- Surfbar further extended, currently broken!

[mailer.git] / inc / modules / admin / what-send_bonus.php

diff --git a/inc/modules/admin/what-send_bonus.php b/inc/modules/admin/what-send_bonus.php
index 799d6069691fe78c4e993ec36e1739aa7bdd001d..a297af0e032e468d49407cfb1ed9b62f972c2fb9 100644 (file)
--- a/inc/modules/admin/what-send_bonus.php
+++ b/inc/modules/admin/what-send_bonus.php
@@ -32,7 +32,7 @@
  ************************************************************************/
 
 // Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN())) {
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
        $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
        require($INC);
 } elseif (!EXT_IS_ACTIVE("order")) {
@@ -97,7 +97,7 @@ if (isset($_POST['ok']))
                        if ($_GET['mode'] == "html") $HTML = "Y";
                        $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_bonus
 (subject, text, receivers, points, time, data_type, timestamp, url, cat_id, target_send, mails_sent, html_msg)
-VALUES ('%s', '%s', '%s', '%s', '%s', 'NEW', UNIX_TIMESTAMP(), '%s', '%s', '%s', '%s', '%s')",
+VALUES ('%s','%s','%s','%s','%s','NEW', UNIX_TIMESTAMP(),'%s','%s','%s','%s','%s')",
  array(
        $_POST['subject'],
        addslashes($_POST['text']),
@@ -115,7 +115,7 @@ VALUES ('%s', '%s', '%s', '%s', '%s', 'NEW', UNIX_TIMESTAMP(), '%s', '%s', '%s',
                {
                        $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_bonus
 (subject, text, receivers, points, time, data_type, timestamp, url, cat_id, target_send, mails_sent)
-VALUES ('%s', '%s', '%s', '%s', '%s', 'NEW', UNIX_TIMESTAMP(), '%s', '%s', '%s', '%s')",
+VALUES ('%s','%s','%s','%s','%s','NEW', UNIX_TIMESTAMP(),'%s','%s','%s','%s')",
  array(
        $_POST['subject'],
        addslashes($_POST['text']),