[geeklog-cvs] Geeklog-1.x/system lib-story.php,1.100,1.101
Dirk Haun
dhaun at qs1489.pair.com
Sun Aug 19 04:35:56 EDT 2007
Update of /cvsroot/geeklog/Geeklog-1.x/system
In directory qs1489.pair.com:/tmp/cvs-serv9540/system
Modified Files:
lib-story.php
Log Message:
Ugh, security issue ...
Index: lib-story.php
===================================================================
RCS file: /cvsroot/geeklog/Geeklog-1.x/system/lib-story.php,v
retrieving revision 1.100
retrieving revision 1.101
diff -C2 -d -r1.100 -r1.101
*** lib-story.php 9 Aug 2007 07:58:21 -0000 1.100
--- lib-story.php 19 Aug 2007 08:35:54 -0000 1.101
***************
*** 35,43 ****
//
// $Id$
- require_once ($_CONF['path_system'] . '/classes/story.class.php');
if (strpos ($_SERVER['PHP_SELF'], 'lib-story.php') !== false) {
die ('This file can not be used on its own!');
}
if( $_CONF['allow_user_photo'] )
--- 35,44 ----
//
// $Id$
if (strpos ($_SERVER['PHP_SELF'], 'lib-story.php') !== false) {
die ('This file can not be used on its own!');
}
+
+ require_once $_CONF['path_system'] . '/classes/story.class.php';
if( $_CONF['allow_user_photo'] )
More information about the geeklog-cvs
mailing list