Security line in all includes changed

[mailer.git] / inc / modules / member / what-newsletter.php

diff --git a/inc/modules/member/what-newsletter.php b/inc/modules/member/what-newsletter.php
index af06409959426f419a47aac735653113c06f53b0..a27073b20cb7ee371a34bd7d5f44030369adb650 100644 (file)
--- a/inc/modules/member/what-newsletter.php
+++ b/inc/modules/member/what-newsletter.php
@@ -32,17 +32,12 @@
  ************************************************************************/
 
 // Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
+if (!defined('__SECURITY')) {
        $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
        require($INC);
-}
- elseif (!IS_LOGGED_IN())
-{
-       LOAD_URL(URL."/modules.php?module=index");
-}
- elseif ((!EXT_IS_ACTIVE("newsletter")) && (!IS_ADMIN()))
-{
+} elseif (!IS_MEMBER()) {
+       LOAD_URL("modules.php?module=index");
+} elseif (!EXT_IS_ACTIVE("newsletter")) {
        ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "newsletter");
        return;
 }
@@ -51,18 +46,18 @@ if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
 ADD_DESCR("member", basename(__FILE__));
 
 // Load status
-$result = SQL_QUERY_ESC("SELECT nl_receive, nl_until, nl_timespan FROM "._MYSQL_PREFIX."_user_data WHERE userid=%d LIMIT 1",
+$result = SQL_QUERY_ESC("SELECT nl_receive, nl_until, nl_timespan FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
  array($GLOBALS['userid']), __FILE__, __LINE__);
 list($status, $until, $span) = SQL_FETCHROW($result);
 SQL_FREERESULT($result);
 
 // Remember charge value
-define('__CHARGE_VALUE', TRANSLATE_COMMA($CONFIG['nl_charge']));
+define('__CHARGE_VALUE', TRANSLATE_COMMA($_CONFIG['nl_charge']));
 
 if ((isset($_POST['ok'])) && ($status == "Y") && ($span == "0"))
 {
        // Save request
-       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET nl_timespan='".(ONE_DAY * 30)."' WHERE userid=%d LIMIT 1",
+       $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET nl_timespan='".(ONE_DAY * 30)."' WHERE userid=%s LIMIT 1",
         array($GLOBALS['userid']), __FILE__, __LINE__);
 
        // Load admin message
@@ -77,14 +72,7 @@ VALUES ('0', 'NEW', 'NL_UNSUBSCRIBE', '".ADMIN_NL_SUBJECT."', '".addslashes($adm
        SEND_EMAIL($GLOBALS['userid'], NL_MEMBER_SUBJECT, $msg);
 
        // Send mail to all admins
-       if (GET_EXT_VERSION("admins") >= "0.4.1")
-       {
-               SEND_ADMIN_EMAILS_PRO(NL_ADMIN_SUBJECT, "admin_newsletter_request", "", $GLOBALS['userid']);
-       }
-        else
-       {
-               SEND_ADMIN_EMAILS(NL_ADMIN_SUBJECT, $admin_msg);
-       }
+       SEND_ADMIN_NOTIFICATION(NL_ADMIN_SUBJECT, "admin_newsletter_request", "", $GLOBALS['userid']);
 
        // Display message
        LOAD_TEMPLATE("admin_settings_saved", false, NL_MEMBER_REQUEST_DONE);
@@ -102,13 +90,13 @@ VALUES ('0', 'NEW', 'NL_UNSUBSCRIBE', '".ADMIN_NL_SUBJECT."', '".addslashes($adm
        // Set status message and submit button
        switch ($status)
        {
-       case "Y": // Receives the newsletter
+       case 'Y': // Receives the newsletter
                define('__STATUS_VALUE', NL_MEMBER_ON);
                define('__UNTIL_VALUE', "");
                define('NL_SUBMIT', NL_MEMBER_SUBMIT_OFF);
                break;
 
-       case "N": // Does not receive the newsletter
+       case 'N': // Does not receive the newsletter
                define('__STATUS_VALUE', NL_MEMBER_OFF);
                define('__UNTIL_VALUE', MAKE_DATETIME($until, "2"));
                define('NL_SUBMIT', NL_MEMBER_SUBMIT_ON);