diff --git a/chapters/security.xml b/chapters/security.xml
index cea8902ca9..24bb489348 100644
--- a/chapters/security.xml
+++ b/chapters/security.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="iso-8859-1"?>
-<!-- $Revision: 1.51 $ -->
+<!-- $Revision: 1.52 $ -->
  <chapter id="security">
   <title>Security</title>
 
@@ -1011,7 +1011,7 @@ if ($username) {  // Not initialized or checked before usage
     $good_login = 1;
 }
 if ($good_login == 1) { // If above test fails, not initialized or checked before usage
-    fpassthru ("/highly/sensitive/data/index.html");
+    readfile ("/highly/sensitive/data/index.html");
 }
 ?>
 ]]>
@@ -1046,7 +1046,7 @@ if ($username) {  // can be forged by a user in get/post/cookies
 }
 
 if ($good_login == 1) { // can be forged by a user in get/post/cookies,
-    fpassthru ("/highly/sensitive/data/index.html");
+    readfile ("/highly/sensitive/data/index.html");
 }
 ?>
 ]]>
@@ -1060,7 +1060,7 @@ if ($good_login == 1) { // can be forged by a user in get/post/cookies,
 if($_COOKIE['username']){
     // can only come from a cookie, forged or otherwise
     $good_login = 1;
-    fpassthru ("/highly/sensitive/data/index.html");
+    readfile ("/highly/sensitive/data/index.html");
 }
 ?>
 ]]>
@@ -1083,7 +1083,7 @@ if ($_COOKIE['username'] &&
     !$_GET['username'] ) {
     // Perform other checks to validate the user name...
     $good_login = 1;
-    fpassthru ("/highly/sensitive/data/index.html");
+    readfile ("/highly/sensitive/data/index.html");
 } else {
    mail("admin@example.com", "Possible breakin attempt", $_SERVER['REMOTE_ADDR']);
    echo "Security violation, admin has been alerted.";
diff --git a/security/index.xml b/security/index.xml
index cea8902ca9..24bb489348 100644
--- a/security/index.xml
+++ b/security/index.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="iso-8859-1"?>
-<!-- $Revision: 1.51 $ -->
+<!-- $Revision: 1.52 $ -->
  <chapter id="security">
   <title>Security</title>
 
@@ -1011,7 +1011,7 @@ if ($username) {  // Not initialized or checked before usage
     $good_login = 1;
 }
 if ($good_login == 1) { // If above test fails, not initialized or checked before usage
-    fpassthru ("/highly/sensitive/data/index.html");
+    readfile ("/highly/sensitive/data/index.html");
 }
 ?>
 ]]>
@@ -1046,7 +1046,7 @@ if ($username) {  // can be forged by a user in get/post/cookies
 }
 
 if ($good_login == 1) { // can be forged by a user in get/post/cookies,
-    fpassthru ("/highly/sensitive/data/index.html");
+    readfile ("/highly/sensitive/data/index.html");
 }
 ?>
 ]]>
@@ -1060,7 +1060,7 @@ if ($good_login == 1) { // can be forged by a user in get/post/cookies,
 if($_COOKIE['username']){
     // can only come from a cookie, forged or otherwise
     $good_login = 1;
-    fpassthru ("/highly/sensitive/data/index.html");
+    readfile ("/highly/sensitive/data/index.html");
 }
 ?>
 ]]>
@@ -1083,7 +1083,7 @@ if ($_COOKIE['username'] &&
     !$_GET['username'] ) {
     // Perform other checks to validate the user name...
     $good_login = 1;
-    fpassthru ("/highly/sensitive/data/index.html");
+    readfile ("/highly/sensitive/data/index.html");
 } else {
    mail("admin@example.com", "Possible breakin attempt", $_SERVER['REMOTE_ADDR']);
    echo "Security violation, admin has been alerted.";