On 10/16/2005, "Arve Seljebu" <[EMAIL PROTECTED]> wrote:
>On 10/16/2005, "Paul TBBle Hampson" <[EMAIL PROTECTED]> wrote:
>
>>On Thu, Oct 13, 2005 at 12:34:26PM +0200, Arve Seljebu wrote:
>>> Package: freeradius-dialupadmin
>>> Version: 1.0.2-4
>>> Severity: normal
>>
>>> Since freeradius-dialupadmin is developed on php3, it uses global
>>> variables instead of $_GET and similar.
>>> /usr/share/doc/freeradius-dialupadmin/README.Debian should contain an
>>> advice about this.
>>
>>This should not be neccessary, dialup-admin calls
>>import_request_variables [1] during the config-reading function.
>>
>>If you had a problem of some kind with this, please reply to this
>>bug with it, otherwise I'll close it as not-a-bug.
>>
>I had some problems with this earlier, I'll turn off register_globals
>too see if it's still there.
I found one occurrence of this in
/usr/share/freeradius-dialupadmin/htdocs/user_edit.php3 on line 2:
if ($edit_group == 1){
header("Location: group_admin.php3?login=$group_to_edit");
exit;
}
And if I remember it right, there are several shortcuts to other pages
made like this.
>
>>[1] http://www.php.net/import_request_variables
>>
>>--
>>Paul "TBBle" Hampson, [EMAIL PROTECTED]
>>8th year CompSci/Asian Studies student, ANU
>>
>>Shorter .sig for a more eco-friendly paperless office.
