From: Lo?c C. <lo...@us...> - 2001-12-27 14:41:26
|
Update of /cvsroot/phpmychat/phpMyChat - 0.14/chat/lib In directory usw-pr-cvs1:/tmp/cvs-serv26861 Modified Files: login.lib.php3 Log Message: fixed a security issue ***** Bogus filespec: - ***** Bogus filespec: 0.14/chat/lib Index: login.lib.php3 =================================================================== RCS file: /cvsroot/phpmychat/phpMyChat - 0.14/chat/lib/login.lib.php3,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -r1.6 -r1.7 *** login.lib.php3 2001/12/08 13:50:04 1.6 --- login.lib.php3 2001/12/27 14:41:23 1.7 *************** *** 3,6 **** --- 3,7 ---- { // Ensure the password is a correct one + $do_not_login = false; $DbLink4Login = new DB; $DbLink4Login->query("SELECT password,perms FROM ".C_REG_TBL." WHERE username='$pmc_username' LIMIT 1"); *************** *** 21,24 **** --- 22,29 ---- } } + else if (isset($perms)) + { + unset($perms); + } $DbLink4Login->clean_results(); $DbLink4Login->close(); *************** *** 26,30 **** // If no login yet entered ! if (!isset($do_not_login)) { --- 31,35 ---- // If no login yet entered ! if (!isset($do_not_login) || !$do_not_login) { |