Update of /cvsroot/phpmychat/phpMyChat-0.15/chat/lib/index_libs
In directory usw-pr-cvs1:/tmp/cvs-serv24621/chat/lib/index_libs
Modified Files:
main_index.lib.php3
Log Message:
Fixed the security issue Sergei found
Index: main_index.lib.php3
===================================================================
RCS file: /cvsroot/phpmychat/phpMyChat-0.15/chat/lib/index_libs/main_index.lib.php3,v
retrieving revision 1.32
retrieving revision 1.33
diff -C2 -r1.32 -r1.33
*** main_index.lib.php3 2001/05/23 21:40:30 1.32
--- main_index.lib.php3 2001/05/28 19:54:48 1.33
***************
*** 141,145 ****
// Unset some variables that may be the cause of security holes
! if ($dbSessionIsNew)
{
if (isset($exitMessage))
--- 141,146 ----
// Unset some variables that may be the cause of security holes
! if ($dbSessionIsNew
! || !(dbSessionIsRegistered('nick') && dbSessionIsRegistered('roomType') && dbSessionIsRegistered('currentRoom') && dbSessionIsRegistered('jsVersion')))
{
if (isset($exitMessage))
***************
*** 149,152 ****
--- 150,175 ----
if (isset($reloading))
unset($reloading);
+ }
+ else if (isset($newTargetRoom)
+ && $dbSessionVars['jsVersion'] != 'noJs')
+ {
+ if (isset($exitMessage))
+ unset($exitMessage);
+ unset($newTargetRoom);
+ if (isset($reloading))
+ unset($reloading);
+ if (isset($submitType))
+ unset($submitType);
+ }
+ else if (isset($reloading)
+ && $dbSessionVars['jsVersion'] != 'high')
+ {
+ if (isset($exitMessage))
+ unset($exitMessage);
+ if (isset($newTargetRoom))
+ unset($newTargetRoom);
+ unset($reloading);
+ if (isset($submitType))
+ unset($submitType);
}
|
