X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fstylesheet.php;h=10341b96e8652fcb0e7832a3922b69beca7866dd;hp=497339beb8f04e02050180306449f824268e4989;hb=7f104f6fe558bb56b4205241435a2357c2feece1;hpb=4ef4c88fc481335dc0631b223111c15a84cccb51
diff --git a/inc/stylesheet.php b/inc/stylesheet.php
index 497339beb8..10341b96e8 100644
--- a/inc/stylesheet.php
+++ b/inc/stylesheet.php
@@ -32,8 +32,7 @@
************************************************************************/
// Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF']))
-{
+if (!defined('__SECURITY')) {
$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
require($INC);
}
@@ -50,11 +49,9 @@ if ((basename($_SERVER['PHP_SELF']) == "install.php") || (!isBooleanConstantAndT
if (empty($_CONFIG['css_php'])) $_CONFIG['css_php'] = "FILE";
// Output CSS files or content or link to css.php ?
-if (($CSS == "1") || ($_CONFIG['css_php'] == "DIRECT"))
-{
+if (($CSS == "1") || ($_CONFIG['css_php'] == "DIRECT")) {
// Load CSS files
- if (is_array($EXT_CSS_FILES))
- {
+ if (is_array($EXT_CSS_FILES)) {
// Load extension's CSS files
foreach ($EXT_CSS_FILES as $value) $STYLES[] = $value;
}
@@ -65,11 +62,10 @@ if (($CSS == "1") || ($_CONFIG['css_php'] == "DIRECT"))
function GET_CURR_THEME () {
return "default";
}
- }
+ } // END - if
// Output inclusion lines
- foreach ($STYLES as $value)
- {
+ foreach ($STYLES as $value) {
// Only include found CSS files (to reduce 404 requests)
$BASE = sprintf("%stheme/%s/css/", PATH, GET_CURR_THEME());
$file = $BASE.$value;
@@ -78,7 +74,7 @@ if (($CSS == "1") || ($_CONFIG['css_php'] == "DIRECT"))
if ((FILE_READABLE($file)) && (filesize($file) > 0)) {
switch ($_CONFIG['css_php']) {
case "DIRECT":
- OUTPUT_HTML("");
+ OUTPUT_HTML("");
break;
case "FILE":
@@ -94,8 +90,8 @@ if (($CSS == "1") || ($_CONFIG['css_php'] == "DIRECT"))
if (isBooleanConstantAndTrue('mxchange_installing')) {
// Default theme first
$NEW_THEME = "default";
- if (!empty($_GET['theme'])) $NEW_THEME = $_GET['theme'];
- if (!empty($_POST['theme'])) $NEW_THEME = $_POST['theme'];
+ if (!empty($_GET['theme'])) $NEW_THEME = SQL_ESCAPE($_GET['theme']);
+ if (!empty($_POST['theme'])) $NEW_THEME = SQL_ESCAPE($_POST['theme']);
OUTPUT_HTML("?theme=".$NEW_THEME."&installing=1", false);
}
OUTPUT_HTML("\" />");