Update of /cvsroot/phpmychat/phpMyChat - 0.14/chat
In directory usw-pr-cvs1:/tmp/cvs-serv14507/chat
Modified Files:
export.php3
Log Message:
fixed a security issue
***** Bogus filespec: -
***** Bogus filespec: 0.14/chat
Index: export.php3
===================================================================
RCS file: /cvsroot/phpmychat/phpMyChat - 0.14/chat/export.php3,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -r1.3 -r1.4
*** export.php3 2001/05/31 18:05:22 1.3
--- export.php3 2001/12/03 21:04:37 1.4
***************
*** 21,24 ****
--- 21,40 ----
set_magic_quotes_runtime(0);
+ // Get IP address and check for hackers
+ require("./lib/get_IP.lib.php3");
+ $DbLink = new DB;
+ $DbLink->query("SELECT count(*) FROM ".C_USR_TBL." WHERE username = '$U' AND ip = '$IP' LIMIT 1");
+ list($isNotHack) = $DbLink->next_record();
+ if (!$isNotHack)
+ {
+ echo 'là';
+ $DbLink->close();
+ exit();
+ }
+ else
+ {
+ $DbLink->clean_results();
+ }
+
// Translate to html special characters, and entities if message was sent with a latin 1 charset
$Latin1 = ($Charset == "iso-8859-1");
|
