projects
/
mailer.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Security line in all includes changed
[mailer.git]
/
inc
/
modules
/
admin
/
what-list_country.php
diff --git
a/inc/modules/admin/what-list_country.php
b/inc/modules/admin/what-list_country.php
index 16ceaef0bf65e6661699f66f2fa29efe8a2b8f2f..4ff4155f4255a6534c5d02624d48175848a324dd 100644
(file)
--- a/
inc/modules/admin/what-list_country.php
+++ b/
inc/modules/admin/what-list_country.php
@@
-32,8
+32,7
@@
************************************************************************/
// Some security stuff...
************************************************************************/
// Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!is_admin()))
-{
+if ((!defined('__SECURITY')) || (!is_admin())) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
@@
-104,7
+103,7
@@
if ((isset($_POST['add'])) && (!empty($_POST['code'])) && (!empty($_POST['descr'
// Edit all selected country codes
$OUT = ""; $SW = 2;
// Edit all selected country codes
$OUT = ""; $SW = 2;
- foreach ($_POST['id'] as $id
=>
$status)
+ foreach ($_POST['id'] as $id
=>
$status)
{
// Load data from DB
$result = SQL_QUERY_ESC("SELECT code, descr FROM "._MYSQL_PREFIX."_countries WHERE id=%s LIMIT 1",
{
// Load data from DB
$result = SQL_QUERY_ESC("SELECT code, descr FROM "._MYSQL_PREFIX."_countries WHERE id=%s LIMIT 1",
@@
-154,7
+153,7
@@
if ((isset($_POST['add'])) && (!empty($_POST['code'])) && (!empty($_POST['descr'
if ((isset($_POST['modify'])) && (!empty($_POST['id'])))
{
// Modify
if ((isset($_POST['modify'])) && (!empty($_POST['id'])))
{
// Modify
- foreach ($_POST['id'] as $id
=>
$sel)
+ foreach ($_POST['id'] as $id
=>
$sel)
{
$SQLs[] = "UPDATE "._MYSQL_PREFIX."_countries SET code='".$_POST['code'][$id]."', descr='".$_POST['descr'][$id]."', is_active='".$_POST['is_active'][$id]."' WHERE id='".$id."' LIMIT 1";
}
{
$SQLs[] = "UPDATE "._MYSQL_PREFIX."_countries SET code='".$_POST['code'][$id]."', descr='".$_POST['descr'][$id]."', is_active='".$_POST['is_active'][$id]."' WHERE id='".$id."' LIMIT 1";
}