************************************************************************/
// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
+if (!defined('__SECURITY')) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
+} elseif ($BLOCK_MODE) {
+ // Block mode detected
+ return;
}
-if (GET_ACTION("guest", $GLOBALS['what']) == "admin")
-{
- // Only when one admin link is clicked...
- $INC = sprintf(PATH."inc/modules/guest/what-%s.php", $GLOBALS['what']);
- if (file_exists($INC))
- {
- // Ok, we finally load the guest action module
- include($INC);
- }
- else
- {
- ADD_FATAL(GUEST_404_ACTION_1.$GLOBALS['what'].GUEST_404_ACTION_2);
- }
+// Only when one admin link is clicked...
+$INC = sprintf("%sinc/modules/guest/what-%s.php", PATH, SQL_ESCAPE($GLOBALS['what']));
+if (FILE_READABLE($INC)) {
+ // Ok, we finally load the guest action module
+ include($INC);
+} elseif ($IS_VALID) {
+ addFatalMessage(sprintf(getMessage('GUEST_404_ACTION'), SQL_ESCAPE($GLOBALS['what'])));
+} else {
+ addFatalMessage(sprintf(getMessage('GUEST_LOCKED_ACTION'), SQL_ESCAPE($GLOBALS['what'])));
}
+
//
?>
projects / mailer.git / blobdiff