X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-config_mods.php;h=9bc4c994fd2b4aecd1451db09f9a7b1df3c82e2f;hb=7f104f6fe558bb56b4205241435a2357c2feece1;hp=8878c9ad5ac6ae06cfe1e7b037d362d564fe10b3;hpb=52e8a0635bd0b7c653845685c55e4e5f251375fe;p=mailer.git

diff --git a/inc/modules/admin/what-config_mods.php b/inc/modules/admin/what-config_mods.php
index 8878c9ad5a..9bc4c994fd 100644
--- a/inc/modules/admin/what-config_mods.php
+++ b/inc/modules/admin/what-config_mods.php
@@ -32,11 +32,11 @@
  ************************************************************************/
 
 // Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
 	$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
 	require($INC);
 }
+
 // Add description as navigation point
 ADD_DESCR("admin", basename(__FILE__));
 
@@ -51,10 +51,10 @@ if (isset($_POST['edit']))
 		$OUT = ""; $SW = 2;
 
 		// Edit selected modules
-		foreach ($_POST['sel'] as $id=>$sel)
+		foreach ($_POST['sel'] as $id => $sel)
 		{
 			// Load module data
-			$result = SQL_QUERY_ESC("SELECT module, title, locked, hidden, admin_only, mem_only FROM "._MYSQL_PREFIX."_mod_reg WHERE id=%d LIMIT 1",
+			$result = SQL_QUERY_ESC("SELECT module, title, locked, hidden, admin_only, mem_only FROM "._MYSQL_PREFIX."_mod_reg WHERE id=%s LIMIT 1",
 			 array(bigintval($id)), __FILE__, __LINE__);
 			list($mod, $title, $locked, $hidden, $admin, $mem) = SQL_FETCHROW($result);
 			SQL_FREERESULT($result);
@@ -93,13 +93,13 @@ if (isset($_POST['edit']))
  elseif (isset($_POST['change']))
 {
 	// Change modules
-	foreach ($_POST['sel'] as $id=>$sel)
+	foreach ($_POST['sel'] as $id => $sel)
 	{
 		// Secure ID number
 		$id = bigintval($id);
 
 		// Update module
-		$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_mod_reg SET title='%s', locked='%s', hidden='%s', admin_only='%s', mem_only='%s' WHERE id=%d LIMIT 1",
+		$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_mod_reg SET title='%s', locked='%s', hidden='%s', admin_only='%s', mem_only='%s' WHERE id=%s LIMIT 1",
 		 array($_POST['title'][$id], $_POST['locked'][$id], $_POST['hidden'][$id], $_POST['admin'][$id], $_POST['member'][$id], $id),  __FILE__, __LINE__);
 	}