aboutsummaryrefslogtreecommitdiff
path: root/engine
diff options
context:
space:
mode:
Diffstat (limited to 'engine')
-rw-r--r--engine/lib/actions.php13
1 files changed, 9 insertions, 4 deletions
diff --git a/engine/lib/actions.php b/engine/lib/actions.php
index 0779e5d6a..f5cd55271 100644
--- a/engine/lib/actions.php
+++ b/engine/lib/actions.php
@@ -131,11 +131,16 @@
// Validate token
if (strcmp($token, $generated_token)==0)
{
-
- // TODO: Validate time to ensure its not crazy
-
+ $hour = 60*60;
+ $now = time();
- return true;
+ // Validate time to ensure its not crazy
+ if (($ts>$now-$hour) && ($ts<$now+$hour))
+ {
+ return true;
+ }
+ else
+ register_error(elgg_echo('actiongatekeeper:timeerror'));
}
else
register_error(elgg_echo('actiongatekeeper:tokeninvalid'));
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-10 01:19:03 +0000