X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fmodules%2Fsponsor%2Fsettings.php;h=9667913cf0ee2aff6074201d93a2be4e58e2dee9;hp=927d33cf97906e6467923495d187b567ebb06126;hb=7989ec603971c0dc8dc35d8be4e72f8098b83baa;hpb=f01652b7b8efac92d97889e312402c4a845c2f14

diff --git a/inc/modules/sponsor/settings.php b/inc/modules/sponsor/settings.php
index 927d33cf97..9667913cf0 100644
--- a/inc/modules/sponsor/settings.php
+++ b/inc/modules/sponsor/settings.php
@@ -31,23 +31,23 @@
  ************************************************************************/
 
 // Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
+if (!defined('__SECURITY')) {
 	$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4)."/security.php";
 	require($INC);
-} elseif ((!EXT_IS_ACTIVE("sponsor")) && (!IS_ADMIN())) {
-	ADD_FATAL(EXTENSION_PROBLEM_EXT_INACTIVE);
+} elseif ((!EXT_IS_ACTIVE("sponsor"))
+	addFatalMessage(getMessage('EXTENSION_PROBLEM_EXT_INACTIVE'), "sponsor");
 	return;
 } elseif (!IS_SPONSOR()) {
 	// No sponsor!
-	ADD_FATAL(SPONSOR_ONLY_AREA_ENTERED);
+	addFatalMessage(getMessage('SPONSOR_ONLY_AREA_ENTERED'));
 	return;
 }
 
 // Data for the formular
 $result = SQL_QUERY_ESC("SELECT status, receive_warnings, warning_interval, email, surname, family, gender
-FROM "._MYSQL_PREFIX."_sponsor_data
+FROM `{!_MYSQL_PREFIX!}_sponsor_data`
 WHERE id='%s' AND password='%s' LIMIT 1",
- array(bigintval($_COOKIE['sponsorid']), $_COOKIE['sponsorpass']), __FILE__, __LINE__);
+ array(bigintval(get_session('sponsorid')), get_session('sponsorpass')), __FILE__, __LINE__);
 if (SQL_NUMROWS($result) == 1) {
 	// Load sponsor data
 	$content = SQL_FETCHARRAY($result);
@@ -58,7 +58,7 @@ if (SQL_NUMROWS($result) == 1) {
 			if (empty($_POST['password'])) {
 				// No current password entered
 				$MSG = SPONSOR_NO_CURRENT_PASSWORD_ENTERED;
-			} elseif (md5($_POST['password']) != $_COOKIE['sponsorpass']) {
+			} elseif (md5($_POST['password']) != get_session('sponsorpass')) {
 				// Entered password didn't match password in DB
 				$MSG = SPONSOR_CURRENT_PASSWORD_DIDNOT_MATCH_DB;
 			} else {
@@ -89,8 +89,15 @@ if (SQL_NUMROWS($result) == 1) {
 		} else {
 			// Make yes/no selection
 			switch ($content['receive_warnings']) {
-				case "Y": define('__YES', " checked"); define('__NO', "");         break;
-				case "N": define('__YES', "");         define('__NO', " checked"); break;
+				case "Y":
+					define('__YES', " checked=\"checked\"");
+					define('__NO', "");
+					break;
+
+				case "N":
+					define('__YES', "");
+					define('__NO', " checked=\"checked\"");
+					break;
 			}
 
 			// Translate current interval into fancy string
@@ -106,7 +113,7 @@ if (SQL_NUMROWS($result) == 1) {
 	}
 } else {
 	// Sponsor account not found!
-	$OUT = LOAD_TEMPLATE("admin_settings_saved", true, SPONSOR_ACCOUNT_404_1.$_COOKIE['sponsorid'].SPONSOR_ACCOUNT_404_2);
+	$OUT = LOAD_TEMPLATE("admin_settings_saved", true, sprintf(getMessage('SPONSOR_ACCOUNT_404'), get_session('sponsorid')));
 }
 
 // Free memory