************************************************************************/
// Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
-{
+if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN())) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
+} elseif (!EXT_IS_ACTIVE("task")) {
+ ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "task");
+ return;
}
+
// Add description as navigation point
ADD_DESCR("admin", basename(__FILE__));
switch ($_GET['type'])
{
case "your": // List only your own open (new) tasks
- $whereStatement = "assigned_admin='".GET_ADMIN_ID($_COOKIE['admin_login'])."' AND status='NEW' AND task_type != 'EXTENSION_UPDATE'";
+ $whereStatement = "assigned_admin='".GET_ADMIN_ID(get_session('admin_login'))."' AND status='NEW' AND task_type != 'EXTENSION_UPDATE'";
break;
case "updates": // List only updates assigned to you
- $whereStatement = "assigned_admin='".GET_ADMIN_ID($_COOKIE['admin_login'])."' AND status='NEW' AND task_type = 'EXTENSION_UPDATE'";
+ $whereStatement = "assigned_admin='".GET_ADMIN_ID(get_session('admin_login'))."' AND status='NEW' AND task_type = 'EXTENSION_UPDATE'";
break;
case "solved": // List only solved tasks assigned to you
- $whereStatement = "assigned_admin='".GET_ADMIN_ID($_COOKIE['admin_login'])."' AND status='SOLVED'";
+ $whereStatement = "assigned_admin='".GET_ADMIN_ID(get_session('admin_login'))."' AND status='SOLVED'";
break;
case "unassigned": // List unassigned (but not deleted) tasks
break;
case "closed": // List all closed
- $whereStatement = "assigned_admin='".GET_ADMIN_ID($_COOKIE['admin_login'])."' AND status='CLOSED'";
+ $whereStatement = "assigned_admin='".GET_ADMIN_ID(get_session('admin_login'))."' AND status='CLOSED'";
break;
default: // Unknown type
foreach ($_POST['task'] as $id=>$sel)
{
$result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_task_system SET assigned_admin='0' WHERE id=%d AND assigned_admin='%s' LIMIT 1",
- array(bigintval($id), GET_ADMIN_ID($_COOKIE['admin_login'])), __FILE__, __LINE__);
+ array(bigintval($id), GET_ADMIN_ID(get_session('admin_login'))), __FILE__, __LINE__);
}
}
elseif (isset($_POST['del']))