diff --git a/ChangeLog b/ChangeLog
index 1d9ff2a7d..9cec07274 100755
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,8 +6,7 @@ $Id$
 $Source$
 
 2003-07-19 Marc Delisle  <lem9@users.sourceforge.net>
-    * in main directory: checks for paths disclosure
-      (TODO: subdirectories)
+    * (in lots of scripts): checks for paths disclosure
 
 2003-07-18 Garvin Hicking <me@supergarv.de>
     * read_dump.php3: When PHP3 < 4.3.0 is detected, try an alternative
diff --git a/libraries/auth/cookie.auth.lib.php3 b/libraries/auth/cookie.auth.lib.php3
index 5d7691732..f13278d74 100644
--- a/libraries/auth/cookie.auth.lib.php3
+++ b/libraries/auth/cookie.auth.lib.php3
@@ -13,9 +13,12 @@
 if (!defined('PMA_COOKIE_AUTH_INCLUDED')) {
     define('PMA_COOKIE_AUTH_INCLUDED', 1);
 
+    if (!isset($coming_from_common)) {
+       exit();
+    }
     // emulate array_values() for PHP 3
-    if (PMA_PHP_INT_VERSION < 40000) {
-
+//    if (PMA_PHP_INT_VERSION < 40000) {
+      if (!@function_exists('array_values')) {
         function array_values ($arr) {
             $t = array();
             while (list($k, $v) = each ($arr)) {
diff --git a/libraries/common.lib.php3 b/libraries/common.lib.php3
index b3c7fc952..4192e4685 100644
--- a/libraries/common.lib.php3
+++ b/libraries/common.lib.php3
@@ -719,6 +719,10 @@ h1    {font-family: sans-serif; font-size: large; font-weight: bold}
 
             // Gets the authentication library that fits the $cfg['Server'] settings
             // and run authentication
+
+            // (for a quick check of path disclosure in auth/cookies:)
+            $coming_from_common = TRUE;
+
             include('./libraries/auth/' . $cfg['Server']['auth_type'] . '.auth.lib.php3');
             if (!PMA_auth_check()) {
                 PMA_auth();