************************************************************************/
// Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
+
// Add description as navigation point
-ADD_DESCR("admin", basename(__FILE__));
+ADD_DESCR("admin", __FILE__);
if ((isset($_POST['ok'])) && (empty($_POST['id']))) {
unset($_POST['ok']);
url='%s'
WHERE id=%s LIMIT 1",
array(
- addslashes($_POST['subj']),
- addslashes($_POST['text']),
- addslashes($_POST['url']),
+ $_POST['subj'],
+ $_POST['text'],
+ $_POST['url'],
bigintval($_POST['id']),
), __FILE__, __LINE__);
if (SQL_AFFECTEDROWS() == 1)