Update of /cvsroot/phpmychat/phpMyChat-0.15/chat/admin
In directory usw-pr-cvs1:/tmp/cvs-serv28423/chat/admin
Modified Files:
admin4.php3 admin3.php3 admin2.php3
Log Message:
Ooops, forgot a security fix
Index: admin4.php3
===================================================================
RCS file: /cvsroot/phpmychat/phpMyChat-0.15/chat/admin/admin4.php3,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -r1.1 -r1.2
*** admin4.php3 2001/05/05 17:26:17 1.1
--- admin4.php3 2001/05/05 17:42:55 1.2
***************
*** 30,33 ****
--- 30,42 ----
/**
+ * Ensure this script is called by the admin frameset (fix a security hole)
+ */
+ if (!isset($dbSessionVars) || empty($dbSessionVars['authUsername']))
+ {
+ exit();
+ }
+
+
+ /**
* The administrator has required an action to be done
*
Index: admin3.php3
===================================================================
RCS file: /cvsroot/phpmychat/phpMyChat-0.15/chat/admin/admin3.php3,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -r1.1 -r1.2
*** admin3.php3 2001/05/05 17:26:17 1.1
--- admin3.php3 2001/05/05 17:42:55 1.2
***************
*** 29,32 ****
--- 29,41 ----
/**
+ * Ensure this script is called by the admin frameset (fix a security hole)
+ */
+ if (!isset($dbSessionVars) || empty($dbSessionVars['authUsername']))
+ {
+ exit();
+ }
+
+
+ /**
* Cleans the messages table from a room
*
Index: admin2.php3
===================================================================
RCS file: /cvsroot/phpmychat/phpMyChat-0.15/chat/admin/admin2.php3,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -r1.1 -r1.2
*** admin2.php3 2001/05/05 17:26:17 1.1
--- admin2.php3 2001/05/05 17:42:55 1.2
***************
*** 30,33 ****
--- 30,42 ----
/**
+ * Ensure this script is called by the admin frameset (fix a security hole)
+ */
+ if (!isset($dbSessionVars) || empty($dbSessionVars['authUsername']))
+ {
+ exit();
+ }
+
+
+ /**
* Removes all banishments for an user
*
|
