danwin1210/le-chat-php
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix guest room bypass #73

Browse Source
This commit is contained in:
Daniel Winzen
2020-09-15 19:37:45 +02:00
parent 34fce5f7ab
commit 025709508b
1 changed files with 3 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
chat.php
View File

@ -2212,8 +2212,8 @@ function create_session($setup, $nickname, $password){
} }
if($ga===0){ if($ga===0){
send_error($I['noguests']); send_error($I['noguests']);
}elseif($ga===3){ }elseif(in_array($ga, [2, 3], true)){
$U['entry']=0; $U['entry'] = 0;
} }
if(get_setting('englobalpass')!=0 && isset($_REQUEST['globalpass']) && $_REQUEST['globalpass']!=get_setting('globalpass')){ if(get_setting('englobalpass')!=0 && isset($_REQUEST['globalpass']) && $_REQUEST['globalpass']!=get_setting('globalpass')){
send_error($I['wrongglobalpass']); send_error($I['wrongglobalpass']);
@ -2378,9 +2378,7 @@ function check_login(){
} }
} }
if($U['status']==1){ if($U['status']==1){
if($ga===2 || $ga===3){ if(in_array($ga, [2, 3], true){
$stmt=$db->prepare('UPDATE ' . PREFIX . 'sessions SET entry=0 WHERE session=?;');
$stmt->execute([$U['session']]);
send_waiting_room(); send_waiting_room();
} }
} }