Loggen admin with user will now be displayed

[mailer.git] / modules.php

diff --git a/modules.php b/modules.php
index 8368d269c1bfd7b44c8ba4f57d4c649a744287b9..b24aee4126bd22d93a8bf6adcd0869d94d01f4b1 100644 (file)
--- a/modules.php
+++ b/modules.php
@@ -31,8 +31,8 @@
  * MA  02110-1301  USA                                                  *
  ************************************************************************/
 
-// APD call (if you have this apache extension and want to debug this script for us)
-//apd_set_pprof_trace();
+// XDEBUG call
+//xdebug_start_trace();
 
 // Load security stuff here (Oh, I hope this is not unsecure? Am I paranoia??? ;-) )
 require_once ("inc/libs/security_functions.php");
@@ -44,12 +44,15 @@ $CSS = 0;
 $GLOBALS['what'] = ""; $GLOBALS['action'] = "";
 $GLOBALS['userid'] = 0;
 
+// Fix missing module to "index"
+if (empty($_GET['module'])) $_GET['module'] = "index";
+
+// Secure action/what if present
 if (!empty($_GET['action'])) $GLOBALS['action'] = secureString($_GET['action']);
 if (!empty($_GET['what'])) $GLOBALS['what'] = secureString($_GET['what']);
-if (empty($_GET['module'])) $_GET['module'] = "index";
 
 // Secure the module name (very important line!)
-$GLOBALS['module'] = htmlentities(strip_tags($_GET['module']), ENT_QUOTES);
+$GLOBALS['module'] = secureString($_GET['module']);
 
 // Needed include files
 require ("inc/config.php");
@@ -66,8 +69,13 @@ if (IS_MEMBER()) {
 
                // Update only cookies and no login data!
                UPDATE_LOGIN_DATA(false);
-       } else {
 
+               // Additionally admin?
+               if (IS_ADMIN()) {
+                       // Add it
+                       $username .= " ("._ADMIN_SHORT.")";
+               } // END - if
+       } else {
                // Hmmm, logged in and no valid cookies???
                $username = "<I>"._UNKNOWN."</I>";
        }