Viên ngọc phương Đông

<?php
session_start();
require_once $_SERVER['DOCUMENT_ROOT'].'/admin/scripts-includes/universal.php';

$conn_ID = connect_to_db();

//whitelisting
if(isset($_GET['page']) && $id=is_numeric_id($_GET['page']) )
{
	$table = 'page_data';
	$field = 'page_id';
	$return = 'Page';
}
elseif(isset($_GET['cat']) && $id=is_numeric_id($_GET['cat']) )
{
	$table = 'categories';
	$field = 'cat_id';
	$return = 'Category';
}
elseif(isset($_GET['prod']) && $id=is_numeric_id($_GET['prod']) )
{
	$table = 'products';
	$field = 'prod_id';
	$return = 'Product';
}
elseif(isset($_GET['ship']) && $id=is_numeric_id($_GET['ship']) )
{
	$table = 'shipping';
	$field = 'ship_id';
	$return = 'Entry';
}
elseif(isset($_GET['order']) && $id=is_numeric_id($_GET['order']) )
{
	$table = 'orders';
	$field = 'order_id';
	$return = 'Order';
}
elseif(isset($_GET['gallery']) && $id=is_numeric_id($_GET['gallery']) )
{
	$table = 'gallery_data';
	$field = 'gallery_id';
	$return = 'Gallery';
}
elseif(isset($_GET['image']) && $id=is_numeric_id($_GET['image']) )
{
	$table = 'image_data';
	$field = 'image_id';
	$return = 'Image';
}
elseif(isset($_GET['article']) && $id=is_numeric_id($_GET['article']) )
{
	$table = 'blog';
	$field = 'article_id';
	$return = 'Article';
}
elseif(isset($_GET['file']) && $id=is_numeric_id($_GET['file']) )
{
	$table = 'files';
	$field = 'file_id';
	$return = 'File';
}
elseif(isset($_GET['testimonial']) && $id=is_numeric_id($_GET['testimonial']) )
{
	$table = 'testimonials';
	$field = 'testimonial_id';
	$return = 'Testimonial';
}
elseif(isset($_GET['sreg']) && $id=is_numeric_id($_GET['sreg']) )
{
	$table = 'stockist_regions';
	$field = 'region_id';
	$return = 'Region';
}
elseif(isset($_GET['stockist']) && $id=is_numeric_id($_GET['stockist']) )
{
	$table = 'stockists';
	$field = 'stockist_id';
	$return = 'Stockist';
}
else
{
	getout('Invalid ID','index.php');
	exit;
}

//@todo this can certainly be tidied up
switch(clean_plain_data($_GET['f']))
{
	case 'active':
		$state = flip_switch($table,$field,$id,'active');
		break;
	case 'menu':
	 	$state = flip_switch($table,$field,$id,'menu');
		break;
	case 'featured':
	 	$state = flip_switch($table,$field,$id,'featured');
		break;
	case 'paid':
	 	$state = flip_switch($table,$field,$id,'paid');
		break;
	default:
}

if(is_ajax_request())
{
	echo onOrOff($state);
	exit;
}

$message = ($state!==false) ? "$return updated successfully." : "There was an error updating the $return";
getout($message);
exit;