require($INC);
} elseif (!IS_MEMBER()) {
LOAD_URL("modules.php?module=index");
-} elseif (!EXT_IS_ACTIVE("newsletter")) {
+} elseif ((!EXT_IS_ACTIVE("newsletter")) && (!IS_ADMIN())) {
ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "newsletter");
return;
}
ADD_DESCR("member", __FILE__);
// Load status
-$result = SQL_QUERY_ESC("SELECT nl_receive, nl_until, nl_timespan FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
+$result = SQL_QUERY_ESC("SELECT nl_receive, nl_until, nl_timespan FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
list($status, $until, $span) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
if ((isset($_POST['ok'])) && ($status == "Y") && ($span == "0"))
{
// Save request
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET nl_timespan='".($_CONFIG['one_day'] * 30)."' WHERE userid=%s LIMIT 1",
+ $result = SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET nl_timespan='".($_CONFIG['one_day'] * 30)."' WHERE userid=%s LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
// Load admin message
// Add task
$result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_task_system (assigned_admin, status, task_type, subject, text, task_created, userid)
-VALUES ('0','NEW','NL_UNSUBSCRIBE','".ADMIN_NL_SUBJECT."','".addslashes($admin_msg)."', UNIX_TIMESTAMP(),'%s')", array($GLOBALS['userid']), __FILE__, __LINE__);
+VALUES ('0','NEW','NL_UNSUBSCRIBE','".ADMIN_NL_SUBJECT."','".$admin_msg."', UNIX_TIMESTAMP(),'%s')", array($GLOBALS['userid']), __FILE__, __LINE__);
// Send mail to member
$msg = LOAD_EMAIL_TEMPLATE("member_newsletter_request", array(), $GLOBALS['userid']);
projects / mailer.git / blobdiff