Index: chatroomread.php
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/chatroom/chatroomread.php,v
retrieving revision 1.20
diff -u -F^f -r1.20 chatroomread.php
--- chatroomread.php	24 Jul 2006 21:21:38 -0000	1.20
+++ chatroomread.php	25 Jul 2006 14:49:34 -0000
@@ -12,10 +12,9 @@
   $chatroom_base = urldecode($_POST['chatroom_base']);
   $user_base     = urldecode($_POST['user_base']);
   if (!is_dir($chatroom_base)                                   ||
-      substr($chatroom_base, 0, strlen('modules')) != 'modules' ||
       strpos($chatroom_base, '..') !== FALSE                    || 
       !is_dir($user_base)                                       ||
-      substr($user_base, 0, strlen('modules')) != 'modules'     ||
+      !(substr($user_base, 0, strlen('modules')) == 'modules' || substr($user_base, 0, strlen('sites')) == 'sites')     ||
       strpos($user_base, '..') !== FALSE)                        {
     echo "/** UR3l33t! 1 **/";
     exit;
@@ -37,7 +36,7 @@
   // if module base looks dodge, just exit
   $smileys_base = urldecode($_POST['smileys_base']);
   if (!is_dir($smileys_base)                                   ||
-      substr($smileys_base, 0, strlen('modules')) != 'modules' ||
+      !(substr($user_base, 0, strlen('modules')) == 'modules' || substr($user_base, 0, strlen('sites')) == 'sites') ||
       strpos($smileys_base, '..') !== FALSE)                    {
     echo "/** UR3l33t! 3 **/";
     exit;