X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Fsponsor%2Fsettings.php;h=9667913cf0ee2aff6074201d93a2be4e58e2dee9;hb=7989ec603971c0dc8dc35d8be4e72f8098b83baa;hp=f9130baf9357754eb6a9aedf2ddfec05ad634539;hpb=ea2a5e6a7838127d2f9dec02ba68ec575188528b;p=mailer.git

diff --git a/inc/modules/sponsor/settings.php b/inc/modules/sponsor/settings.php
index f9130baf93..9667913cf0 100644
--- a/inc/modules/sponsor/settings.php
+++ b/inc/modules/sponsor/settings.php
@@ -31,23 +31,23 @@
  ************************************************************************/
 
 // Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
+if (!defined('__SECURITY')) {
 	$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php";
 	require($INC);
-} elseif ((!EXT_IS_ACTIVE("sponsor")) && (!IS_ADMIN())) {
-	$FATAL[] = EXTENSION_PROBLEM_EXT_INACTIVE;
+} elseif ((!EXT_IS_ACTIVE("sponsor"))
+	addFatalMessage(getMessage('EXTENSION_PROBLEM_EXT_INACTIVE'), "sponsor");
 	return;
 } elseif (!IS_SPONSOR()) {
 	// No sponsor!
-	$FATAL[] = SPONSOR_ONLY_AREA_ENTERED;
+	addFatalMessage(getMessage('SPONSOR_ONLY_AREA_ENTERED'));
 	return;
 }
 
 // Data for the formular
-$result = SQL_QUERY_ESC("SELECT status, receive_warnings, warning_interval, email, surname, family, salut
-FROM "._MYSQL_PREFIX."_sponsor_data
+$result = SQL_QUERY_ESC("SELECT status, receive_warnings, warning_interval, email, surname, family, gender
+FROM `{!_MYSQL_PREFIX!}_sponsor_data`
 WHERE id='%s' AND password='%s' LIMIT 1",
- array(bigintval($_COOKIE['sponsorid']), $_COOKIE['sponsorpass']), __FILE__, __LINE__);
+ array(bigintval(get_session('sponsorid')), get_session('sponsorpass')), __FILE__, __LINE__);
 if (SQL_NUMROWS($result) == 1) {
 	// Load sponsor data
 	$content = SQL_FETCHARRAY($result);
@@ -58,12 +58,12 @@ if (SQL_NUMROWS($result) == 1) {
 			if (empty($_POST['password'])) {
 				// No current password entered
 				$MSG = SPONSOR_NO_CURRENT_PASSWORD_ENTERED;
-			} elseif (md5($_POST['password']) != $_COOKIE['sponsorpass']) {
+			} elseif (md5($_POST['password']) != get_session('sponsorpass')) {
 				// Entered password didn't match password in DB
 				$MSG = SPONSOR_CURRENT_PASSWORD_DIDNOT_MATCH_DB;
 			} else {
 				// Unsecure data which we don't want here
-				$UNSAFE = array('company', 'position', 'tax_ident', 'salut', 'surname', 'family',
+				$UNSAFE = array('company', 'position', 'tax_ident', 'gender', 'surname', 'family',
 				                'street_nr1', 'street_nr2', 'zip', 'city', 'country', 'phone', 'fax', 'cell',
 				                'email', 'url');
 
@@ -89,8 +89,15 @@ if (SQL_NUMROWS($result) == 1) {
 		} else {
 			// Make yes/no selection
 			switch ($content['receive_warnings']) {
-				case "Y": define('__YES', " checked"); define('__NO', "");         break;
-				case "N": define('__YES', "");         define('__NO', " checked"); break;
+				case "Y":
+					define('__YES', " checked=\"checked\"");
+					define('__NO', "");
+					break;
+
+				case "N":
+					define('__YES', "");
+					define('__NO', " checked=\"checked\"");
+					break;
 			}
 
 			// Translate current interval into fancy string
@@ -106,7 +113,7 @@ if (SQL_NUMROWS($result) == 1) {
 	}
 } else {
 	// Sponsor account not found!
-	$OUT = LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_ACCOUNT_404_1.$_COOKIE['sponsorid'].SPONSOR_ACCOUNT_404_2);
+	$OUT = LOAD_TEMPLATE("admin_settings_saved", true, sprintf(getMessage('SPONSOR_ACCOUNT_404'), get_session('sponsorid')));
 }
 
 // Free memory