diff options
| author | marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2008-08-07 11:11:20 +0000 |
|---|---|---|
| committer | marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2008-08-07 11:11:20 +0000 |
| commit | 0171329bbf3b881493b5e45b841781ab03442f94 (patch) | |
| tree | 827870ddaec9d0f7ebdccb243e4615c0e8976fbd /engine/lib | |
| parent | a65cdd21f234c8a07c90e54f9e9a0b1f33a972c2 (diff) | |
| download | elgg-0171329bbf3b881493b5e45b841781ab03442f94.tar.gz elgg-0171329bbf3b881493b5e45b841781ab03442f94.tar.bz2 | |
Closes #218
git-svn-id: https://code.elgg.org/elgg/trunk@1746 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'engine/lib')
| -rw-r--r-- | engine/lib/actions.php | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/engine/lib/actions.php b/engine/lib/actions.php index 0779e5d6a..f5cd55271 100644 --- a/engine/lib/actions.php +++ b/engine/lib/actions.php @@ -131,11 +131,16 @@ // Validate token if (strcmp($token, $generated_token)==0) { - - // TODO: Validate time to ensure its not crazy - + $hour = 60*60; + $now = time(); - return true; + // Validate time to ensure its not crazy + if (($ts>$now-$hour) && ($ts<$now+$hour)) + { + return true; + } + else + register_error(elgg_echo('actiongatekeeper:timeerror')); } else register_error(elgg_echo('actiongatekeeper:tokeninvalid')); |