diff --git a/chapters/security.xml b/chapters/security.xml index f44faf173f..063016f61d 100644 --- a/chapters/security.xml +++ b/chapters/security.xml @@ -390,7 +390,7 @@ echo "$file_to_delete has been deleted!"; More secure file name checking <?php -$username = $HTTP_REMOTE_USER; +$username = get_env("REMOTE_USER"); $homedir = "/home/$username"; if (!ereg('^[^./][^/]*$', $userfile)) diff --git a/security/index.xml b/security/index.xml index f44faf173f..063016f61d 100644 --- a/security/index.xml +++ b/security/index.xml @@ -390,7 +390,7 @@ echo "$file_to_delete has been deleted!"; More secure file name checking <?php -$username = $HTTP_REMOTE_USER; +$username = get_env("REMOTE_USER"); $homedir = "/home/$username"; if (!ereg('^[^./][^/]*$', $userfile))