Security line in all includes changed

[mailer.git] / inc / profile-updte.php

diff --git a/inc/profile-updte.php b/inc/profile-updte.php
index 24b0319862ae388301208f646ece537208bb629a..fb40eb9efaae394d0e80babaf1fb87d6c9f3fc94 100644 (file)
--- a/inc/profile-updte.php
+++ b/inc/profile-updte.php
@@ -33,8 +33,7 @@
  ************************************************************************/
 
 // Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
+if (!defined('__SECURITY')) {
        $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
        require($INC);
 }
@@ -46,7 +45,7 @@ if (($_CONFIG['send_prof_update'] == "Y") && ($_CONFIG['profile_update'] > 0) &&
        $TIMEOUT2 = bigintval(time() - $_CONFIG['resend_profile_update']);
 
        // Load personal data              0      1     2      3        4          5         6
-       $result = SQL_QUERY_ESC("SELECT userid, email, sex, surname, family, last_update, joined
+       $result = SQL_QUERY_ESC("SELECT userid, email, gender, surname, family, last_update, joined
  FROM "._MYSQL_PREFIX."_user_data
  WHERE (last_update < %s AND last_update != '0' AND last_profile_sent < %s) OR (last_update='0' AND last_profile_sent='0' AND joined < %s)
  ORDER BY userid", array($TIMEOUT, $TIMEOUT2, $TIMEOUT), __FILE__, __LINE__);
@@ -72,7 +71,7 @@ if (($_CONFIG['send_prof_update'] == "Y") && ($_CONFIG['profile_update'] > 0) &&
                        SEND_EMAIL($DATA[1], PROFILE_OUTDATED, $msg);
 
                        // Update profile data
-                       $result_update = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET last_profile_sent=UNIX_TIMESTAMP(), notified='Y' WHERE userid=%d LIMIT 1",
+                       $result_update = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET last_profile_sent=UNIX_TIMESTAMP(), notified='Y' WHERE userid=%s LIMIT 1",
                         array(bigintval($DATA[0])), __FILE__, __LINE__);
                }
        }