[Openfirst-cvscommit] projects viewmeeting.php,1.6,1.7

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/openfirst/projects
In directory sc8-pr-cvs1:/tmp/cvs-serv24108

Modified Files:
	viewmeeting.php 
Log Message:
IMPORTANT: Fix a privilege escalation SECURITY VULNERABILITY, use include_once() instead of include() where appropriate, fix minor spacing issues.

Index: viewmeeting.php
===================================================================
RCS file: /cvsroot/openfirst/projects/viewmeeting.php,v
retrieving revision 1.6
retrieving revision 1.7
diff -C2 -d -r1.6 -r1.7
*** viewmeeting.php	12 Oct 2003 23:39:14 -0000	1.6
--- viewmeeting.php	23 Oct 2003 13:34:56 -0000	1.7
***************
*** 28,34 ****
  
    // Include globals and set header condense (not coded yet)
!   include("../config/globals.php");
    $header_condense = true;
!   include($header);
  
    // Check if user is a member
--- 28,34 ----
  
    // Include globals and set header condense (not coded yet)
!   include_once("../config/globals.php");
    $header_condense = true;
!   include_once($header);
  
    // Check if user is a member
***************
*** 43,47 ****
        if(! isset($_POST['absent'])){
          echo "<br><br>You must select users who were absent of click none! Click back to continue.<br><br><br>";
!         die(include($footer));
        }
  
--- 43,47 ----
        if(! isset($_POST['absent'])){
          echo "<br><br>You must select users who were absent of click none! Click back to continue.<br><br><br>";
!         die(include_once($footer));
        }
  
***************
*** 59,63 ****
                Status = 'done' WHERE ID = '".$_GET['ID']."'") or die(ofirst_dberror());
        echo "<br><br>Meeting updated! [ <a href='meetings.php'>Meetings</a> ]<br><br>";
!       die(include($footer));
      }
  
--- 59,63 ----
                Status = 'done' WHERE ID = '".$_GET['ID']."'") or die(ofirst_dberror());
        echo "<br><br>Meeting updated! [ <a href='meetings.php'>Meetings</a> ]<br><br>";
!       die(include_once($footer));
      }
  
***************
*** 84,88 ****
      // List people who meeting was arranged for
      $assign = explode(",",$meeting->ArrangedFor);
!     foreach($assign as $assign){
        $query = ofirst_dbquery("SELECT * FROM ofirst_projects_groups WHERE ID = '".$assign."' ORDER BY GroupName;");
        $group = ofirst_dbfetch_object($query);
--- 84,88 ----
      // List people who meeting was arranged for
      $assign = explode(",",$meeting->ArrangedFor);
!     foreach($assign as $assign) {
        $query = ofirst_dbquery("SELECT * FROM ofirst_projects_groups WHERE ID = '".$assign."' ORDER BY GroupName;");
        $group = ofirst_dbfetch_object($query);
***************
*** 109,114 ****
  <br>
  <?php
! if($meeting->Status != "done"){
! if($user->membertype = "administrator"){
  ?>
  <form onsubmit="return dhtmlEditorPrepareSubmit();" action='viewmeeting.php?ID=<?php echo $_GET['ID']; ?>' method='POST'>
--- 109,113 ----
  <br>
  <?php
!   if($meeting->Status != "done" && $user->membertype == "administrator") {
  ?>
  <form onsubmit="return dhtmlEditorPrepareSubmit();" action='viewmeeting.php?ID=<?php echo $_GET['ID']; ?>' method='POST'>
***************
*** 158,162 ****
          // List the people currently in the array
          foreach($people as $people){
!            echo "\n            <option>$people</option>";
          }
  
--- 157,161 ----
          // List the people currently in the array
          foreach($people as $people){
!           echo "\n            <option>$people</option>";
          }
  
***************
*** 173,179 ****
  <br>
  <?php
!    }
!   }
    }
! include($footer);
! ?>
\ No newline at end of file
--- 172,177 ----
  <br>
  <?php
!     }
    }
! include_once($footer);
! ?>