More vulnerable. Fix.

author Joe Hunt <joe.hunt.consulting@gmail.com>

Thu, 13 Sep 2007 22:54:15 +0000 (22:54 +0000)

committer Joe Hunt <joe.hunt.consulting@gmail.com>

Thu, 13 Sep 2007 22:54:15 +0000 (22:54 +0000)
author Joe Hunt <joe.hunt.consulting@gmail.com>
Thu, 13 Sep 2007 22:54:15 +0000 (22:54 +0000)
committer Joe Hunt <joe.hunt.consulting@gmail.com>
Thu, 13 Sep 2007 22:54:15 +0000 (22:54 +0000)
diff --git a/config.php b/config.php

index 08aa993a2003e121cf9e5ac825354f79d8533828..9387253ede6b813ab0a90f3a4040aad0c54f053c 100644 (file)
--- a/config.php
+++ b/config.php
@@ -23,7 +23,7 @@
                 session_save_path($session_save_path);
                 unset($session_save_path);
      }
-       if (!isset($path_to_root))
+       if (!isset($path_to_root) || isset($_GET['path_to_root']) || isset($_POST['path_to_root']))
                 exit;
      include_once($path_to_root . "/config_db.php");
      include_once($path_to_root . "/includes/lang/language.php");
author	Joe Hunt <joe.hunt.consulting@gmail.com>
	Thu, 13 Sep 2007 22:54:15 +0000 (22:54 +0000)
committer	Joe Hunt <joe.hunt.consulting@gmail.com>
	Thu, 13 Sep 2007 22:54:15 +0000 (22:54 +0000)