X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-usage.php;h=9fcbcaaeb49b1841b10778ecc294397862d41271;hb=61b77b466ed51b55406cce2671c6ad3991b350a9;hp=f5afcc325e1f71456f8b4a764573aba635fd886a;hpb=5ef6ed7373ae85e5635e39e2a0adf9496a8add05;p=mailer.git diff --git a/inc/modules/admin/what-usage.php b/inc/modules/admin/what-usage.php index f5afcc325e..9fcbcaaeb4 100644 --- a/inc/modules/admin/what-usage.php +++ b/inc/modules/admin/what-usage.php @@ -32,52 +32,44 @@ ************************************************************************/ // Some security stuff... -if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN())) -{ +if ((!defined('__SECURITY')) || (!IS_ADMIN())) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); } + // Add description as navigation point ADD_DESCR("admin", basename(__FILE__)); -OPEN_TABLE("100%", "admin_content admin_content_align", ""); +// Base directory (should be moved to database) $usage = "usage/"; -if (!empty($_GET['image'])) -{ - if ($_GET['type'] == "usage") - { - $file = PATH.$usage."usage.png"; - } - else - { + +if (!empty($_GET['image'])) { + if ($_GET['type'] == "usage") { + $file = sprintf("%s%susage.png", PATH, $usage); + } else { if (strpos($_GET['image'], "\\") > 0) $_GET['image'] = substr($_GET['image'], 0, strpos($_GET['image'], "\\")); - $file = PATH.$usage.$_GET['type']."_usage_".$_GET['image'].".png"; + $file = sprintf("%s%s%s_usage_%s.png", PATH, $usage, SQL_ESCAPE($_GET['type']), SQL_ESCAPE($_GET['image'])); } - if (file_exists($file)) - { + + if (FILE_READABLE($file)) { $image = imagecreatefrompng($file); header("Content-type: image/png"); imagepng($image); imagedestroy($image); } exit(); -} - elseif (empty($_GET['usage'])) -{ - $file = PATH.$usage."index.html"; -} - else -{ +} elseif (empty($_GET['usage'])) { + $file = sprintf("%s%sindex.html", PATH, $usage); +} else { $file = sprintf("%s%susage_%s.html", PATH, $usage, SQL_ESCAPE($_GET['usage']) ); } -if ($file !="") -{ - if (file_exists($file) && is_readable($file)) - { + +if (!empty($file)) { + if (FILE_READABLE($file)) { $tmpl_file = implode("", file($file)); $tmpl_file = addslashes($tmpl_file); $tmpl_file = "\$content=\"".$tmpl_file."\";"; @@ -102,6 +94,6 @@ if ($file !="") } } } -CLOSE_TABLE(); + // ?>