sigmasternchen/php-doc-en
1
0
Fork 0
mirror of https://github.com/sigmasternchen/php-doc-en synced 2025-03-16 00:48:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fixing bug #22915

Browse source 
git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@121380 c90b9560-bf6c-de11-be94-00142212c4b1
This commit is contained in:
Andy Lindeman 2003-03-27 02:35:18 +00:00
parent 1fc08a3d8d
commit 32d76dc4b1
2 changed files with 10 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
chapters/security.xml
View file

@ -1,5 +1,5 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.51 $ -->
<!-- $Revision: 1.52 $ -->
<chapter id="security">
<title>Security</title>
@ -1011,7 +1011,7 @@ if ($username) { // Not initialized or checked before usage
$good_login = 1;
}
if ($good_login == 1) { // If above test fails, not initialized or checked before usage
fpassthru ("/highly/sensitive/data/index.html");
readfile ("/highly/sensitive/data/index.html");
}
?>
]]>
@ -1046,7 +1046,7 @@ if ($username) { // can be forged by a user in get/post/cookies
}
if ($good_login == 1) { // can be forged by a user in get/post/cookies,
fpassthru ("/highly/sensitive/data/index.html");
readfile ("/highly/sensitive/data/index.html");
}
?>
]]>
@ -1060,7 +1060,7 @@ if ($good_login == 1) { // can be forged by a user in get/post/cookies,
if($_COOKIE['username']){
// can only come from a cookie, forged or otherwise
$good_login = 1;
fpassthru ("/highly/sensitive/data/index.html");
readfile ("/highly/sensitive/data/index.html");
}
?>
]]>
@ -1083,7 +1083,7 @@ if ($_COOKIE['username'] &&
!$_GET['username'] ) {
// Perform other checks to validate the user name...
$good_login = 1;
fpassthru ("/highly/sensitive/data/index.html");
readfile ("/highly/sensitive/data/index.html");
} else {
mail("admin@example.com", "Possible breakin attempt", $_SERVER['REMOTE_ADDR']);
echo "Security violation, admin has been alerted.";

10
security/index.xml
View file

@ -1,5 +1,5 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.51 $ -->
<!-- $Revision: 1.52 $ -->
<chapter id="security">
<title>Security</title>
@ -1011,7 +1011,7 @@ if ($username) { // Not initialized or checked before usage
$good_login = 1;
}
if ($good_login == 1) { // If above test fails, not initialized or checked before usage
fpassthru ("/highly/sensitive/data/index.html");
readfile ("/highly/sensitive/data/index.html");
}
?>
]]>
@ -1046,7 +1046,7 @@ if ($username) { // can be forged by a user in get/post/cookies
}
if ($good_login == 1) { // can be forged by a user in get/post/cookies,
fpassthru ("/highly/sensitive/data/index.html");
readfile ("/highly/sensitive/data/index.html");
}
?>
]]>
@ -1060,7 +1060,7 @@ if ($good_login == 1) { // can be forged by a user in get/post/cookies,
if($_COOKIE['username']){
// can only come from a cookie, forged or otherwise
$good_login = 1;
fpassthru ("/highly/sensitive/data/index.html");
readfile ("/highly/sensitive/data/index.html");
}
?>
]]>
@ -1083,7 +1083,7 @@ if ($_COOKIE['username'] &&
!$_GET['username'] ) {
// Perform other checks to validate the user name...
$good_login = 1;
fpassthru ("/highly/sensitive/data/index.html");
readfile ("/highly/sensitive/data/index.html");
} else {
mail("admin@example.com", "Possible breakin attempt", $_SERVER['REMOTE_ADDR']);
echo "Security violation, admin has been alerted.";