This fixes a bug in the 24 Jan 2006 2.2a full package.

In the admin/includes/application_top.php file, the line:

if (basename($PHP_SELF) != FILENAME_LOGIN && basename($PHP_SELF) != FILENAME_PASSWORD_FORGOTTEN) {

should be changed to:

if (basename($PHP_SELF) != FILENAME_LOGIN && basename($PHP_SELF) != FILENAME_PASSWORD_FORGOTTEN && basename($PHP_SELF) !=

FILENAME_FORBIDDEN) {

The attached file is a dummy file that contains exactly what's written here.

More...