From c8daec7c8239fab1cc45eb94829a1a99fd646d46 Mon Sep 17 00:00:00 2001
From: Joas Schilling <nickvergessen@gmx.de>
Date: Tue, 4 Aug 2009 10:04:54 +0000
Subject: Fix Bug #49035 - Fix general error while registration, through
 undefined variable $config in validate_referer (Patch by wjvriend)

Authorised by: bantu

git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9917 89ea8834-ac86-4346-8a33-228a782c2dd0
---
 phpBB/includes/session.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'phpBB/includes/session.php')

diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php
index a49716a8db..b4d817daf9 100644
--- a/phpBB/includes/session.php
+++ b/phpBB/includes/session.php
@@ -1364,6 +1364,8 @@ class session
 	*/
 	function validate_referer($check_script_path = false)
 	{
+		global $config;
+
 		// no referer - nothing to validate, user's fault for turning it off (we only check on POST; so meta can't be the reason)
 		if (empty($this->referer) || empty($this->host))
 		{
@@ -1373,7 +1375,7 @@ class session
 		$host = htmlspecialchars($this->host);
 		$ref = substr($this->referer, strpos($this->referer, '://') + 3);
 
-		if (!(stripos($ref, $host) === 0) && (!$config['force_server'] || !(stripos($ref, $config['server_name']) === 0)))
+		if (!(stripos($ref, $host) === 0) && (!$config['force_server_vars'] || !(stripos($ref, $config['server_name']) === 0)))
 		{
 			return false;
 		}
-- 
cgit v1.2.1