It's still an issue. All someone would have to do to avoid this line (in adopt.php):
Code:
$_SESSION["allow"] = 1;
is enter the doadopt.php address while viewing adopt.php. It doesn't stop the abuse of adopt.php links at all, as adopt.php automatically sets that value to 1.