From 86b37fa92877da74b3d869b055f5d015d3d7a0b2 Mon Sep 17 00:00:00 2001 From: seek3r Date: Tue, 5 Dec 2000 04:08:50 +0000 Subject: [PATCH] security fix --- header.inc.php.template | 11 ++++++++++- version.inc.php | 2 +- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/header.inc.php.template b/header.inc.php.template index 4f588dbd52..07ef847630 100644 --- a/header.inc.php.template +++ b/header.inc.php.template @@ -12,6 +12,15 @@ /* $Id$ */ + /**************************************************************************\ + * !!!!!!! DONT TOUCH THESE LINES !!!!!!!! * + * This flushes out any vars from the url for security reason * + \**************************************************************************/ + $sec_clean = $phpgw_info["flags"] + $phpgw_info = array(); + $phpgw_info["flags"] = $sec_clean; + unset ($sec_clean); + /**************************************************************************\ * !!!!!!! EDIT THESE LINES !!!!!!!! * * This setting allows you to easily move the include directory and the * @@ -63,7 +72,7 @@ * Do not edit these lines * \**************************************************************************/ include($phpgw_info["server"]["server_root"]."/version.inc.php"); - $phpgw_info["server"]["header_version"] = "1.4"; + $phpgw_info["server"]["header_version"] = "1.5"; // This is a fix for NT if (!isset($phpgw_info["flags"]["noapi"]) || !$phpgw_info["flags"]["noapi"] == True){ diff --git a/version.inc.php b/version.inc.php index eddb02c559..85b27ff95e 100644 --- a/version.inc.php +++ b/version.inc.php @@ -12,4 +12,4 @@ /* $Id$ */ $phpgw_info["server"]["version"] = "0.9.7pre3"; - $phpgw_info["server"]["current_header_version"] = "1.4"; + $phpgw_info["server"]["current_header_version"] = "1.5";