************************************************************************/
// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
+if (!defined('__SECURITY')) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php";
require($INC);
} elseif ((!EXT_IS_ACTIVE("sponsor")) && (!IS_ADMIN())) {
} elseif ((!empty($_POST['pass1'])) && (empty($_POST['pass2']))) {
// No password two entered
$MSG = SPONSOR_PASSWORD_TWO_EMPTY;
- } elseif ((!empty($_POST['pass1'])) && (strlen($_POST['pass1']) < $CONFIG['pass_len'])) {
+ } elseif ((!empty($_POST['pass1'])) && (strlen($_POST['pass1']) < $_CONFIG['pass_len'])) {
// Too short password
- $MSG = SPONSOR_PASSWORD_TOO_SHORT_1.$CONFIG['pass_len'].SPONSOR_PASSWORD_TOO_SHORT_2;
+ $MSG = SPONSOR_PASSWORD_TOO_SHORT_1.$_CONFIG['pass_len'].SPONSOR_PASSWORD_TOO_SHORT_2;
} else {
// Default is we don't want to change password!
$PASS_AND = ""; $PASS_DATA = "";
}
// Unsecure data which we don't want here
- $UNSAFE = array('receive_warnings', 'warning_interval');
+ $UNSAFE = array('receive_warnings', 'warning_interval');
// Remove all (maybe spoofed) unsafe data from array
foreach ($UNSAFE as $remove) {