Functions imported, some dev-scripts added

[mailer.git] / inc / modules / admin / what-usage.php

diff --git a/inc/modules/admin/what-usage.php b/inc/modules/admin/what-usage.php
index e9d28dfe4efba08f16bc71253f0a423350915309..09da0a61ee5b991fc1c2a9ca447fe2d6f92f20ea 100644 (file)
--- a/inc/modules/admin/what-usage.php
+++ b/inc/modules/admin/what-usage.php
@@ -45,38 +45,44 @@ $usage = getConfig('usage_base')."/";
 
 if (!empty($_GET['image'])) {
        if ($_GET['type'] == "usage") {
 
 if (!empty($_GET['image'])) {
        if ($_GET['type'] == "usage") {

-               $file = sprintf("%s%s/usage.png", PATH, getConfig('usage_base'));
+               $FQFN = sprintf("%s%s/usage.png",
+                       constant('PATH'),
+                       getConfig('usage_base')
+               );

        } else {
                if (strpos($_GET['image'], "\\") > 0) $_GET['image'] = substr($_GET['image'], 0, strpos($_GET['image'], "\\"));
        } else {
                if (strpos($_GET['image'], "\\") > 0) $_GET['image'] = substr($_GET['image'], 0, strpos($_GET['image'], "\\"));

-               $file = sprintf("%s%s/%s_usage_%s.png",
-                       PATH,
+               $FQFN = sprintf("%s%s/%s_usage_%s.png",
+                       constant('PATH'),

                        getConfig('usage_base'),
                        SQL_ESCAPE($_GET['type']),
                        SQL_ESCAPE($_GET['image'])
                );
        }
 
                        getConfig('usage_base'),
                        SQL_ESCAPE($_GET['type']),
                        SQL_ESCAPE($_GET['image'])
                );
        }
 

-       if (FILE_READABLE($file)) {
-               $image = imagecreatefrompng($file);
+       if (FILE_READABLE($FQFN)) {
+               $image = imagecreatefrompng($FQFN);

                header("Content-type: image/png");
                imagepng($image);
                imagedestroy($image);
        }
        exit();
 } elseif (empty($_GET['usage'])) {
                header("Content-type: image/png");
                imagepng($image);
                imagedestroy($image);
        }
        exit();
 } elseif (empty($_GET['usage'])) {

-       $file = sprintf("%s%s/index.html", PATH, getConfig('usage_base'));
+       $FQFN = sprintf("%s%s/index.html",
+               constant('PATH'),
+               getConfig('usage_base')
+       );

 } else {
 } else {

-       $file = sprintf("%s%s/usage_%s.html",
-               PATH,
+       $FQFN = sprintf("%s%s/usage_%s.html",
+               constant('PATH'),

                getConfig('usage_base'),
                SQL_ESCAPE($_GET['usage'])
        );
 }
 
                getConfig('usage_base'),
                SQL_ESCAPE($_GET['usage'])
        );
 }
 

-if ((!empty($file)) && (FILE_READABLE($file) {
+if ((!empty($FQFN)) && (FILE_READABLE($FQFN))) {

        // @TODO This code is double, see LOAD_TEMPLATE and LOAD_EMAIL_TEMPLATE in functions.php
        // @TODO This code is double, see LOAD_TEMPLATE and LOAD_EMAIL_TEMPLATE in functions.php

-       $tmpl_file = READ_FILE($file);
-       $tmpl_file = addslashes($tmpl_file);
+       $tmpl_file = READ_FILE($FQFN);
+       $tmpl_file = SQL_ESCAPE($tmpl_file);

        $tmpl_file = "\$content=\"".$tmpl_file."\";";
        eval($tmpl_file);
        // Until here...
        $tmpl_file = "\$content=\"".$tmpl_file."\";";
        eval($tmpl_file);
        // Until here...