Location: PHPKode > projects > Content*Builder > contentbuilder/plugins/newsletter2/categoryEdit.inc.php
<?php
/*
* einfacher Sicherheitscheck
*/
$nlError = false;
if(!$nlAction == "create" && !$nlAction == "modify") {
	$nlError = true;
}

/*
* Wenn neuer Newsletter erstellt wurde / vorhandener bearbeitet 
* -> abfangen
*/
if(isset($categoryEdit)) {
	$nlCategoryOptions = 0;
	/*
	* Check, ob Kategorie existiert
	*/
	if($nlAction == "modify") {
		$nlCategoryExistQuery = mysql_fetch_assoc(mysql_query("SELECT userID, name, categoryID, options FROM ".TABLE."_nl_category WHERE categoryID = '$nlCategoryID'"));
		if($nlCategoryID != $nlCategoryExistQuery[categoryID]) {
			$nlError = true;
		} else {
			$categoryID = $nlCategoryID;
			$nlCategoryOptions = $nlCategoryExistQuery[options];
		}
	}
	
	/* Online / Offline Status */
	if($nlCategoryOnline == 1) {
		$nlCategoryOptions |= 1;
	} else {
		$nlCategoryOptions &= ~1;
	}
	
	/* Sonderzeichen escapen */
	$nlCategoryName        = mysql_escape_string($_POST['nlCategoryName']);
	$nlCategoryDescription = mysql_escape_string($_POST['nlCategoryDescription']);
	
	/* 
	* wenn keine Fehler auftraten, Insert oder Update, danach zur 
	* √úbersicht des Newsletters per header
	*/
	if(!$nlError) {
		if($nlAction == "create") {
			$result = mysql_query("INSERT INTO ".TABLE."_nl_category (userID, name, description, options, datetime) VALUES ('$cbUserID', '$nlCategoryName', '$nlCategoryDescription', '$nlCategoryOptions', NOW())");
			$categoryID = mysql_insert_id();
		}
		if($nlAction == "modify") {
			$result = mysql_query("UPDATE ".TABLE."_nl_category SET name = '$nlCategoryName', description = '$nlCategoryDescription', options = '$nlCategoryOptions' WHERE categoryID = '$categoryID'");
		}
		header("Location: ".$PHP_SELF."?load=".$load."&sub=2&categoryID=".$categoryID);
		exit();
	} else {
		unset($categoryEdit);
	}
}

/*
* wenn das Formular zum ersten Mal aufgerufen wird oder bei Fehler
*/
if(empty($categoryEdit)) {
	$nlActionText      = $newsletterText["createCategory"];
	$nlActionTextShort = $newsletterText["create"];
	
	if($nlAction == "modify" && isset($categoryID)) {
		$nlCategoryQuery = mysql_fetch_assoc(mysql_query("SELECT * FROM ".TABLE."_nl_category WHERE categoryID = '$categoryID'"));	
		/*
		* Check ob NewsletterID richtig ist
		*/
		if($nlCategoryQuery[categoryID] != $categoryID) {
			$nlError = true;
		}
		
		/*
		* Check, ob Kategorie online ist
		*/
		if(1 & $nlCategoryQuery[options]) {
			$nlCategoryQuery['online'] = 1;
		}
		
		$nlCategoryQuery[name]        = stripslashes($nlCategoryQuery[name]);
		$nlCategoryQuery[description] = stripslashes($nlCategoryQuery[description]);
		
		/*
		* senden der alten Infos ans Template
		*/
		$tpl->assign("nlEditCategoryData", $nlCategoryQuery);
	
		$nlActionText      = $newsletterText["editCategory"];
		$nlActionTextShort = $newsletterText["edit"];
	}
	
	if(!$nlError) {
		$tpl->assign("nlEditCategory", 
			array ( "action"            => $nlAction,
					"txt_action"        => $nlActionText,
					"txt_action_short"  => $nlActionTextShort
			)
		);
		
		$tpl->assign("nlEditCategory_set", "1");
		
		$mainPluginContent[]  = $tpl->fetch($config['templates']."newsletter.template", null, "pluginNL".$cbUserID);
		$mainMessageContent[] = $tpl->fetch($config['templates']."messages.template", null, "pluginNL".$cbUserID);
	}
}
?>
Return current item: Content*Builder