From acaae4b3e6d2ae971b3912ebf04269ea87d21721 Mon Sep 17 00:00:00 2001 From: Ralf Becker Date: Mon, 21 Jul 2003 15:45:49 +0000 Subject: [PATCH] removed $appdir in include to close security hole (setting this var in the url and register_globals on) --- phpgwapi/setup/tables_update.inc.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/phpgwapi/setup/tables_update.inc.php b/phpgwapi/setup/tables_update.inc.php index 981ede43a3..58c4e9516d 100644 --- a/phpgwapi/setup/tables_update.inc.php +++ b/phpgwapi/setup/tables_update.inc.php @@ -11,10 +11,10 @@ /* $Id$ */ /* Include older phpGroupWare update support */ - include($appdir . 'tables_update_0_9_9.inc.php'); - include($appdir . 'tables_update_0_9_10.inc.php'); - include($appdir . 'tables_update_0_9_12.inc.php'); - include($appdir . 'tables_update_0_9_14.inc.php'); + include('tables_update_0_9_9.inc.php'); + include('tables_update_0_9_10.inc.php'); + include('tables_update_0_9_12.inc.php'); + include('tables_update_0_9_14.inc.php'); /* This is since the last release */ $test[] = '0.9.13.018';