From bddbfd2fa1670fb3a385a80a7df070b05d774c04 Mon Sep 17 00:00:00 2001
From: Yannick Warnier <yannick.warnier@beeznest.com>
Date: Tue, 20 Feb 2007 00:09:17 +0100
Subject: [PATCH] [svn r11150] Fixed buggy strpos() call (using strlen rather
 than offset)

---
 main/inc/lib/security.lib.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/main/inc/lib/security.lib.php b/main/inc/lib/security.lib.php
index 3177989630..c9b614e888 100755
--- a/main/inc/lib/security.lib.php
+++ b/main/inc/lib/security.lib.php
@@ -68,7 +68,7 @@ class Security{
 		}
 		$abs_path = $current_path.$rel_path;
 		$true_path = realpath($abs_path);
-		$found = strpos($true_path.'/',$checker_path,strlen($checker_path));
+		$found = strpos($true_path.'/',$checker_path);
 		if($found===0)
 		{
 			return true;
@@ -85,7 +85,7 @@ class Security{
 	{
 		if(empty($checker_path)){return false;} //checker path must be set
 		$true_path = realpath($abs_path);
-		$found = strpos($true_path.'/',$checker_path,strlen($checker_path));
+		$found = strpos($true_path.'/',$checker_path);
 		if($found===0)
 		{
 			return true;