nabeelio
commented
11 years ago Hey,
That's not a bug. It reads that "if IN_PHPVMS doesn't exist, and it's not == to true, then quit". In reality, it can just be simplified to "if(!defined('IN_PHPVMS')) { die(); }"
Nabeel
In all of the template files, you use the define IN_PHPVMS...but look at the code...
<?php if(!defined('IN_PHPVMS') && IN_PHPVMS !== true) { die(); } ?>
You shouldn't really be using the && function because say if you use the first operation, but the second one fails, that's still going to allow users to get the template.
My suggestion, would this improve it's security by using this OR operator?
<?php if(!defined('IN_PHPVMS') || IN_PHPVMS !== true) { die(); } ?>