Update of /cvsroot/phpmychat/phpMyChat-0.15/chat/admin
In directory usw-pr-cvs1:/tmp/cvs-serv15437/chat/admin
Modified Files:
admin_top.php3 admin_body.php3 admin4.php3 admin3.php3
admin2.php3 admin1.php3
Log Message:
Fixed some possibily security issues
Index: admin_top.php3
===================================================================
RCS file: /cvsroot/phpmychat/phpMyChat-0.15/chat/admin/admin_top.php3,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -r1.1 -r1.2
*** admin_top.php3 2001/05/05 17:26:17 1.1
--- admin_top.php3 2001/05/30 08:07:13 1.2
***************
*** 27,30 ****
--- 27,39 ----
/**
+ * Ensure this script is called by the admin frameset (fix a security hole)
+ */
+ if (!dbSessionIsRegistered('authUsername'))
+ {
+ exit();
+ }
+
+
+ /**
* Displays the webpage
*
Index: admin_body.php3
===================================================================
RCS file: /cvsroot/phpmychat/phpMyChat-0.15/chat/admin/admin_body.php3,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -r1.2 -r1.3
*** admin_body.php3 2001/05/20 11:48:55 1.2
--- admin_body.php3 2001/05/30 08:07:13 1.3
***************
*** 31,35 ****
* Ensure this script is called by the admin frameset (fix a security hole)
*/
! if (!isset($dbSessionVars) || empty($dbSessionVars['authUsername']))
{
exit();
--- 31,35 ----
* Ensure this script is called by the admin frameset (fix a security hole)
*/
! if (!dbSessionIsRegistered('authUsername'))
{
exit();
Index: admin4.php3
===================================================================
RCS file: /cvsroot/phpmychat/phpMyChat-0.15/chat/admin/admin4.php3,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -r1.2 -r1.3
*** admin4.php3 2001/05/05 17:42:55 1.2
--- admin4.php3 2001/05/30 08:07:13 1.3
***************
*** 32,36 ****
* Ensure this script is called by the admin frameset (fix a security hole)
*/
! if (!isset($dbSessionVars) || empty($dbSessionVars['authUsername']))
{
exit();
--- 32,36 ----
* Ensure this script is called by the admin frameset (fix a security hole)
*/
! if (!dbSessionIsRegistered('authUsername'))
{
exit();
Index: admin3.php3
===================================================================
RCS file: /cvsroot/phpmychat/phpMyChat-0.15/chat/admin/admin3.php3,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -r1.3 -r1.4
*** admin3.php3 2001/05/26 11:55:58 1.3
--- admin3.php3 2001/05/30 08:07:13 1.4
***************
*** 31,35 ****
* Ensure this script is called by the admin frameset (fix a security hole)
*/
! if (!isset($dbSessionVars) || empty($dbSessionVars['authUsername']))
{
exit();
--- 31,35 ----
* Ensure this script is called by the admin frameset (fix a security hole)
*/
! if (!dbSessionIsRegistered('authUsername'))
{
exit();
Index: admin2.php3
===================================================================
RCS file: /cvsroot/phpmychat/phpMyChat-0.15/chat/admin/admin2.php3,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -r1.3 -r1.4
*** admin2.php3 2001/05/20 11:48:55 1.3
--- admin2.php3 2001/05/30 08:07:13 1.4
***************
*** 32,36 ****
* Ensure this script is called by the admin frameset (fix a security hole)
*/
! if (!isset($dbSessionVars) || empty($dbSessionVars['authUsername']))
{
exit();
--- 32,36 ----
* Ensure this script is called by the admin frameset (fix a security hole)
*/
! if (!dbSessionIsRegistered('authUsername'))
{
exit();
Index: admin1.php3
===================================================================
RCS file: /cvsroot/phpmychat/phpMyChat-0.15/chat/admin/admin1.php3,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -r1.2 -r1.3
*** admin1.php3 2001/05/20 11:48:55 1.2
--- admin1.php3 2001/05/30 08:07:13 1.3
***************
*** 33,37 ****
* Ensure this script is called by the admin frameset (fix a security hole)
*/
! if (!isset($dbSessionVars) || empty($dbSessionVars['authUsername']))
{
exit();
--- 33,37 ----
* Ensure this script is called by the admin frameset (fix a security hole)
*/
! if (!dbSessionIsRegistered('authUsername'))
{
exit();
|
