Security line in all includes changed

[mailer.git] / inc / modules / admin / what-add_rallye.php

diff --git a/inc/modules/admin/what-add_rallye.php b/inc/modules/admin/what-add_rallye.php
index 1f831ca13bde8d24cdf8e7b97aa7010bf1add825..9bd259c9f0858ae99f4efa94f2360baa7583135b 100644 (file)
--- a/inc/modules/admin/what-add_rallye.php
+++ b/inc/modules/admin/what-add_rallye.php
@@ -32,11 +32,11 @@
  ************************************************************************/
 
 // Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
        $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
        require($INC);
 }
+
 // Add description as navigation point
 ADD_DESCR("admin", basename(__FILE__));
 
@@ -56,7 +56,7 @@ if (isset($_POST['ok']))
                $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_rallye_data (admin_id, title, descr, template, start_time, end_time, auto_add_new_user, is_active, send_notify)
 VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')",
  array(
-       GET_ADMIN_ID($_COOKIE['admin_login']),
+       GET_ADMIN_ID(get_session('admin_login')),
        $_POST['title'],
        $_POST['descr'],
        $_POST['template'],
@@ -121,7 +121,7 @@ define('_END_MONTH', ADD_SELECTION("month", $M               , "end"));
 define('_END_YEAR' , ADD_SELECTION("year" , $Y               , "end"));
 
 // Transfer (maybe found) templates into constant for the template
-define ('_TEMPLATES', RALLYE_TEMPLATE_SELECTION());
+define('_TEMPLATES', RALLYE_TEMPLATE_SELECTION());
 
 // Load template
 LOAD_TEMPLATE("admin_add_rallye");