Security line in all includes changed

[mailer.git] / inc / modules / admin / what-admins_contct.php

diff --git a/inc/modules/admin/what-admins_contct.php b/inc/modules/admin/what-admins_contct.php
index 16bdb4ce122835b90cc84d6ff2a60287612e8702..ca2e84f5301556f785f7fb2189f8d1e2cab9f3f0 100644 (file)
--- a/inc/modules/admin/what-admins_contct.php
+++ b/inc/modules/admin/what-admins_contct.php
@@ -32,11 +32,11 @@
  ************************************************************************/
 
 // Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
        $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
        require($INC);
 }
+
 // Add description as navigation point
 ADD_DESCR("admin", basename(__FILE__));
 
@@ -52,7 +52,7 @@ if ((isset($_POST['ok'])) && (!empty($_GET['admin'])))
         else
        {
                // Load admin's email address
-               $result = SQL_QUERY_ESC("SELECT email FROM "._MYSQL_PREFIX."_admins WHERE id=%d LIMIT 1",
+               $result = SQL_QUERY_ESC("SELECT email FROM "._MYSQL_PREFIX."_admins WHERE id=%s LIMIT 1",
                 array(bigintval($_GET['admin'])), __FILE__, __LINE__);
                list($email) = SQL_FETCHROW($result);
                SQL_FREERESULT($result);