From 025709508bc377cb35acaa50cb1134898f125fc9 Mon Sep 17 00:00:00 2001
From: Daniel Winzen <daniel@danwin1210.me>
Date: Tue, 15 Sep 2020 19:37:45 +0200
Subject: [PATCH] Fix guest room bypass #73

---
 chat.php | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/chat.php b/chat.php
index b0f8ff0..a7bf907 100644
--- a/chat.php
+++ b/chat.php
@@ -2212,8 +2212,8 @@ function create_session($setup, $nickname, $password){
 		}
 		if($ga===0){
 			send_error($I['noguests']);
-		}elseif($ga===3){
-			$U['entry']=0;
+		}elseif(in_array($ga, [2, 3], true)){
+			$U['entry'] = 0;
 		}
 		if(get_setting('englobalpass')!=0 && isset($_REQUEST['globalpass']) && $_REQUEST['globalpass']!=get_setting('globalpass')){
 			send_error($I['wrongglobalpass']);
@@ -2378,9 +2378,7 @@ function check_login(){
 		}
 	}
 	if($U['status']==1){
-		if($ga===2 || $ga===3){
-			$stmt=$db->prepare('UPDATE ' . PREFIX . 'sessions SET entry=0 WHERE session=?;');
-			$stmt->execute([$U['session']]);
+		if(in_array($ga, [2, 3], true){
 			send_waiting_room();
 		}
 	}