reading and checking for session variables rewritten

[mailer.git] / inc / modules / admin / what-theme_edit.php

diff --git a/inc/modules/admin/what-theme_edit.php b/inc/modules/admin/what-theme_edit.php
index cf103df5d2938b6670793e1aaf45033e3c3f6aae..15418d191cb147ff6d22b74768d46c1670caee25 100644 (file)
--- a/inc/modules/admin/what-theme_edit.php
+++ b/inc/modules/admin/what-theme_edit.php
@@ -78,13 +78,10 @@ if ($SEL > 0)
 
        // Output generated?
        if (empty($OUT)) ADMIN_THEME_NO_OUTPUT;
 
        // Output generated?
        if (empty($OUT)) ADMIN_THEME_NO_OUTPUT;

-}
- elseif (!empty($_GET['default_theme']))
-{
+} elseif (!empty($_GET['default_theme'])) {

        // Save theme
        // Save theme

-       $POST['default_theme'] = $_GET['default_theme'];
+       $POST['default_theme'] = SQL_ESCAPE($_GET['default_theme']);

        set_session("mxchange_theme", $POST['default_theme'], (time() + 60*60*24*365), COOKIE_PATH);
        set_session("mxchange_theme", $POST['default_theme'], (time() + 60*60*24*365), COOKIE_PATH);

-       $_SESSION['mxchange_theme'] = $POST['default_theme'];

        ADMIN_SAVE_SETTINGS($POST);
 }
 
        ADMIN_SAVE_SETTINGS($POST);
 }