* -------------------------------------------------------------------- *
* *
* -------------------------------------------------------------------- *
- * Copyright (c) 2003, 2004, 2005, 2006, 2007 by Roland Haeder *
+ * Copyright (c) 2003 - 2008 by Roland Haeder *
* For more information visit: http://www.mxchange.org *
* *
* This program is free software; you can redistribute it and/or modify *
************************************************************************/
// Some security stuff...
-if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!is_admin())) {
+if ((!defined('__SECURITY')) || (!is_admin())) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
// Is a user id given?
if ((isset($_GET['u_id'])) && (bigintval($_GET['u_id']) > 0)) {
// Load user data and display it
- $result = SQL_QUERY_ESC("SELECT surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+ $result = SQL_QUERY_ESC("SELECT surname, family, email FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
array(bigintval($_GET['u_id'])), __FILE__, __LINE__);
// Is a user account found?