From: Joe Hunt <joe.hunt.consulting@gmail.com>
Date: Thu, 13 Sep 2007 22:19:16 +0000 (+0000)
Subject: config.php has been vulnerable. Fixed.
X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=commitdiff_plain;h=82ace0fdff0f7a6a33bcfd05133dfe2eaceb5f25;p=textcart.git

config.php has been vulnerable. Fixed.
---

diff --git a/CHANGELOG.txt b/CHANGELOG.txt
index 44395e0..6fffa53 100644
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@@ -21,7 +21,9 @@ $ -> Affected files
 
 14-Sep-2007 Joe Hunt
  # We forgot to upload the PO file when installing new language. Used when GETTEXT is not installed on Server.
+ # config.php has been vulnerable. Fixed.
  $ /admin/inst_lang.php
+ $ config.php
  
 10-Sep-2007 Joe Hunt
  ! Changed Bank Address field from text to textarea (multirows)
diff --git a/config.php b/config.php
index 277d2cc..08aa993 100644
--- a/config.php
+++ b/config.php
@@ -23,7 +23,8 @@
 		session_save_path($session_save_path);
 		unset($session_save_path);
     }
-
+	if (!isset($path_to_root))
+		exit;
     include_once($path_to_root . "/config_db.php");
     include_once($path_to_root . "/includes/lang/language.php");