holm/egroupware
1
1
Fork 0
forked from extern/egroupware
Code Issues Pull Requests Packages Projects Releases Wiki Activity

security fix for php 4.1.0 (?) to verify that what isset() is also !empty()

Browse Source
This commit is contained in:
Miles Lott 2001-12-18 02:07:14 +00:00
parent 05c1889974
commit 18a45d4bc5
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
setup/inc/class.setup.inc.php
View File

@ -67,7 +67,7 @@
$HeaderPW = $HTTP_COOKIE_VARS['HeaderPW'] ? $HTTP_COOKIE_VARS['HeaderPW'] : $HTTP_POST_VARS['HeaderPW']; $HeaderPW = $HTTP_COOKIE_VARS['HeaderPW'] ? $HTTP_COOKIE_VARS['HeaderPW'] : $HTTP_POST_VARS['HeaderPW'];
$ConfigLang = $HTTP_POST_VARS['ConfigLang'] ? $HTTP_POST_VARS['ConfigLang'] : $HTTP_COOKIE_VARS['ConfigLang']; $ConfigLang = $HTTP_POST_VARS['ConfigLang'] ? $HTTP_POST_VARS['ConfigLang'] : $HTTP_COOKIE_VARS['ConfigLang'];
if (isset($FormLogout)) if (isset($FormLogout) && !empty($FormLogout))
{ {
if ($FormLogout == 'config' || if ($FormLogout == 'config' ||
$FormLogout == 'ldap' || $FormLogout == 'ldap' ||
@ -88,9 +88,9 @@
return False; return False;
} }
} }
elseif (isset($ConfigPW)) elseif (isset($ConfigPW) && !empty($ConfigPW))
{ {
if ($ConfigPW != $GLOBALS['phpgw_domain'][$ConfigDomain]["config_passwd"] && $auth_type == 'Config') if ($ConfigPW != $GLOBALS['phpgw_domain'][$ConfigDomain]['config_passwd'] && $auth_type == 'Config')
{ {
setcookie('ConfigPW'); // scrub the old one setcookie('ConfigPW'); // scrub the old one
setcookie('ConfigDomain'); // scrub the old one setcookie('ConfigDomain'); // scrub the old one
@ -103,7 +103,7 @@
return True; return True;
} }
} }
elseif (isset($FormPW)) elseif (isset($FormPW) && !empty($FormPW))
{ {
if (isset($ConfigLogin)) if (isset($ConfigLogin))
{ {
@ -122,7 +122,7 @@
return False; return False;
} }
} }
elseif (isset($HeaderLogin)) elseif (isset($HeaderLogin) && !empty($HeaderLogin))
{ {
if ($FormPW == $GLOBALS['phpgw_info']['server']['header_admin_password'] && $auth_type == 'Header') if ($FormPW == $GLOBALS['phpgw_info']['server']['header_admin_password'] && $auth_type == 'Header')
{ {
@ -136,7 +136,7 @@
} }
} }
} }
elseif (isset($HeaderPW)) elseif (isset($HeaderPW) && !empty($HeaderPW))
{ {
if ($HeaderPW != $GLOBALS['phpgw_info']['server']['header_admin_password'] && $auth_type == 'Header') if ($HeaderPW != $GLOBALS['phpgw_info']['server']['header_admin_password'] && $auth_type == 'Header')
{ {