL_PREFIX!}_member_menu` WHERE action='%s' AND sort='%s' LIMIT 1", array(bigintval($_GET['act']), bigintval($_GET['fid'])), __FILE__, __LINE__); list($fid) = SQL_FETCHROW($result); SQL_FREERESULT($result); - } - else - { + } else { // Main menu selected - $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_member_menu WHERE (what='' OR what IS NULL) AND sort='%s' LIMIT 1", + $result = SQL_QUERY_ESC("SELECT id FROM `{!MYSQL_PREFIX!}_member_menu` WHERE (what='' OR what IS NULL) AND sort='%s' LIMIT 1", array(bigintval($_GET['tid'])), __FILE__, __LINE__); list($tid) = SQL_FETCHROW($result); - $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_member_menu WHERE (what='' OR what IS NULL) AND sort='%s' LIMIT 1", + $result = SQL_QUERY_ESC("SELECT id FROM `{!MYSQL_PREFIX!}_member_menu` WHERE (what='' OR what IS NULL) AND sort='%s' LIMIT 1", array(bigintval($_GET['fid'])), __FILE__, __LINE__); list($fid) = SQL_FETCHROW($result); } - if ((!empty($tid)) && (!empty($fid))) - { + if ((!empty($tid)) && (!empty($fid))) { // Sort menu - $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET sort='%s' WHERE ".$AND." AND id=%d LIMIT 1", - array(bigintval($_GET['tid']), bigintval($fid)), __FILE__, __LINE__); - $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_member_menu SET sort='%s' WHERE ".$AND." AND id=%d LIMIT 1", - array(bigintval($_GET['fid']), bigintval($tid)), __FILE__, __LINE__); - } + SQL_QUERY_ESC("UPDATE `{!MYSQL_PREFIX!}_member_menu` SET sort='%s' WHERE ".$AND." AND id=%s LIMIT 1", + array(bigintval($_GET['tid']), bigintval($fid)), __FILE__, __LINE__); + SQL_QUERY_ESC("UPDATE `{!MYSQL_PREFIX!}_member_menu` SET sort='%s' WHERE ".$AND." AND id=%s LIMIT 1", + array(bigintval($_GET['fid']), bigintval($tid)), __FILE__, __LINE__); + } // END - -fi } if (!empty($SUB)) { // Edit sub menus - $result = SQL_QUERY("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_member_menu WHERE ".$AND." AND what != '' ORDER BY sort ASC", __FILE__, __LINE__); + $result = SQL_QUERY("SELECT id, action, what, title, sort FROM `{!MYSQL_PREFIX!}_member_menu` WHERE ".$AND." AND what != '' AND what IS NOT NULL ORDER BY sort ASC", __FILE__, __LINE__); } else { // Edit main menus - $result = SQL_QUERY("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_member_menu WHERE (what='' OR what IS NULL) ORDER BY sort ASC", __FILE__, __LINE__); + $result = SQL_QUERY("SELECT id, action, what, title, sort FROM `{!MYSQL_PREFIX!}_member_menu` WHERE (what='' OR what IS NULL) ORDER BY sort ASC", __FILE__, __LINE__); } $max = SQL_NUMROWS($result); if ($max > 0) { - $SUB = ""; - if (!empty($SUB)) $SUB = $SUB; + // Set sub value define('__SUB_VALUE', $SUB); $SW = 2; $cnt = 0; $OUT = ""; @@ -286,17 +277,17 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) if (($sort == 0) || (($sort == 1) && (!empty($SUB)))) { // Is highest position - $NAVI = "".LOWER.""; + $NAVI = "".LOWER.""; } elseif ($cnt == $max) { // Is lowest position - $NAVI = "".HIGHER.""; + $NAVI = "".HIGHER.""; } elseif ($sort > 0) { // Anything else between highest and lowest - $NAVI = "".HIGHER."/".LOWER.""; + $NAVI = "".HIGHER."/".LOWER.""; } if (empty($act)) $act = " "; if (empty($wht)) $wht = " "; @@ -325,7 +316,6 @@ if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO())) LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_NO_MENUS_FOUND); } } -OUTPUT_HTML("
"); -CLOSE_TABLE(); + // ?>