************************************************************************/
// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
+if (!defined('__SECURITY')) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php";
require($INC);
} elseif ((!EXT_IS_ACTIVE("sponsor")) && (!IS_ADMIN())) {
- $FATAL[] = EXTENSION_PROBLEM_EXT_INACTIVE;
+ ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE);
return;
} elseif (!IS_SPONSOR()) {
// No sponsor!
- $FATAL[] = SPONSOR_ONLY_AREA_ENTERED;
+ ADD_FATAL(SPONSOR_ONLY_AREA_ENTERED);
return;
}
// Data for the formular
-$result = SQL_QUERY_ESC("SELECT status, receive_warnings, warning_interval, email, surname, family, salut
+$result = SQL_QUERY_ESC("SELECT status, receive_warnings, warning_interval, email, surname, family, gender
FROM "._MYSQL_PREFIX."_sponsor_data
WHERE id='%s' AND password='%s' LIMIT 1",
array(bigintval($_COOKIE['sponsorid']), $_COOKIE['sponsorpass']), __FILE__, __LINE__);
$MSG = SPONSOR_CURRENT_PASSWORD_DIDNOT_MATCH_DB;
} else {
// Unsecure data which we don't want here
- $UNSAFE = array('company', 'position', 'tax_ident', 'salut', 'surname', 'family',
+ $UNSAFE = array('company', 'position', 'tax_ident', 'gender', 'surname', 'family',
'street_nr1', 'street_nr2', 'zip', 'city', 'country', 'phone', 'fax', 'cell',
'email', 'url');
projects / mailer.git / blobdiff