Update of /cvsroot/phpmychat/phpMyChat-0.15/chat/lib/index_libs
In directory usw-pr-cvs1:/tmp/cvs-serv12012/chat/lib/index_libs
Modified Files:
main_index.lib.php3
Log Message:
Fix a security issue
Index: main_index.lib.php3
===================================================================
RCS file: /cvsroot/phpmychat/phpMyChat-0.15/chat/lib/index_libs/main_index.lib.php3,v
retrieving revision 1.14
retrieving revision 1.15
diff -C2 -r1.14 -r1.15
*** main_index.lib.php3 2001/04/14 16:05:06 1.14
--- main_index.lib.php3 2001/04/16 12:24:29 1.15
***************
*** 101,111 ****
* Defines the language to be used
*/
! if (!empty($lang)
! && file_exists('./' . _CHAT_PATH . 'localization/' . $lang . '/chat.loc'))
! {
! $dbSessionVars['lang'] = $lang;
! unset($lang);
! }
! require('./' . _CHAT_PATH . 'localization/languages.lib.' . C_EXTENSION);
require('./' . _CHAT_PATH . 'localization/' . $dbSessionVars['lang'] . '/chat.loc');
--- 101,106 ----
* Defines the language to be used
*/
! if (!dbSessionIsRegistered('lang') || !empty($lang))
! include('./' . _CHAT_PATH . 'localization/languages.lib.' . C_EXTENSION);
require('./' . _CHAT_PATH . 'localization/' . $dbSessionVars['lang'] . '/chat.loc');
***************
*** 381,384 ****
--- 376,385 ----
// Updates tables
include('./' . _CHAT_PATH . 'lib/index_libs/do_enter_db_work.lib.' . C_EXTENSION);
+ $dbSessionDbLink->close();
+ unset($dbSessionDbLink);
+ // The db link below should be closed but this can't be done under
+ // Apache because links id aren't updated :(
+ // $dbLink->close();
+ // unset($dbLink);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN" "DTD/xhtml1-frameset.dtd">
***************
*** 400,404 ****
</html>
<?php
- $dbLink->close();
exit();
} // end of the case where entering the chat is allowed
--- 401,404 ----
***************
*** 833,837 ****
dbSessionUnregister($toUnregister);
dbSessionSave();
! $dbLink->close();
} // end of the 'pmcStartpageLayout()' function
?>
--- 833,842 ----
dbSessionUnregister($toUnregister);
dbSessionSave();
! $GLOBALS['dbSessionDbLink']->close();
! unset($dbSessionDbLink);
! // The db link below should be closed but this can't be done under Apache
! // because links id aren't updated :(
! //$dbLink->close();
! //unset($dbLink);
} // end of the 'pmcStartpageLayout()' function
?>
|
