X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fadmin%2Fwhat-usage.php;h=3a17999e65bc0739a9662c7de7c5932bfa72b955;hp=f5afcc325e1f71456f8b4a764573aba635fd886a;hb=d18075f375db1b9db40773cdf80a5d6f2c36cd3a;hpb=5ef6ed7373ae85e5635e39e2a0adf9496a8add05 diff --git a/inc/modules/admin/what-usage.php b/inc/modules/admin/what-usage.php index f5afcc325e..3a17999e65 100644 --- a/inc/modules/admin/what-usage.php +++ b/inc/modules/admin/what-usage.php @@ -32,52 +32,46 @@ ************************************************************************/ // Some security stuff... -if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN())) -{ +if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN())) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); } + // Add description as navigation point ADD_DESCR("admin", basename(__FILE__)); -OPEN_TABLE("100%", "admin_content admin_content_align", ""); +// Base directory (should be moved to database) $usage = "usage/"; -if (!empty($_GET['image'])) -{ - if ($_GET['type'] == "usage") - { - $file = PATH.$usage."usage.png"; - } - else - { + +OPEN_TABLE("100%", "admin_content admin_content_align", ""); + +if (!empty($_GET['image'])) { + if ($_GET['type'] == "usage") { + $file = sprintf("%s%susage.png", PATH, $usage); + } else { if (strpos($_GET['image'], "\\") > 0) $_GET['image'] = substr($_GET['image'], 0, strpos($_GET['image'], "\\")); - $file = PATH.$usage.$_GET['type']."_usage_".$_GET['image'].".png"; + $file = sprintf("%s%s%s_usage_%s.png", PATH, $usage, SQL_ESCAPE($_GET['type']), SQL_ESCAPE($_GET['image'])); } - if (file_exists($file)) - { + + if ((file_exists($file)) && (is_readable($file))) { $image = imagecreatefrompng($file); header("Content-type: image/png"); imagepng($image); imagedestroy($image); } exit(); -} - elseif (empty($_GET['usage'])) -{ +} elseif (empty($_GET['usage'])) { $file = PATH.$usage."index.html"; -} - else -{ +} else { $file = sprintf("%s%susage_%s.html", PATH, $usage, SQL_ESCAPE($_GET['usage']) ); } -if ($file !="") -{ - if (file_exists($file) && is_readable($file)) - { + +if (!empty($file)) { + if (file_exists($file) && is_readable($file)) { $tmpl_file = implode("", file($file)); $tmpl_file = addslashes($tmpl_file); $tmpl_file = "\$content=\"".$tmpl_file."\";"; @@ -102,6 +96,7 @@ if ($file !="") } } } + CLOSE_TABLE(); // ?>