$action = "view"; if ($sql) { show_admin_message("Link added", "{$pagename}&action=view&id={$id}"); } } elseif ($action == "editlink" && pageauth("links", "edit") == 1) { $name = safesql($_POST['name'], "text"); $desc = safesql($_POST['desc'], "text"); $url = safesql($_POST['url'], "text"); $cat = safesql($_POST['cat'], "text"); $sql = $data->update_query("links", "name={$name}, url={$url}, `desc`={$desc}, cat={$cat}", "id={$did}"); if ($sql) { show_admin_message("Link updated", "{$pagename}&action=view&id={$id}"); } } elseif ($action == "add" && pageauth("links", "add") == 1) { $catname = safesql($_POST['catname'], "text"); $pos = get_end_pos("links_cats"); $sql = $data->insert_query("links_cats", "NULL, {$catname}, {$pos}"); if ($sql) { show_admin_message("Category added", "{$pagename}"); } } elseif ($action == "edit" && pageauth("links", "edit") == 1) { $catname = safesql($_POST['catname'], "text"); $sql = $data->update_query("links_cats", "name = {$catname}", "id = {$id}"); if ($sql) { show_admin_message("Category updated", "{$pagename}"); } } } if ($action == "view") { $query = $data->select_query("links_cats", "WHERE id = {$id} ORDER BY position ASC"); $catinfo = $data->fetch_array($query);
case 5: $options = array(); $options[0] = $_POST['numoptions']; for ($i = 1; $i <= $_POST['numoptions']; $i++) { $temp = $_POST['option' . $i]; if ($temp != '') { $options[] = $temp; } else { --$options[0]; } } break; case 6: $options = "''"; } $pos = get_end_pos(); $options = safesql(serialize($options), "text"); if ($action == "new") { $data->insert_query("profilefields", "'', {$name}, {$query}, {$options}, {$hint}, {$type}, {$required}, {$register}, {$profileview}, {$pos}, 0, 0"); show_admin_message("Field Added", $pagename); } elseif ($action == "edit") { $data->update_query("profilefields", "query={$query}, options={$options}, hint={$hint}, type={$type}, required={$required}, register={$register}, profileview={$profileview}", "id={$id}"); show_admin_message("Field Updated", $pagename); } } if ($action == "") { $sql = $data->select_query("profilefields", "WHERE place=0 ORDER BY pos ASC"); $numfields = $data->num_rows($sql); $field = array(); while ($field[] = $data->fetch_array($sql)) { $tpl->assign("numfields", $numfields);
$id = safesql($_GET['id'], "int"); $data->update_query("menu_cats", "published=1", "id={$id}"); show_admin_message("Menu published", "admin.php?page=menus&activetab={$_GET['activetab']}"); } elseif ($action == "unpublish" && pageauth("menus", "publish") == 1) { $id = safesql($_GET['id'], "int"); $data->update_query("menu_cats", "published=0", "id={$id}"); show_admin_message("Menu unpublished", "admin.php?page=menus&activetab={$_GET['activetab']}"); } elseif ($action == "moveitem" && pageauth("menus", "edit") == 1) { $sql = $data->select_query("menu_cats", "ORDER BY name ASC"); $numcats = $data->num_rows($sql); $cats = array(); while ($cats[] = $data->fetch_array($sql)) { } $tpl->assign('numcats', $numcats); $tpl->assign('cats', $cats); if ($submit == "Move") { $newcat = safesql($_POST['newcat'], "int"); $id = safesql($_GET['id'], "int"); $cid = $_GET['cid']; $pos = safesql(get_end_pos($_POST['newcat']), "int"); $data->update_query("menu_items", "cat={$newcat}, pos={$pos}", "id={$id} OR parent={$id}"); show_admin_message("Item moved", "{$pagename}&id={$cid}"); } } $tpl->assign("activetab", $_GET['side']); $tpl->assign('cid', $cid); $tpl->assign('id', $id); $tpl->assign('action', $action); $tpl->assign('editFormAction', $editFormAction); $filetouse = "admin_menus.tpl"; }