diff --git a/chapters/security.xml b/chapters/security.xml
index f44faf173f..063016f61d 100644
--- a/chapters/security.xml
+++ b/chapters/security.xml
@@ -390,7 +390,7 @@ echo "$file_to_delete has been deleted!";
More secure file name checking
<?php
-$username = $HTTP_REMOTE_USER;
+$username = get_env("REMOTE_USER");
$homedir = "/home/$username";
if (!ereg('^[^./][^/]*$', $userfile))
diff --git a/security/index.xml b/security/index.xml
index f44faf173f..063016f61d 100644
--- a/security/index.xml
+++ b/security/index.xml
@@ -390,7 +390,7 @@ echo "$file_to_delete has been deleted!";
More secure file name checking
<?php
-$username = $HTTP_REMOTE_USER;
+$username = get_env("REMOTE_USER");
$homedir = "/home/$username";
if (!ereg('^[^./][^/]*$', $userfile))