[phpMyChat CVS] CVS: phpMyChat-0.15/chat/localization tutorial.lib.php3,1.2,1.3 languages.lib.php3,1

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/phpmychat/phpMyChat-0.15/chat/localization
In directory usw-pr-cvs1:/tmp/cvs-serv12012/chat/localization

Modified Files:
	tutorial.lib.php3 languages.lib.php3 admin.lib.php3 
Log Message:
Fix a security issue

Index: tutorial.lib.php3
===================================================================
RCS file: /cvsroot/phpmychat/phpMyChat-0.15/chat/localization/tutorial.lib.php3,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -r1.2 -r1.3
*** tutorial.lib.php3	2001/04/10 16:58:35	1.2
--- tutorial.lib.php3	2001/04/16 12:24:29	1.3
***************
*** 49,55 ****
  	while ($notFound && list($key, $name) = each($availableTutorials))
  	{
! 		// $envType =	1 for the 'HTTP_ACCEPT_LANGUAGE' environment variable,
  		// 				2 for the 'HTTP_USER_AGENT' one
! 		if (	($envType == 1 && eregi('^' . $key . '$', $str))
  			||	($envType == 2 && eregi('(\(|\[|;[[:space:]])' . $key . '(;|\]|\))', $str)))
  		{
--- 49,57 ----
  	while ($notFound && list($key, $name) = each($availableTutorials))
  	{
! 		// $envType =	0 for a simple variable,
! 		// 				1 for the 'HTTP_ACCEPT_LANGUAGE' environment variable,
  		// 				2 for the 'HTTP_USER_AGENT' one
! 		if (	($envType == 0 && strcasecmp($name, $str) == 0)
! 			||	($envType == 1 && eregi('^' . $key . '$', $str))
  			||	($envType == 2 && eregi('(\(|\[|;[[:space:]])' . $key . '(;|\]|\))', $str)))
  		{
***************
*** 96,104 ****
   * Finds the appropriate language file
   */
! // If a language is defined in a cookie, ensures the translation exists
! if (isset($cookieLang)
! 		&& file_exists('./localization/' . $cookieLang . '/tutorial.loc'))
  {
! 	$lang = $cookieLang;
  }
  
--- 98,114 ----
   * Finds the appropriate language file
   */
! // No multi-language support -> use the default language
! if (!C_MULTI_LANG)
  {
! 	$lang	= C_LANGUAGE;
! }
! 
! // A language is defined in a cookie or a variable, ensures the translation
! // exists
! else if (isset($lang) || isset($cookieLang))
! {
! 	$toCheck				= (isset($lang)) ? $lang : $cookieLang;
! 	$lang					= '';
! 	pmcTutorialDetect($toCheck, 0);
  }
  

Index: languages.lib.php3
===================================================================
RCS file: /cvsroot/phpmychat/phpMyChat-0.15/chat/localization/languages.lib.php3,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -r1.2 -r1.3
*** languages.lib.php3	2001/04/10 16:58:35	1.2
--- languages.lib.php3	2001/04/16 12:24:29	1.3
***************
*** 49,55 ****
  	while ($notFound && list($key, $name) = each($availableLanguages))
  	{
! 		// $envType =	1 for the 'HTTP_ACCEPT_LANGUAGE' environment variable,
  		// 				2 for the 'HTTP_USER_AGENT' one
! 		if (	($envType == 1 && eregi('^' . $key . '$', $str))
  			||	($envType == 2 && eregi('(\(|\[|;[[:space:]])' . $key . '(;|\]|\))', $str)))
  		{
--- 49,57 ----
  	while ($notFound && list($key, $name) = each($availableLanguages))
  	{
! 		// $envType =	0 for a simple session value,
! 		// 				1 for the 'HTTP_ACCEPT_LANGUAGE' environment variable,
  		// 				2 for the 'HTTP_USER_AGENT' one
! 		if (	($envType == 0 && strcasecmp($name, $str) == 0)
! 			||	($envType == 1 && eregi('^' . $key . '$', $str))
  			||	($envType == 2 && eregi('(\(|\[|;[[:space:]])' . $key . '(;|\]|\))', $str)))
  		{
***************
*** 102,117 ****
   * Finds the appropriate language file
   */
! // The language is already defined
! if ((dbSessionIsRegistered('lang') && !empty($dbSessionVars['lang']))
! 	|| C_MULTI_LANG == 0)
  {
  	// void
  }
! 
! // If a language is defined in a cookie, ensures the translation exists
! else if (isset($cookieLang)
! 		&& file_exists('./' . _CHAT_PATH . 'localization/' . $cookieLang . '/chat.loc'))
  {
! 	$dbSessionVars['lang'] = $cookieLang;
  }
  
--- 104,126 ----
   * Finds the appropriate language file
   */
! // No multi-language support -> use the default language
! if (!C_MULTI_LANG)
  {
+ 	$dbSessionVars['lang']	= C_LANGUAGE;
+ }
+ // The language is already defined among session data and the user doesn't
+ // want it to be changed -> do nothing
+ else if ((dbSessionIsRegistered('lang') && !empty($dbSessionVars['lang']))
+ 			&& empty($lang))
+ {
  	// void
  }
! // A language is defined in a cookie or a variable, ensures the translation
! // exists
! else if (isset($lang) || isset($cookieLang))
  {
! 	$toCheck				= (isset($lang)) ? $lang : $cookieLang;
! 	unset($lang);
! 	pmcLangDetect($toCheck, 0);
  }
  

Index: admin.lib.php3
===================================================================
RCS file: /cvsroot/phpmychat/phpMyChat-0.15/chat/localization/admin.lib.php3,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -r1.2 -r1.3
*** admin.lib.php3	2001/04/10 16:58:35	1.2
--- admin.lib.php3	2001/04/16 12:24:29	1.3
***************
*** 49,59 ****
  	while ($notFound && list($key, $name) = each($availableAdmins))
  	{
! 		// $envType =	1 for the 'HTTP_ACCEPT_LANGUAGE' environment variable,
  		// 				2 for the 'HTTP_USER_AGENT' one
! 		if (	($envType == 1 && eregi('^' . $key . '$', $str))
  			||	($envType == 2 && eregi('(\(|\[|;[[:space:]])' . $key . '(;|\]|\))', $str)))
  		{
! 			$lang		= $availableAdmins[$key];
! 			$notFound	= false;
  		}
  	}
--- 49,61 ----
  	while ($notFound && list($key, $name) = each($availableAdmins))
  	{
! 		// $envType =	0 for a simple cookie value,
! 		// 				1 for the 'HTTP_ACCEPT_LANGUAGE' environment variable,
  		// 				2 for the 'HTTP_USER_AGENT' one
! 		if (	($envType == 0 && strcasecmp($name, $str) == 0)
! 			||	($envType == 1 && eregi('^' . $key . '$', $str))
  			||	($envType == 2 && eregi('(\(|\[|;[[:space:]])' . $key . '(;|\]|\))', $str)))
  		{
! 			$$dbSessionVars['lang']	= $availableAdmins[$key];
! 			$notFound				= false;
  		}
  	}
***************
*** 98,105 ****
   */
  // If a language is defined in a cookie, ensures the translation exists
! if (isset($cookieLang)
! 		&& file_exists('./localization/' . $cookieLang . '/admin.loc'))
  {
! 	$lang = $cookieLang;
  }
  
--- 100,106 ----
   */
  // If a language is defined in a cookie, ensures the translation exists
! if (isset($cookieLang))
  {
! 	pmcTutorialDetect($cookieLang, 0);
  }
  
***************
*** 120,127 ****
  
  // If no translation has been retained, uses the default one
! if (!isset($lang))
! 	$lang	= (file_exists('./localization/' . C_LANGUAGE . '/admin.loc'))
! 			? C_LANGUAGE
! 			: 'english';
  
  // Clears the table
--- 121,128 ----
  
  // If no translation has been retained, uses the default one
! if (empty($lang))
! 	$dbSessionVars['lang']	= (file_exists('./localization/' . C_LANGUAGE . '/admin.loc'))
! 							? C_LANGUAGE
! 							: 'english';
  
  // Clears the table

[phpMyChat CVS] CVS: phpMyChat-0.15/chat/localization tutorial.lib.php3,1.2,1.3 languages.lib.php3,1

Standalone chat system developed in php, mysql and javascript

[phpMyChat CVS] CVS: phpMyChat-0.15/chat/localization tutorial.lib.php3,1.2,1.3 languages.lib.php3,1.2,1.3 admin.lib.php3,1.2,1.3