# HG changeset patch
# User Dan Fuhry <dan@enanocms.org>
# Date 1289927424 18000
# Node ID da50b017af94df3150ed2fa78d5f193fa6ae350c
# Parent  e6c6b42a5a51f082718da9cf96bd37b917ec27a4
SECURITY: Fix path disclosure in Special:Captcha

diff -r e6c6b42a5a51 -r da50b017af94 plugins/SpecialUserFuncs.php
--- a/plugins/SpecialUserFuncs.php	Mon Nov 15 19:21:47 2010 -0500
+++ b/plugins/SpecialUserFuncs.php	Tue Nov 16 12:10:24 2010 -0500
@@ -1373,7 +1373,14 @@
 		$db->_die();
 	
 	require ( ENANO_ROOT.'/includes/captcha.php' );
-	$captcha = captcha_object($hash, 'freecap');
+	try
+	{
+		$captcha = captcha_object($hash, 'freecap');
+	}
+	catch ( Exception $e )
+	{
+		die("CAPTCHA engine returned a hard exception");
+	}
 	// $captcha->debug = true;
 	$captcha->make_image();