[phpMyChat CVS] CVS: phpMyChat-0.15/chat/admin admin_top.php3,1.1,1.2 admin_body.php3,1.2,1.3 admin4.php3,1.2,1.3 admin3.php3,1.3,1.4 admin2.php3,1.3,1.4 admin1.php3,1.2,1.3

[Lo?c C. <lo...@us...>]

Update of /cvsroot/phpmychat/phpMyChat-0.15/chat/admin
In directory usw-pr-cvs1:/tmp/cvs-serv15437/chat/admin

Modified Files:
	admin_top.php3 admin_body.php3 admin4.php3 admin3.php3 
	admin2.php3 admin1.php3 
Log Message:
Fixed some possibily security issues

Index: admin_top.php3
===================================================================
RCS file: /cvsroot/phpmychat/phpMyChat-0.15/chat/admin/admin_top.php3,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -r1.1 -r1.2
*** admin_top.php3	2001/05/05 17:26:17	1.1
--- admin_top.php3	2001/05/30 08:07:13	1.2
***************
*** 27,30 ****
--- 27,39 ----
  
  /**
+  * Ensure this script is called by the admin frameset (fix a security hole)
+  */
+ if (!dbSessionIsRegistered('authUsername'))
+ {
+ 	exit();
+ }
+ 
+ 
+ /**
   * Displays the webpage
   *

Index: admin_body.php3
===================================================================
RCS file: /cvsroot/phpmychat/phpMyChat-0.15/chat/admin/admin_body.php3,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -r1.2 -r1.3
*** admin_body.php3	2001/05/20 11:48:55	1.2
--- admin_body.php3	2001/05/30 08:07:13	1.3
***************
*** 31,35 ****
   * Ensure this script is called by the admin frameset (fix a security hole)
   */
! if (!isset($dbSessionVars) || empty($dbSessionVars['authUsername']))
  {
  	exit();
--- 31,35 ----
   * Ensure this script is called by the admin frameset (fix a security hole)
   */
! if (!dbSessionIsRegistered('authUsername'))
  {
  	exit();

Index: admin4.php3
===================================================================
RCS file: /cvsroot/phpmychat/phpMyChat-0.15/chat/admin/admin4.php3,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -r1.2 -r1.3
*** admin4.php3	2001/05/05 17:42:55	1.2
--- admin4.php3	2001/05/30 08:07:13	1.3
***************
*** 32,36 ****
   * Ensure this script is called by the admin frameset (fix a security hole)
   */
! if (!isset($dbSessionVars) || empty($dbSessionVars['authUsername']))
  {
  	exit();
--- 32,36 ----
   * Ensure this script is called by the admin frameset (fix a security hole)
   */
! if (!dbSessionIsRegistered('authUsername'))
  {
  	exit();

Index: admin3.php3
===================================================================
RCS file: /cvsroot/phpmychat/phpMyChat-0.15/chat/admin/admin3.php3,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -r1.3 -r1.4
*** admin3.php3	2001/05/26 11:55:58	1.3
--- admin3.php3	2001/05/30 08:07:13	1.4
***************
*** 31,35 ****
   * Ensure this script is called by the admin frameset (fix a security hole)
   */
! if (!isset($dbSessionVars) || empty($dbSessionVars['authUsername']))
  {
  	exit();
--- 31,35 ----
   * Ensure this script is called by the admin frameset (fix a security hole)
   */
! if (!dbSessionIsRegistered('authUsername'))
  {
  	exit();

Index: admin2.php3
===================================================================
RCS file: /cvsroot/phpmychat/phpMyChat-0.15/chat/admin/admin2.php3,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -r1.3 -r1.4
*** admin2.php3	2001/05/20 11:48:55	1.3
--- admin2.php3	2001/05/30 08:07:13	1.4
***************
*** 32,36 ****
   * Ensure this script is called by the admin frameset (fix a security hole)
   */
! if (!isset($dbSessionVars) || empty($dbSessionVars['authUsername']))
  {
  	exit();
--- 32,36 ----
   * Ensure this script is called by the admin frameset (fix a security hole)
   */
! if (!dbSessionIsRegistered('authUsername'))
  {
  	exit();

Index: admin1.php3
===================================================================
RCS file: /cvsroot/phpmychat/phpMyChat-0.15/chat/admin/admin1.php3,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -r1.2 -r1.3
*** admin1.php3	2001/05/20 11:48:55	1.2
--- admin1.php3	2001/05/30 08:07:13	1.3
***************
*** 33,37 ****
   * Ensure this script is called by the admin frameset (fix a security hole)
   */
! if (!isset($dbSessionVars) || empty($dbSessionVars['authUsername']))
  {
  	exit();
--- 33,37 ----
   * Ensure this script is called by the admin frameset (fix a security hole)
   */
! if (!dbSessionIsRegistered('authUsername'))
  {
  	exit();