From d9cc0ad519ab07b86fb78fab3c1623528fcce52c Mon Sep 17 00:00:00 2001
From: garvinhicking <garvinhicking>
Date: Mon, 14 Apr 2008 05:26:26 +0000
Subject: [PATCH] This Patch is EVIL and has SEVERLY security impacts, can lead
 to people easily putting XSS on your page or changing the config of your blog
 without requiring a login Uncommented.

---
 templates/bulletproof/config.inc.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/templates/bulletproof/config.inc.php b/templates/bulletproof/config.inc.php
index 1e00940..8b82e02 100644
--- a/templates/bulletproof/config.inc.php
+++ b/templates/bulletproof/config.inc.php
@@ -268,11 +268,11 @@ $template_config = array(
     )
 );
 
-if (isset($_POST['serendipity']['template'])) {
-    $template_loaded_config =$_POST['serendipity']['template'];
-} else {
+#if (isset($_POST['serendipity']['template'])) {
+#    $template_loaded_config =$_POST['serendipity']['template'];
+#} else {
     $template_loaded_config = serendipity_loadThemeOptions($template_config, $serendipity['smarty_vars']['template_option']);
-}
+#}
 
 $navlinks = array();
 
-- 
2.39.5