Direct registration added, typo fixed, admin session on missing/failed login fixed...

[mailer.git] / modules.php

diff --git a/modules.php b/modules.php
index b24aee4126bd22d93a8bf6adcd0869d94d01f4b1..3787101d996b47b7f8642cc51900be9dfb0efe20 100644 (file)
--- a/modules.php
+++ b/modules.php
@@ -67,22 +67,26 @@ if (IS_MEMBER()) {
                list($s, $f) = SQL_FETCHROW($result);
                $username = $s." ".$f;
 
-               // Update only cookies and no login data!
-               UPDATE_LOGIN_DATA(false);
-
                // Additionally admin?
                if (IS_ADMIN()) {
                        // Add it
                        $username .= " ("._ADMIN_SHORT.")";
                } // END - if
        } else {
-               // Hmmm, logged in and no valid cookies???
+               // Hmmm, logged in and no valid userid?
                $username = "<I>"._UNKNOWN."</I>";
+
+               // Destroy session
+               destroy_user_session();
+
+               // Kill userid
+               $GLOBALS['userid'] = 0;
        }
 
        // Free memory
        SQL_FREERESULT($result);
 } elseif (IS_ADMIN()) {
+       // Admin is there
        $username = _ADMIN;
 } else {
        // He's a guest, hello there... ;-)
@@ -106,7 +110,7 @@ if ((!empty($_CONFIG['maintenance'])) && ($_CONFIG['maintenance'] == "Y") && (!I
        case "mem_only":
        case "done":
                // Construct module name
-               define('__MODULE', sprintf("%sinc/modules/%s.php", PATH, $GLOBALS['module']));
+               define('__MODULE', sprintf("%sinc/modules/%s.php", PATH, SQL_ESCAPE($GLOBALS['module'])));
 
                // Does the module exists on local file system?
                if ((FILE_READABLE(__MODULE)) && (sizeof($FATAL) == 0)) {