From 539cd47824ec6b03b44f9f7c5af8a1e60df0458b Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Thu, 29 Sep 2005 16:30:10 -0400
Subject: [PATCH] Fix for URL injection vulnerability (Bug #1307966)

---
 program/steps/error.inc |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/program/steps/error.inc b/program/steps/error.inc
index efe3040..9e5757d 100644
--- a/program/steps/error.inc
+++ b/program/steps/error.inc
@@ -52,7 +52,7 @@
 else if ($ERROR_CODE==404)
   {
   $__error_title = "REQUEST FAILED/FILE NOT FOUND";
-  $request_url = $GLOBALS['HTTP_HOST'].$GLOBALS['REQUEST_URI'];
+  $request_url = $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
   $__error_text  = <<<EOF
 The requested page was not found!<br />
 Please contact your server-administrator.

--
Gitblit v1.9.1