More SQL rewrites, TODO: Put all table and column names in backticks (`)

[mailer.git] / inc / modules / member / what-newsletter.php

diff --git a/inc/modules/member/what-newsletter.php b/inc/modules/member/what-newsletter.php
index e6d343d55d6edae93d161ff9d6dc7f39d16f968e..7dd4140d33e51d9dfb9dd326132b53caaab10130 100644 (file)
--- a/inc/modules/member/what-newsletter.php
+++ b/inc/modules/member/what-newsletter.php
@@ -37,7 +37,7 @@ if (!defined('__SECURITY')) {
        require($INC);
 } elseif (!IS_MEMBER()) {
        LOAD_URL("modules.php?module=index");
-} elseif (!EXT_IS_ACTIVE("newsletter")) {
+} elseif ((!EXT_IS_ACTIVE("newsletter")) && (!IS_ADMIN())) {
        ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "newsletter");
        return;
 }
@@ -46,7 +46,7 @@ if (!defined('__SECURITY')) {
 ADD_DESCR("member", __FILE__);
 
 // Load status
-$result = SQL_QUERY_ESC("SELECT nl_receive, nl_until, nl_timespan FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
+$result = SQL_QUERY_ESC("SELECT nl_receive, nl_until, nl_timespan FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
  array($GLOBALS['userid']), __FILE__, __LINE__);
 list($status, $until, $span) = SQL_FETCHROW($result);
 SQL_FREERESULT($result);
@@ -57,7 +57,7 @@ define('__CHARGE_VALUE', TRANSLATE_COMMA($_CONFIG['nl_charge']));
 if ((isset($_POST['ok'])) && ($status == "Y") && ($span == "0"))
 {
        // Save request
-       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET nl_timespan='".($_CONFIG['one_day'] * 30)."' WHERE userid=%s LIMIT 1",
+       $result = SQL_QUERY_ESC("UPDATE `"._MYSQL_PREFIX."_user_data` SET nl_timespan='".($_CONFIG['one_day'] * 30)."' WHERE userid=%s LIMIT 1",
         array($GLOBALS['userid']), __FILE__, __LINE__);
 
        // Load admin message