effects all versions of ROCP on an apache based system how it is done first of all i was testing on my friends ragnarok server witch uses ROCP Version 4.3.4a on an apache based system and so i was stunmling through various files i shouldnt have access to such as http://server.com/CP/account_manage.php this file will bring up a list of users and passes but of course i got ACCESS DENIED so i looked at its source on my machine and saw that it uses CHECK_AUTH($_SERVER['PHP_SELF']); to check the auth so then i tried http://server.com/CP/account_manage.php/login.php (login.php is of course the login page and is open to guests) and all of a sudden i had access to account_manage.php due to the way apache handles this string. and then i had ever account name and un encrypted password. as well as this site i had acess to every site i wasnt supposed to such as privileges.php/login.php or char_manage.php/login.php and then i could search for my character and click edit and i would get access denied but then in the address bar i see that it tried to goto char_manage.php/char_manage.php?search=user so i changed it to char_manage.php/login.php?search=user and bingo how to fix this instead of using CHECK_AUTH($_SERVER['PHP_SELF']); try using something like CHECK_AUTH(substr($_SERVER['SCRIPT_NAME'],4)); or check_auth("pagename.php"); or simply echo (substr(__FILE__,12)); thanks VaLiuS AKA FJLJ
