Some internal TODOs fixed, rewrites to script inclusion

[mailer.git] / inc / modules / member / action-

diff --git a/inc/modules/member/action- b/inc/modules/member/action-
index b16433423eda2ac2440f9f6aa12d9276934bed05..7fcb665657897a4e9dcea8737a76602251da7105 100644 (file)
--- a/inc/modules/member/action-
+++ b/inc/modules/member/action-
@@ -32,26 +32,29 @@
  ************************************************************************/
 
 // Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
+if (!defined('__SECURITY')) {
        $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
        require($INC);
 } elseif (!IS_LOGGED_IN()) {
        LOAD_URL(URL."/modules.php?module=index");
+} elseif ((!EXT_IS_ACTIVE("")) && (!IS_ADMIN())) {
+       addFatalMessage(EXTENSION_PROBLEM_EXT_INACTIVE, "");
+       return;
 } elseif ($BLOCK_MODE) {
        // Block mode detected
        return;
 }
 
 // Add description as navigation point
-ADD_DESCR("member", basename(__FILE__));
+ADD_DESCR("member", __FILE__);
 
 // Load the include file
-$INC_WHAT = sprintf("%sinc/modules/member/what-%s.php", PATH, $GLOBALS['what']);
+$INC_WHAT = sprintf("%sinc/modules/member/what-%s.php", PATH, SQL_ESCAPE($GLOBALS['what']));
 if (FILE_READABLE($INC_WHAT)) {
        // Ok, we finally load the member action module
-       include_once($INC_WHAT);
+       require($INC_WHAT);
 } else {
-       ADD_FATAL(MEMBER_404_ACTION_1.$GLOBALS['what'].MEMBER_404_ACTION_2);
+       addFatalMessage(MEMBER_404_ACTION_1.$GLOBALS['what'].MEMBER_404_ACTION_2);
 }
 
 //