Direct registration added, typo fixed, admin session on missing/failed login fixed...

[mailer.git] / modules.php

diff --git a/modules.php b/modules.php
index 9c13ae64377b7b7fd5e08586e399543d35f93a10..3787101d996b47b7f8642cc51900be9dfb0efe20 100644 (file)
--- a/modules.php
+++ b/modules.php
@@ -67,17 +67,26 @@ if (IS_MEMBER()) {
                list($s, $f) = SQL_FETCHROW($result);
                $username = $s." ".$f;
 
-               // Update only cookies and no login data!
-               UPDATE_LOGIN_DATA(false);
+               // Additionally admin?
+               if (IS_ADMIN()) {
+                       // Add it
+                       $username .= " ("._ADMIN_SHORT.")";
+               } // END - if
        } else {
-
-               // Hmmm, logged in and no valid cookies???
+               // Hmmm, logged in and no valid userid?
                $username = "<I>"._UNKNOWN."</I>";
+
+               // Destroy session
+               destroy_user_session();
+
+               // Kill userid
+               $GLOBALS['userid'] = 0;
        }
 
        // Free memory
        SQL_FREERESULT($result);
 } elseif (IS_ADMIN()) {
+       // Admin is there
        $username = _ADMIN;
 } else {
        // He's a guest, hello there... ;-)
@@ -101,7 +110,7 @@ if ((!empty($_CONFIG['maintenance'])) && ($_CONFIG['maintenance'] == "Y") && (!I
        case "mem_only":
        case "done":
                // Construct module name
-               define('__MODULE', sprintf("%sinc/modules/%s.php", PATH, $GLOBALS['module']));
+               define('__MODULE', sprintf("%sinc/modules/%s.php", PATH, SQL_ESCAPE($GLOBALS['module'])));
 
                // Does the module exists on local file system?
                if ((FILE_READABLE(__MODULE)) && (sizeof($FATAL) == 0)) {