Security line in all includes changed

[mailer.git] / inc / libs / sponsor_functions.php

diff --git a/inc/libs/sponsor_functions.php b/inc/libs/sponsor_functions.php
index fdf4eb9f43b4bded1bc1104cc22545c38181eeb5..4ae38518e05f1bda70bf4e3f2f62667d60c56506 100644 (file)
--- a/inc/libs/sponsor_functions.php
+++ b/inc/libs/sponsor_functions.php
@@ -31,11 +31,11 @@
  ************************************************************************/
 
 // Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
+if (!defined('__SECURITY')) {
        $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php";
        require($INC);
 }
+
 //
 function SPONSOR_HANDLE_SPONSOR(&$POST, $NO_UPDATE=false, $MSGs=array(), $RET_STATUS=false)
 {
@@ -365,7 +365,7 @@ ORDER BY sort", __FILE__, __LINE__);
                {
                        // Load sub menus
                        $result_sub = SQL_QUERY_ESC("SELECT what, title FROM "._MYSQL_PREFIX."_sponsor_menu
-WHERE action='%s' AND what != '' ".$WHERE."
+WHERE action='%s' AND what != '' AND what IS NOT NULL ".$WHERE."
 ORDER BY sort", array($action), __FILE__, __LINE__);
                        if (SQL_NUMROWS($result_sub) > 0)
                        {
@@ -420,7 +420,7 @@ ORDER BY sort", array($action), __FILE__, __LINE__);
 //
 function GENERATE_SPONSOR_CONTENT($what)
 {
-       global $HTTP_POST_VARS, $_GET, $CONFIG;
+       global $_CONFIG;
        $OUT = "";
        $FILE = sprintf("%sinc/modules/sponsor/%s.php", PATH, $what);
        if (FILE_READABLE($FILE)) {
@@ -437,14 +437,14 @@ function GENERATE_SPONSOR_CONTENT($what)
 //
 function UPDATE_SPONSOR_LOGIN()
 {
-       global $_COOKIE, $CONFIG;
+       global $_COOKIE, $_CONFIG;
 
        // Check if cookies are set
        if ((empty($_COOKIE['sponsorid'])) || (empty($_COOKIE['sponsorpass']))) return false;
 
        // Calculate cookie lifetime, maybe we have to change this so the admin can setup a
        // seperate timeout for these two cookies?
-       $life = (time() + $CONFIG['online_timeout']);
+       $life = (time() + $_CONFIG['online_timeout']);
 
        // Is confirmed so both is fine and we can continue with login procedure
        $login = ((setcookie("sponsorid"  , bigintval($_COOKIE['sponsorid']), $life, COOKIE_PATH)) &&
@@ -584,8 +584,8 @@ function SPONSOR_SAVE_DATA($POST, $content)
                        $DATA = $POST;
 
                        // Change some data
-                       if (isset($content['salut'])) $content['salut'] = TRANSLATE_SEX($content['salut']);
-                       if (isset($DATA['salut']))    $DATA['salut']    = TRANSLATE_SEX($DATA['salut']);
+                       if (isset($content['gender'])) $content['gender'] = TRANSLATE_GENDER($content['gender']);
+                       if (isset($DATA['gender']))    $DATA['gender']    = TRANSLATE_GENDER($DATA['gender']);
                        if (isset($content['receive_warnings'])) $DATA['receive']     = TRANSLATE_YESNO($POST['receive_warnings']);
                        if (isset($content['warning_interval'])) $DATA['interval']    = CREATE_FANCY_TIME($POST['warning_interval']);