if (!defined('__SECURITY')) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
-} elseif (!EXT_IS_ACTIVE("order")) {
+} elseif ((!EXT_IS_ACTIVE("order")) && (!IS_ADMIN())) {
ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "order");
return;
} elseif (!IS_MEMBER()) {
// Finally is the entry valid?
if (SQL_AFFECTEDROWS() == 1) {
// Load personal data...
- $result = SQL_QUERY_ESC("SELECT gender, surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT gender, surname, family, email FROM `"._MYSQL_PREFIX."_user_data` WHERE userid=%s LIMIT 1",
array($GLOBALS['userid']), __FILE__, __LINE__);
list($gender, $sname, $fname, $email) = SQL_FETCHROW($result);
SQL_FREERESULT($result);
LOAD_TEMPLATE("member_order-back", false);
} else {
// Matching line not found or already "placed" in send queue
- $URL = URL."/modules.php?module=login";
- LOAD_URL($URL);
+ LOAD_URL(URL."/modules.php?module=login");
}
} else {
// Redirect...