Admin login fixes

[mailer.git] / inc / modules / admin / admin-inc.php

diff --git a/inc/modules/admin/admin-inc.php b/inc/modules/admin/admin-inc.php
index 6aba44b39868759a95758024e8c5e40a381b0600..ae5db92b5b7706f61a24a76be471bd80073c6475 100644 (file)
--- a/inc/modules/admin/admin-inc.php
+++ b/inc/modules/admin/admin-inc.php
@@ -129,6 +129,11 @@ function CHECK_ADMIN_LOGIN ($admin_login, $password)
 // Only be executed on cookie checking
 function CHECK_ADMIN_COOKIES ($admin_login, $password) {
        global $cacheArray, $_CONFIG;
+
+       // Get login and password hash
+       $admin_login = SQL_ESCAPE(get_session($admin_login));
+       $password = SQL_ESCAPE(get_session($password));
+
        $ret = "404"; $pass = "";
        if (!empty($cacheArray['admins']['aid'][$admin_login])) {
                // Get password from cache
@@ -199,17 +204,17 @@ function admin_WriteData ($file, $comment, $prefix, $suffix, $DATA, $seek=0)
                                // Copy back tmp file and delete tmp :-)
                                @copy($tmp, $file);
                                @unlink($tmp);
-                               define('_FATAL', false);
+                               define ('_FATAL', false);
                        }
                         elseif (!$found)
                        {
                                OUTPUT_HTML("<STRONG>CHANGE:</STRONG> 404!");
-                               define('_FATAL', true);
+                               define ('_FATAL', true);
                        }
                         else
                        {
                                OUTPUT_HTML("<STRONG>TMP:</STRONG> UNDONE!");
-                               define('_FATAL', true);
+                               define ('_FATAL', true);
                        }
                }
        }