From 32d76dc4b105e61dd2a2ea30c902e767d13808a6 Mon Sep 17 00:00:00 2001
From: Andy Lindeman <alindeman@php.net>
Date: Thu, 27 Mar 2003 02:35:18 +0000
Subject: [PATCH] fixing bug #22915

git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@121380 c90b9560-bf6c-de11-be94-00142212c4b1
---
 chapters/security.xml | 10 +++++-----
 security/index.xml    | 10 +++++-----
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/chapters/security.xml b/chapters/security.xml
index cea8902ca9..24bb489348 100644
--- a/chapters/security.xml
+++ b/chapters/security.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="iso-8859-1"?>
-<!-- $Revision: 1.51 $ -->
+<!-- $Revision: 1.52 $ -->
  <chapter id="security">
   <title>Security</title>
 
@@ -1011,7 +1011,7 @@ if ($username) {  // Not initialized or checked before usage
     $good_login = 1;
 }
 if ($good_login == 1) { // If above test fails, not initialized or checked before usage
-    fpassthru ("/highly/sensitive/data/index.html");
+    readfile ("/highly/sensitive/data/index.html");
 }
 ?>
 ]]>
@@ -1046,7 +1046,7 @@ if ($username) {  // can be forged by a user in get/post/cookies
 }
 
 if ($good_login == 1) { // can be forged by a user in get/post/cookies,
-    fpassthru ("/highly/sensitive/data/index.html");
+    readfile ("/highly/sensitive/data/index.html");
 }
 ?>
 ]]>
@@ -1060,7 +1060,7 @@ if ($good_login == 1) { // can be forged by a user in get/post/cookies,
 if($_COOKIE['username']){
     // can only come from a cookie, forged or otherwise
     $good_login = 1;
-    fpassthru ("/highly/sensitive/data/index.html");
+    readfile ("/highly/sensitive/data/index.html");
 }
 ?>
 ]]>
@@ -1083,7 +1083,7 @@ if ($_COOKIE['username'] &&
     !$_GET['username'] ) {
     // Perform other checks to validate the user name...
     $good_login = 1;
-    fpassthru ("/highly/sensitive/data/index.html");
+    readfile ("/highly/sensitive/data/index.html");
 } else {
    mail("admin@example.com", "Possible breakin attempt", $_SERVER['REMOTE_ADDR']);
    echo "Security violation, admin has been alerted.";
diff --git a/security/index.xml b/security/index.xml
index cea8902ca9..24bb489348 100644
--- a/security/index.xml
+++ b/security/index.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="iso-8859-1"?>
-<!-- $Revision: 1.51 $ -->
+<!-- $Revision: 1.52 $ -->
  <chapter id="security">
   <title>Security</title>
 
@@ -1011,7 +1011,7 @@ if ($username) {  // Not initialized or checked before usage
     $good_login = 1;
 }
 if ($good_login == 1) { // If above test fails, not initialized or checked before usage
-    fpassthru ("/highly/sensitive/data/index.html");
+    readfile ("/highly/sensitive/data/index.html");
 }
 ?>
 ]]>
@@ -1046,7 +1046,7 @@ if ($username) {  // can be forged by a user in get/post/cookies
 }
 
 if ($good_login == 1) { // can be forged by a user in get/post/cookies,
-    fpassthru ("/highly/sensitive/data/index.html");
+    readfile ("/highly/sensitive/data/index.html");
 }
 ?>
 ]]>
@@ -1060,7 +1060,7 @@ if ($good_login == 1) { // can be forged by a user in get/post/cookies,
 if($_COOKIE['username']){
     // can only come from a cookie, forged or otherwise
     $good_login = 1;
-    fpassthru ("/highly/sensitive/data/index.html");
+    readfile ("/highly/sensitive/data/index.html");
 }
 ?>
 ]]>
@@ -1083,7 +1083,7 @@ if ($_COOKIE['username'] &&
     !$_GET['username'] ) {
     // Perform other checks to validate the user name...
     $good_login = 1;
-    fpassthru ("/highly/sensitive/data/index.html");
+    readfile ("/highly/sensitive/data/index.html");
 } else {
    mail("admin@example.com", "Possible breakin attempt", $_SERVER['REMOTE_ADDR']);
    echo "Security violation, admin has been alerted.";