Updated copyright year.

[mailer.git] / inc / ajax / ajax_admin.php

diff --git a/inc/ajax/ajax_admin.php b/inc/ajax/ajax_admin.php
index ae95def44ce8c87eefb1bc6fda56883287ae55d5..ddf6fdc795a86ef0700e52194ca27f4f154ff913 100644 (file)
--- a/inc/ajax/ajax_admin.php
+++ b/inc/ajax/ajax_admin.php
@@ -10,13 +10,8 @@
  * -------------------------------------------------------------------- *
  * Kurzbeschreibung  : AJAX-Bibliothek fuer Adminmenu                   *
  * -------------------------------------------------------------------- *
- * $Revision::                                                        $ *
- * $Date::                                                            $ *
- * $Tag:: 0.2.1-FINAL                                                 $ *
- * $Author::                                                          $ *
- * -------------------------------------------------------------------- *
  * Copyright (c) 2003 - 2009 by Roland Haeder                           *
- * Copyright (c) 2009 - 2012 by Mailer Developer Team                   *
+ * Copyright (c) 2009 - 2016 by Mailer Developer Team                   *
  * For more information visit: http://mxchange.org                      *
  *                                                                      *
  * This program is free software; you can redistribute it and/or modify *
@@ -36,14 +31,17 @@
  ************************************************************************/
 
 // Some security stuff...
-if ((!defined('__SECURITY')) || (!isAdmin())) {
+if (!defined('__SECURITY')) {
        die();
+} elseif ((!isAjaxOutputMode()) || (!isAdmin())) {
+       header('HTTP/1.1 403 Forbidden');
+       die(json_encode(array('reply_content' => 'Access forbidden'), JSON_FORCE_OBJECT));
 } // END - if
 
 // "Generates" admin content by loading a message template
 function generateAdminContent () {
        // Return it
-       return displayMessage('{--ADMIN_AJAX_MENU_IS_LOADING--}', true);
+       return displayMessage('{--ADMIN_AJAX_MENU_IS_LOADING--}', TRUE);
 }
 
 // Processes AJAX requests for admin menu
@@ -59,6 +57,7 @@ function doAjaxProcessAdmin () {
 
        // Again we do a call-back, so generate a function name depending on 'do'
        $callbackName = 'doAjaxAdmin' . capitalizeUnderscoreString(postRequestElement('do'));
+       $GLOBALS['ajax_callback_function'] = $callbackName;
 
        // Is the call-back function there?
        if (!function_exists($callbackName)) {
@@ -96,7 +95,7 @@ function doAjaxAdminRequestContent () {
        // Is the HTTP status still the same? (204 No Content)
        if (getHttpStatus() == '204 No Content') {
                // We use the current access level 'install' as prefix and construct a template name
-               setAjaxReplyContent(loadTemplate('admin_area_' . trim(postRequestElement('tab')), true));
+               setAjaxReplyContent(loadTemplate('admin_area_' . trim(postRequestElement('tab')), TRUE));
 
                // Has the template been loaded?
                if (isset($GLOBALS['template_content']['html']['admin_page_' . trim(postRequestElement('tab'))])) {
@@ -104,9 +103,10 @@ function doAjaxAdminRequestContent () {
                        setHttpStatus('200 OK');
                } else {
                        // Set 404 error
-                       setHttpStatus('404 NOT FOUND');
+                       setHttpStatus('404 Not Found');
                }
        } // END - if
 }
+
 // [EOF]
 ?>