X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fadmin-inc.php;h=426440e50d6ffc9673a842aee76af5068e03d0d6;hb=501a861954273a54a21b714587fc33b57322d8e4;hp=37af59ab4ce66ec8ea2bcc26a5b54e470d5b29d9;hpb=8dc08fec57283b6975199da1b47539a7a61b0c85;p=mailer.git
diff --git a/inc/modules/admin/admin-inc.php b/inc/modules/admin/admin-inc.php
index 37af59ab4c..426440e50d 100644
--- a/inc/modules/admin/admin-inc.php
+++ b/inc/modules/admin/admin-inc.php
@@ -228,7 +228,7 @@ function ifAdminCookiesAreValid ($admin, $password) {
//* DEBUG: */ outputHtml(__FUNCTION__."(".__LINE__."):".generatePassString($pass).'('.strlen($pass).")/".$password.'('.strlen($password).")
");
// Check if password matches
- if (($ret == 'pass') && ((generatePassString($pass) == $password) || ($pass == $password) || ((strlen($pass) == 32) && (md5($password) == $pass)))) {
+ if (($ret == 'pass') && ((generatePassString($pass) == $password) || ($pass == $password) || ((strlen($pass) == 32) && (md5($password) == $pass))) && (isAdmin())) {
// Passwords matches!
$ret = 'done';
} // END - if
@@ -249,14 +249,14 @@ function doAdminAction () {
// Default admin action is the overview page
$what = 'overview';
} else {
- // Compile out some chars
- $what = compileCode($what, false, false, false);
+ // Secure it
+ $what = secureString($what);
}
// Get action value
$action = getModeAction(getModule(), $what);
- // Define admin login name and ID number
+ // Define admin login name and id number
$content['login'] = getSession('admin_login');
$content['id'] = getCurrentAdminId();
@@ -343,6 +343,8 @@ WHERE
ORDER BY
`sort` ASC,
`id` DESC", __FUNCTION__, __LINE__);
+
+ // Do we have entries?
if (SQL_NUMROWS($result_main) > 0) {
$OUT = "