X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fframetester.php;h=aae2439303bb903a1ba88d9e109c88c7c38c7780;hp=78ab97dacca4553aac2e4ef3a3f370113aa5e669;hb=7989ec603971c0dc8dc35d8be4e72f8098b83baa;hpb=43885129ac24cee5545a8a5ad51e90aa182fdf46 diff --git a/inc/modules/frametester.php b/inc/modules/frametester.php index 78ab97dacc..aae2439303 100644 --- a/inc/modules/frametester.php +++ b/inc/modules/frametester.php @@ -32,7 +32,7 @@ ************************************************************************/ // Some security stuff... -if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) { +if (!defined('__SECURITY')) { $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php"; require($INC); } @@ -41,9 +41,9 @@ $MODE = "guest"; if (!empty($_GET['order'])) { // Order number placed, is he also logged in? - if(IS_LOGGED_IN()) { + if (IS_MEMBER()) { // Ok, test passed... :) - $result = SQL_QUERY_ESC("SELECT subject, url FROM "._MYSQL_PREFIX."_pool WHERE id=%s AND sender=%s AND data_type='TEMP' LIMIT 1", + $result = SQL_QUERY_ESC("SELECT subject, url FROM `{!_MYSQL_PREFIX!}_pool` WHERE id=%s AND sender=%s AND data_type='TEMP' LIMIT 1", array(bigintval($_GET['order']), $GLOBALS['userid']), __FILE__, __LINE__); // Finally is the entry valid? @@ -54,8 +54,7 @@ if (!empty($_GET['order'])) { // This fixes a white page $_POST['url'] = $url; - // Update his login data - UPDATE_LOGIN_DATA(); + // Mode is member $MODE = "member"; } else { // Matching line not found! @@ -71,11 +70,14 @@ if (!empty($_GET['order'])) { } if ((!empty($_POST['url'])) || (!empty($_GET['url'])) || (!empty($_GET['frame']))) { - $url = URL; - if (!empty($_POST['url'])) $url = $_POST['url']; + // Default URL is ours + $url = constant('URL'); + + // Decode URL if set in GET parameters + if (!empty($_GET['url'])) $url = decodeString(str_replace(" ", "+", compileUriCode(urldecode($_GET['url'])))); - // Decode URL if set - if (!empty($_GET['url'])) $url = COMPILE_CODE(gzuncompress(base64_decode(urldecode($_GET['url'])))); + // Use URL from POST data if set + if (!empty($_POST['url'])) $url = $_POST['url']; // Add missing element $frame = ""; @@ -100,7 +102,7 @@ if ((!empty($_POST['url'])) || (!empty($_GET['url'])) || (!empty($_GET['frame']) break; case "test_top": - OUTPUT_HTML("".GUEST_FRAMETESTER_TOP.""); + LOAD_TEMPLATE("admin_settings_saved", false, "
{--GUEST_FRAMETESTER_TOP--}"); break; case "back": // Back buttom