Security line in all includes changed
[mailer.git] / inc / modules / guest / what-sponsor_login.php
index 6da3f8a..c28f500 100644 (file)
@@ -31,8 +31,7 @@
  ************************************************************************/
 
 // Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
+if (!defined('__SECURITY')) {
        $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php";
        require($INC);
 }
@@ -258,7 +257,7 @@ WHERE id='%s' AND password='%s' LIMIT 1",
                {
                        // Calculate cookie lifetime, maybe we have to change this so the admin can setup a
                        // seperate timeout for these two cookies?
-                       $life = (time() + $CONFIG['online_timeout']);
+                       $life = (time() + $_CONFIG['online_timeout']);
 
                        // Is confirmed so both is fine and we can continue with login procedure
                        $login = ((setcookie("sponsorid"  , bigintval($_POST['sponsorid']), $life, COOKIE_PATH)) &&
@@ -273,7 +272,7 @@ WHERE id='%s' AND password='%s' LIMIT 1",
                        {
                                // Cookie setup failed!
                                LOAD_TEMPLATE("admin_settings_saved", false, SPONSPOR_COOKIE_SETUP_FAILED);
-                               OUTPUT_HTML("<BR>");
+                               OUTPUT_HTML("<br />");
 
                                // Login formular and other links
                                LOAD_TEMPLATE("guest_sponsor_login");
@@ -285,7 +284,7 @@ WHERE id='%s' AND password='%s' LIMIT 1",
                        $eval = "\$content = SPONSOR_LOGIN_FAILED_".strtoupper($status).";";
                        eval($eval);
                        LOAD_TEMPLATE("admin_settings_saved", false, $content);
-                       OUTPUT_HTML("<BR>");
+                       OUTPUT_HTML("<br />");
 
                        // Login formular and other links
                        LOAD_TEMPLATE("guest_sponsor_login");
@@ -295,7 +294,7 @@ WHERE id='%s' AND password='%s' LIMIT 1",
        {
                // Account missing or wrong pass! We shall not find this out for the "hacker folks"...
                LOAD_TEMPLATE("admin_settings_saved", false, SPONSOR_LOGIN_FAILED_404_WRONG_PASS);
-               OUTPUT_HTML("<BR>");
+               OUTPUT_HTML("<br />");
 
                // Login formular and other links
                LOAD_TEMPLATE("guest_sponsor_login");