I replaced it with a piece of old code:
Find:
// Set up variables and constants
$function = request_var('function', '');
$mode_id = request_var('mode', '');
// Check for parameters
reset ($config_data);
while (list(, $value) = each ($config_data))
{
if (!isset($config[$value]))
{
message_die(GENERAL_MESSAGE, sprintf($lang['Incomplete_configuration'], $value));
}
}
//
// Get form-data if specified and override old settings
//
if ($mode_id == 'perform')
{
if (isset($_POST['confirm']))
{
$mode_id = 'perform';
$function = request_var('function', '');
}
}
$function = request_var('function', '');
$mode_id = request_var('mode', '');
// Check for parameters
reset ($config_data);
while (list(, $value) = each ($config_data))
{
if (!isset($config[$value]))
{
message_die(GENERAL_MESSAGE, sprintf($lang['Incomplete_configuration'], $value));
}
}
//
// Get form-data if specified and override old settings
//
if ($mode_id == 'perform')
{
if (isset($_POST['confirm']))
{
$mode_id = 'perform';
$function = request_var('function', '');
}
}
Replace with:
// Set up variables and constants
$function = (isset($_GET['function'])) ? htmlspecialchars(trim($_GET['function'])) : '';
$mode_id = (isset($_GET['mode'])) ? htmlspecialchars(trim($_GET['mode'])) : '';
// Check for parameters
reset ($config_data);
while (list(, $value) = each ($config_data))
{
if (!isset($config[$value]))
{
message_die(GENERAL_MESSAGE, sprintf($lang['Incomplete_configuration'], $value));
}
}
//
// Get form-data if specified and override old settings
//
if (isset($_POST['mode']) && $_POST['mode'] == 'perform')
{
if (isset($_POST['confirm']))
{
$mode_id = 'perform';
$function = (isset($_POST['function'])) ? htmlspecialchars(trim($_POST['function'])) : '';
}
}
$function = (isset($_GET['function'])) ? htmlspecialchars(trim($_GET['function'])) : '';
$mode_id = (isset($_GET['mode'])) ? htmlspecialchars(trim($_GET['mode'])) : '';
// Check for parameters
reset ($config_data);
while (list(, $value) = each ($config_data))
{
if (!isset($config[$value]))
{
message_die(GENERAL_MESSAGE, sprintf($lang['Incomplete_configuration'], $value));
}
}
//
// Get form-data if specified and override old settings
//
if (isset($_POST['mode']) && $_POST['mode'] == 'perform')
{
if (isset($_POST['confirm']))
{
$mode_id = 'perform';
$function = (isset($_POST['function'])) ? htmlspecialchars(trim($_POST['function'])) : '';
}
}