From: Lo?c C. <lo...@us...> - 2001-04-04 17:48:12
|
Update of /cvsroot/phpmychat/phpMyChat-0.15/chat In directory usw-pr-cvs1:/tmp/cvs-serv23804 Modified Files: help_popup.php3 Log Message: More security Index: help_popup.php3 =================================================================== RCS file: /cvsroot/phpmychat/phpMyChat-0.15/chat/help_popup.php3,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -r1.1 -r1.2 *** help_popup.php3 2001/04/04 17:30:47 1.1 --- help_popup.php3 2001/04/04 17:47:47 1.2 *************** *** 45,57 **** * Defines the language to be used */ ! // set a "fake" dbSession array to avoid a security issue ! if (file_exists('./localization/' . $lang . '/localized.chat.' . C_EXTENSION)) { ! $dbSessionVars['lang'] = $lang; ! unset($lang); } ! if (!isset($dbSessionVars)) ! include('./localization/languages.lib.' . C_EXTENSION); ! require('./localization/' . $dbSessionVars['lang'] . '/localized.chat.' . C_EXTENSION); /** --- 45,62 ---- * Defines the language to be used */ ! if (!file_exists('./localization/' . $lang . '/localized.chat.' . C_EXTENSION)) { ! ?> ! <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd"> ! <html> ! <head><title>Error</title></head> ! <body> ! <b>No translation for this language!</b> ! </body> ! </html> ! <?php ! exit(); } ! require('./localization/' . $lang . '/localized.chat.' . C_EXTENSION); /** |