aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authormarcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>2008-08-08 12:34:35 +0000
committermarcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>2008-08-08 12:34:35 +0000
commitb717746b48b00e7e0a128a60ed2bf496f3806f18 (patch)
treedca054a55136d32247271abc52fa2209a23960f1
parent10f233a2e2a11416413585ceadafa0d7b07988bc (diff)
downloadelgg-b717746b48b00e7e0a128a60ed2bf496f3806f18.tar.gz
elgg-b717746b48b00e7e0a128a60ed2bf496f3806f18.tar.bz2
Closes #220: Removed action from hash. Timestamp should make this unpredictable enough.
git-svn-id: https://code.elgg.org/elgg/trunk@1791 36083f99-b078-4883-b0ff-0f9b5a30f544
-rw-r--r--engine/lib/actions.php11
-rw-r--r--views/default/input/form.php3
2 files changed, 5 insertions, 9 deletions
diff --git a/engine/lib/actions.php b/engine/lib/actions.php
index 26d56104b..bc8b09589 100644
--- a/engine/lib/actions.php
+++ b/engine/lib/actions.php
@@ -119,14 +119,13 @@
function action_gatekeeper()
{
$token = get_input('__elgg_token');
- $action = get_input('__elgg_action');
$ts = get_input('__elgg_ts');
$session_id = session_id();
- if (($token) && ($action) && ($ts) && ($session_id))
+ if (($token) && ($ts) && ($session_id))
{
// generate token, check with input and forward if invalid
- $generated_token = generate_action_token($action, $ts);
+ $generated_token = generate_action_token($ts);
// Validate token
if (strcmp($token, $generated_token)==0)
@@ -140,7 +139,6 @@
$returnval = true; // We have already got this far, so unless anything else says something to the contry we assume we're ok
return trigger_plugin_hook('action_gatekeeper:permissions:check', 'all', array(
- 'action' => $action,
'token' => $token,
'time' => $ts
), $returnval);
@@ -161,10 +159,9 @@
/**
* Generate a token for the current user suitable for being placed in a hidden field in action forms.
*
- * @param string $action The action being called
* @param int $timestamp Unix timestamp
*/
- function generate_action_token($action, $timestamp)
+ function generate_action_token($timestamp)
{
// Get input values
$site_secret = get_site_secret();
@@ -173,7 +170,7 @@
$session_id = session_id();
if (($site_secret) && ($session_id))
- return md5($site_secret.$action.$timestamp.$session_id);
+ return md5($site_secret.$timestamp.$session_id);
return false;
}
diff --git a/views/default/input/form.php b/views/default/input/form.php
index 2bbc0e473..e3cc46c27 100644
--- a/views/default/input/form.php
+++ b/views/default/input/form.php
@@ -25,9 +25,8 @@
// Generate a security header
$ts = time();
- $token = generate_action_token($action, $ts);
+ $token = generate_action_token($ts);
$security_header = elgg_view('input/hidden', array('internalname' => '__elgg_token', 'value' => $token));
- $security_header .= elgg_view('input/hidden', array('internalname' => '__elgg_action', 'value' => $action));
$security_header .= elgg_view('input/hidden', array('internalname' => '__elgg_ts', 'value' => $ts));
?>
<form action="<?php echo $action; ?>" method="<?php echo $method; ?>" <?php if ($enctype!="") echo "enctype=\"$enctype\""; ?>>