Security line in all includes changed

[mailer.git] / inc / modules / member / what-nickname.php

diff --git a/inc/modules/member/what-nickname.php b/inc/modules/member/what-nickname.php
index 5459df47803a2d0f7840935a1aecb3cbeed7e3f3..2ddb9a9624e8b7b6987b5bde1b2bc82dc400a504 100644 (file)
--- a/inc/modules/member/what-nickname.php
+++ b/inc/modules/member/what-nickname.php
@@ -32,17 +32,12 @@
  ************************************************************************/
 
 // Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
+if (!defined('__SECURITY')) {
        $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
        require($INC);
-}
- elseif (!IS_LOGGED_IN())
-{
+} elseif (!IS_MEMBER()) {
        LOAD_URL("modules.php?module=index");
-}
- elseif ((!EXT_IS_ACTIVE("nickname")) && (!IS_ADMIN()))
-{
+} elseif ((!EXT_IS_ACTIVE("nickname")) && (!IS_ADMIN())) {
        ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE, "nickname");
        return;
 }
@@ -74,7 +69,7 @@ if ($VALID)
        if (SQL_NUMROWS($result) == 0)
        {
                // Nickname not in use, so set it now
-               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET nickname='%s' WHERE userid=%d LIMIT 1",
+               $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET nickname='%s' WHERE userid=%s LIMIT 1",
                 array($_POST['nickname'], $GLOBALS['userid']), __FILE__, __LINE__);
                $content = NICKNAME_SAVED;
        }