X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=modules.php;h=72cd6943e0f2197d24ebd203a41ac0a52eebf8f9;hp=f4e8cbacfbbea1e21ca627b0a314841b812060c5;hb=e29553ed2308e373d899cc18c0a89a34d2a1c754;hpb=4ef4c88fc481335dc0631b223111c15a84cccb51

diff --git a/modules.php b/modules.php
index f4e8cbacfb..72cd6943e0 100644
--- a/modules.php
+++ b/modules.php
@@ -31,8 +31,8 @@
  * MA  02110-1301  USA                                                  *
  ************************************************************************/
 
-// APD call (if you have this apache extension and want to debug this script for us)
-//apd_set_pprof_trace();
+// XDEBUG call
+//xdebug_start_trace();
 
 // Load security stuff here (Oh, I hope this is not unsecure? Am I paranoia??? ;-) )
 require_once ("inc/libs/security_functions.php");
@@ -44,18 +44,21 @@ $CSS = 0;
 $GLOBALS['what'] = ""; $GLOBALS['action'] = "";
 $GLOBALS['userid'] = 0;
 
+// Fix missing module to "index"
+if (empty($_GET['module'])) $_GET['module'] = "index";
+
+// Secure action/what if present
 if (!empty($_GET['action'])) $GLOBALS['action'] = secureString($_GET['action']);
 if (!empty($_GET['what'])) $GLOBALS['what'] = secureString($_GET['what']);
-if (empty($_GET['module'])) $_GET['module'] = "index";
 
 // Secure the module name (very important line!)
-$GLOBALS['module'] = htmlentities(strip_tags($_GET['module']), ENT_QUOTES);
+$GLOBALS['module'] = secureString($_GET['module']);
 
 // Needed include files
 require ("inc/config.php");
 
 // Check if logged in
-if (IS_LOGGED_IN()) {
+if (IS_MEMBER()) {
 	// Is still logged in so we welcome him with his name
 	$result = SQL_QUERY_ESC("SELECT surname, family FROM "._MYSQL_PREFIX."_user_data WHERE userid=%s LIMIT 1",
 	 array($GLOBALS['userid']), __FILE__, __LINE__);
@@ -64,10 +67,12 @@ if (IS_LOGGED_IN()) {
 		list($s, $f) = SQL_FETCHROW($result);
 		$username = $s." ".$f;
 
-		// Update only cookies and no login data!
-		UPDATE_LOGIN_DATA(false);
+		// Additionally admin?
+		if (IS_ADMIN()) {
+			// Add it
+			$username .= " ("._ADMIN_SHORT.")";
+		} // END - if
 	} else {
-
 		// Hmmm, logged in and no valid cookies???
 		$username = "<I>"._UNKNOWN."</I>";
 	}