// Base directory (should be moved to database)
$usage = getConfig('usage_base')."/";
-if (!empty($_GET['image'])) {
- if ($_GET['type'] == "usage") {
+if (REQUEST_ISSET_GET(('image'))) {
+ if (REQUEST_GET('type') == "usage") {
$FQFN = sprintf("%s%s/usage.png",
constant('PATH'),
getConfig('usage_base')
);
} else {
- if (strpos($_GET['image'], "\\") > 0) $_GET['image'] = substr($_GET['image'], 0, strpos($_GET['image'], "\\"));
+ if (strpos(REQUEST_GET('image'), "\\") > 0) REQUEST_SET_GET('image', substr(REQUEST_GET('image'), 0, strpos(REQUEST_GET('image'), "\\")));
$FQFN = sprintf("%s%s/%s_usage_%s.png",
constant('PATH'),
getConfig('usage_base'),
- SQL_ESCAPE($_GET['type']),
- SQL_ESCAPE($_GET['image'])
+ REQUEST_GET(('type')),
+ REQUEST_GET(('image'))
);
}
imagedestroy($image);
}
exit();
-} elseif (empty($_GET['usage'])) {
+} elseif (!REQUEST_ISSET_GET(('usage'))) {
$FQFN = sprintf("%s%s/index.html",
constant('PATH'),
getConfig('usage_base')
$FQFN = sprintf("%s%s/usage_%s.html",
constant('PATH'),
getConfig('usage_base'),
- SQL_ESCAPE($_GET['usage'])
+ REQUEST_GET(('usage'))
);
}
-if ((!empty($FQFN)) && (FILE_READABLE($FQFN) {
+if ((!empty($FQFN)) && (FILE_READABLE($FQFN))) {
// @TODO This code is double, see LOAD_TEMPLATE and LOAD_EMAIL_TEMPLATE in functions.php
$tmpl_file = READ_FILE($FQFN);
- $tmpl_file = addslashes($tmpl_file);
+ $tmpl_file = SQL_ESCAPE($tmpl_file);
$tmpl_file = "\$content=\"".$tmpl_file."\";";
eval($tmpl_file);
// Until here...