************************************************************************/
// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
+if (!defined('__SECURITY')) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php";
require($INC);
+} elseif ((!EXT_IS_ACTIVE("sponsor")) && (!IS_ADMIN())) {
+ ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "sponsor");
+ return;
+} elseif ($BLOCK_MODE) {
+ // Block mode detected
+ return;
}
// Add description as navigation point
-ADD_DESCR("guest", basename(__FILE__));
+ADD_DESCR("guest", __FILE__);
// Load the include file
-$INC = sprintf("%sinc/modules/guest/what-%s.php", PATH, $GLOBALS['what']);
+$INC = sprintf("%sinc/modules/guest/what-%s.php", PATH, SQL_ESCAPE($GLOBALS['what']));
if (FILE_READABLE($INC)) {
// Ok, we finally load the guest action module
include($INC);
+} elseif ($IS_VALID) {
+ ADD_FATAL(sprintf(getMessage('GUEST_404_ACTION'), SQL_ESCAPE($GLOBALS['what'])));
} else {
- ADD_FATAL(GUEST_404_ACTION_1.$GLOBALS['what'].GUEST_404_ACTION_2);
+ ADD_FATAL(sprintf(getMessage('GUEST_LOCKED_ACTION'), SQL_ESCAPE($GLOBALS['what'])));
}
//