alindeman Wed Mar 26 21:35:18 2003 EDT
Modified files:
/phpdoc/en/chapters security.xml
Log:
fixing bug #22915
Index: phpdoc/en/chapters/security.xml
diff -u phpdoc/en/chapters/security.xml:1.51 phpdoc/en/chapters/security.xml:1.52
--- phpdoc/en/chapters/security.xml:1.51 Sun Jan 19 05:30:14 2003
+++ phpdoc/en/chapters/security.xml Wed Mar 26 21:35:18 2003
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="iso-8859-1"?>
-<!-- $Revision: 1.51 $ -->
+<!-- $Revision: 1.52 $ -->
<chapter id="security">
<title>Security</title>
@@ -1011,7 +1011,7 @@
$good_login = 1;
}
if ($good_login == 1) { // If above test fails, not initialized or checked before
usage
- fpassthru ("/highly/sensitive/data/index.html");
+ readfile ("/highly/sensitive/data/index.html");
}
?>
]]>
@@ -1046,7 +1046,7 @@
}
if ($good_login == 1) { // can be forged by a user in get/post/cookies,
- fpassthru ("/highly/sensitive/data/index.html");
+ readfile ("/highly/sensitive/data/index.html");
}
?>
]]>
@@ -1060,7 +1060,7 @@
if($_COOKIE['username']){
// can only come from a cookie, forged or otherwise
$good_login = 1;
- fpassthru ("/highly/sensitive/data/index.html");
+ readfile ("/highly/sensitive/data/index.html");
}
?>
]]>
@@ -1083,7 +1083,7 @@
!$_GET['username'] ) {
// Perform other checks to validate the user name...
$good_login = 1;
- fpassthru ("/highly/sensitive/data/index.html");
+ readfile ("/highly/sensitive/data/index.html");
} else {
mail("[EMAIL PROTECTED]", "Possible breakin attempt", $_SERVER['REMOTE_ADDR']);
echo "Security violation, admin has been alerted.";
--
PHP Documentation Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
