Fix for bonus config

[mailer.git] / inc / modules / admin / what-payments.php

diff --git a/inc/modules/admin/what-payments.php b/inc/modules/admin/what-payments.php
index 372032b16d336fbf99d0acaed13c37eeb9c113ec..d727b205782572e55529a5c67900d91983af8dbb 100644 (file)
--- a/inc/modules/admin/what-payments.php
+++ b/inc/modules/admin/what-payments.php
@@ -32,8 +32,7 @@
  ************************************************************************/
 
 // Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
        $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
        require($INC);
 }
@@ -52,7 +51,7 @@ if (isset($_POST['ok']))
        switch ($_GET['do'])
        {
        case "add":
-               $SQL[] = "INSERT INTO "._MYSQL_PREFIX."_payments (time, payment, mail_title, price) VALUES ('".$_POST['t_wait']."', '".$_POST['payment']."', '".$_POST['title']."', '".$_POST['price']."')";
+               $SQL[] = "INSERT INTO "._MYSQL_PREFIX."_payments (time, payment, mail_title, price) VALUES ('".$_POST['t_wait']."','".$_POST['payment']."','".$_POST['title']."','".$_POST['price']."')";
                $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_payments WHERE time='%s' LIMIT 1",
                 array($_POST['t_wait']), __FILE__, __LINE__);
                if (SQL_NUMROWS($result) == 1)