Typos fixed

[mailer.git] / modules.php

diff --git a/modules.php b/modules.php
index ed8a25842f2b2385f4a7ad9ec5fafd81778606f9..9dcd410fea12a196fa88de4278d27a7f072f9174 100644 (file)
--- a/modules.php
+++ b/modules.php
@@ -44,12 +44,15 @@ $CSS = 0;
 $GLOBALS['what'] = ""; $GLOBALS['action'] = "";
 $GLOBALS['userid'] = 0;
 
+// Fix missing module to "index"
+if (empty($_GET['module'])) $_GET['module'] = "index";
+
+// Secure action/what if present
 if (!empty($_GET['action'])) $GLOBALS['action'] = secureString($_GET['action']);
 if (!empty($_GET['what'])) $GLOBALS['what'] = secureString($_GET['what']);
-if (empty($_GET['module'])) $_GET['module'] = "index";
 
 // Secure the module name (very important line!)
-$GLOBALS['module'] = htmlentities(strip_tags($_GET['module']), ENT_QUOTES);
+$GLOBALS['module'] = secureString($_GET['module']);
 
 // Needed include files
 require ("inc/config.php");
@@ -64,17 +67,26 @@ if (IS_MEMBER()) {
                list($s, $f) = SQL_FETCHROW($result);
                $username = $s." ".$f;
 
-               // Update only cookies and no login data!
-               UPDATE_LOGIN_DATA(false);
+               // Additionally admin?
+               if (IS_ADMIN()) {
+                       // Add it
+                       $username .= " ("._ADMIN_SHORT.")";
+               } // END - if
        } else {
-
-               // Hmmm, logged in and no valid cookies???
+               // Hmmm, logged in and no valid userid?
                $username = "<I>"._UNKNOWN."</I>";
+
+               // Destroy session
+               destroy_user_session();
+
+               // Kill userid
+               $GLOBALS['userid'] = 0;
        }
 
        // Free memory
        SQL_FREERESULT($result);
 } elseif (IS_ADMIN()) {
+       // Admin is there
        $username = _ADMIN;
 } else {
        // He's a guest, hello there... ;-)