projects / mailer.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Direct registration added, typo fixed, admin session on missing/failed login fixed...
[mailer.git] / inc / modules / admin / action-doubler.php
diff --git a/inc/modules/admin/action-doubler.php b/inc/modules/admin/action-doubler.php
index 26c92b1837c9fe2a8f75c4cfa3a33f90f9c95f10..baa342f6129da0965e05a2e4e13ddffa87d4cc5d 100644 (file)
--- a/inc/modules/admin/action-doubler.php
+++ b/inc/modules/admin/action-doubler.php
@@ -41,11 +41,12 @@ if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
 ADD_DESCR("admin", __FILE__);
 
 // Load the include file
-$INC = sprintf(."%sinc/modules/admin/what-%s.php", PATH, $GLOBALS['what']);
+$INC = sprintf("%sinc/modules/admin/what-%s.php", PATH, SQL_ESCAPE($GLOBALS['what']));
 if (FILE_READABLE($INC)) {
        // Ok, we finally load the admin action module
        include($INC);
 } else {
+       // "what file" not found
        ADD_FATAL(ADMIN_404_ACTION_1.$GLOBALS['what'].ADMIN_404_ACTION_2);
 }
 
Mailer-Project repository