reading and checking for session variables rewritten
[mailer.git] / inc / modules / admin / what-theme_edit.php
index cf103df..15418d1 100644 (file)
@@ -78,13 +78,10 @@ if ($SEL > 0)
 
        // Output generated?
        if (empty($OUT)) ADMIN_THEME_NO_OUTPUT;
-}
- elseif (!empty($_GET['default_theme']))
-{
+} elseif (!empty($_GET['default_theme'])) {
        // Save theme
-       $POST['default_theme'] = $_GET['default_theme'];
+       $POST['default_theme'] = SQL_ESCAPE($_GET['default_theme']);
        set_session("mxchange_theme", $POST['default_theme'], (time() + 60*60*24*365), COOKIE_PATH);
-       $_SESSION['mxchange_theme'] = $POST['default_theme'];
        ADMIN_SAVE_SETTINGS($POST);
 }