diff options
| author | Simon Rettberg | 2016-05-19 15:46:30 +0200 |
|---|---|---|
| committer | Simon Rettberg | 2016-05-19 15:46:30 +0200 |
| commit | bc959df0c9df3fdf250fb93ef30dbb81cbd848c7 (patch) | |
| tree | 15344f7f9db92c4a9698015af5ca2fa0f03dec5d /inc/user.inc.php | |
| parent | [baseconfig] Remove pointless TODO (diff) | |
| download | slx-admin-bc959df0c9df3fdf250fb93ef30dbb81cbd848c7.tar.gz slx-admin-bc959df0c9df3fdf250fb93ef30dbb81cbd848c7.tar.xz slx-admin-bc959df0c9df3fdf250fb93ef30dbb81cbd848c7.zip | |
Fix CSRF token checking; improve token/sid generation
Diffstat (limited to 'inc/user.inc.php')
| -rw-r--r-- | inc/user.inc.php | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/inc/user.inc.php b/inc/user.inc.php index 595f4745..49500aa2 100644 --- a/inc/user.inc.php +++ b/inc/user.inc.php @@ -56,9 +56,17 @@ class User return false; if (!Crypto::verify($pass, $ret['passwd'])) return false; - Session::create(); + Session::create($ret['passwd']); Session::set('uid', $ret['userid']); - Session::set('token', md5(rand() . time() . rand() . $_SERVER['REMOTE_ADDR'] . rand() . $_SERVER['REMOTE_PORT'] . rand() . $_SERVER['HTTP_USER_AGENT'])); + Session::set('token', md5($ret['passwd'] . ',' + . rand() . ',' + . time() . ',' + . rand() . ',' + . $_SERVER['REMOTE_ADDR'] . ',' + . rand() . ',' + . $_SERVER['REMOTE_PORT'] . ',' + . rand() . ',' + . $_SERVER['HTTP_USER_AGENT'])); Session::save(); return true; } |