function getArticlesAdminContent()
{
$ret = '';
$action = $_GET['action'];
switch ($action) {
case 'editcategory':
$ID = (int) $_REQUEST['id'];
if ($ID > 0) {
$ret .= editcategory($ID);
} else {
$ret .= getTree();
}
break;
case 'addprop':
$ID = (int) $_REQUEST['id'];
if ($ID > 0) {
$ret .= addprop($ID);
} else {
$ret .= getTree();
}
break;
case 'editprop':
$ID = (int) $_REQUEST['id'];
if ($ID > 0) {
$ret .= editprop($ID);
} else {
$ret .= getTree();
}
break;
default:
$ret .= getTree();
break;
}
return $ret;
}
$clean_category_id = isset($_GET['catid']) ? (int) $_GET['catid'] : 0;
/** Create a whitelist of valid values, be sure to use appropriate types for each value
* Be sure to include a value for no parameter, if you have a default condition
*/
$valid_op = array('mod', 'changedField', 'addcategory', 'del', '');
/**
* in_array() is a native PHP function that will determine if the value of the
* first argument is found in the array listed in the second argument. Strings
* are case sensitive and the 3rd argument determines whether type matching is
* required
*/
if (in_array($clean_op, $valid_op, true)) {
switch ($clean_op) {
case "mod":
icms_cp_header();
editcategory($clean_category_id);
break;
case "changedField":
foreach ($_POST['mod_profile_Category_objects'] as $k => $v) {
$categoryObj = $profile_category_handler->get($v);
if ($categoryObj->getVar('cat_weight', 'e') != $_POST['cat_weight'][$k]) {
$categoryObj->setVar('cat_weight', (int) $_POST['cat_weight'][$k]);
$profile_category_handler->insert($categoryObj);
}
}
redirect_header('category.php', 3, _AM_PROFILE_CATEGORY_MODIFIED);
break;
case "addcategory":
$controller = new icms_ipf_Controller($profile_category_handler);
$controller->storeFromDefaultForm(_AM_PROFILE_CATEGORY_CREATED, _AM_PROFILE_CATEGORY_MODIFIED);
break;
