mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-06 16:56:44 +02:00
Code Issues Releases Wiki Activity

new clicky thingies.

Browse Source 
git-svn-id: file:///svn/phpbb/trunk@8156 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Henry Sudhof
2007-10-09 11:21:08 +00:00
parent e8b2c4128e
commit ea9c1d7ea9
11 changed files with 121 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
phpBB/includes/acp/acp_board.php
View File

@@ -223,6 +223,8 @@ class acp_board
'enable_confirm' => array('lang' => 'VISUAL_CONFIRM_REG', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'max_login_attempts' => array('lang' => 'MAX_LOGIN_ATTEMPTS', 'validate' => 'int', 'type' => 'text:3:3', 'explain' => true),
'max_reg_attempts' => array('lang' => 'REG_LIMIT', 'validate' => 'int', 'type' => 'text:4:4', 'explain' => true),
'min_time_reg' => array('lang' => 'MIN_TIME_REG', 'validate' => 'int', 'type' => 'text:3:3', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']),
'min_time_terms' => array('lang' => 'MIN_TIME_TERMS', 'validate' => 'int', 'type' => 'text:3:3', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']),
'legend3' => 'COPPA',
'coppa_enable' => array('lang' => 'ENABLE_COPPA', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
@@ -327,6 +329,8 @@ class acp_board
'tpl_allow_php' => array('lang' => 'TPL_ALLOW_PHP', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
'form_token_lifetime' => array('lang' => 'FORM_TIME_MAX', 'validate' => 'int', 'type' => 'text:5:5', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']),
'form_token_mintime' => array('lang' => 'FORM_TIME_MIN', 'validate' => 'int', 'type' => 'text:5:5', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']),
'form_token_sid_guests' => array('lang' => 'FORM_SID_GUESTS', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true),
)
);
break;

14
phpBB/includes/functions.php
View File

@@ -2006,9 +2006,10 @@ function meta_refresh($time, $url)
*/
function add_form_key($form_name)
{
global $template, $user;
global $config, $template, $user;
$now = time();
$token = sha1($now . $user->data['user_form_salt'] . $form_name);
$token_sid = ($user->data['user_id'] == ANONYMOUS && !empty($config['form_token_sid_guests'])) ? $user->session_id : '';
$token = sha1($now . $user->data['user_form_salt'] . $form_name . $token_sid);
$s_fields = build_hidden_fields(array(
'creation_time' => $now,
@@ -2029,7 +2030,7 @@ function add_form_key($form_name)
*/
function check_form_key($form_name, $timespan = false, $return_page = '', $trigger = false, $miniumum_time = false)
{
global $user, $config;
global $config, $user;
if ($timespan === false)
{
@@ -2039,6 +2040,7 @@ function check_form_key($form_name, $timespan = false, $return_page = '', $trigg
{
$miniumum_time = $config['form_token_mintime'];
}
if (isset($_POST['creation_time']) && isset($_POST['form_token']))
{
$creation_time = abs(request_var('creation_time', 0));
@@ -2046,9 +2048,11 @@ function check_form_key($form_name, $timespan = false, $return_page = '', $trigg
$diff = (time() - $creation_time);
if (($diff > $miniumum_time) && (($diff < $timespan) || $timespan == -1))
if (($diff >= $miniumum_time) && (($diff <= $timespan) || $timespan == -1))
{
$key = sha1($creation_time . $user->data['user_form_salt'] . $form_name);
$token_sid = ($user->data['user_id'] == ANONYMOUS && !empty($config['form_token_sid_guests'])) ? $user->session_id : '';
$key = sha1($creation_time . $user->data['user_form_salt'] . $form_name . $token_sid);
if ($key === $token)
{
return true;

26
phpBB/includes/ucp/ucp_register.php
View File

@@ -44,14 +44,22 @@ class ucp_register
$change_lang = request_var('change_lang', '');
$user_lang = request_var('lang', $user->lang_name);
add_form_key('ucp_register');
// not so fast, buddy
if (($submit && !check_form_key('ucp_register', false, '', false, 5))
|| (!$submit && !check_form_key('ucp_register', false, '', false, 1)))
if (($submit && !check_form_key('ucp_register', false, '', false, $config['min_time_reg']))
|| (!$submit && !check_form_key('ucp_register_terms', false, '', false, $config['min_time_terms'])))
{
$agreed = false;
}
if ($agreed)
{
add_form_key('ucp_register');
}
else
{
add_form_key('ucp_register_terms');
}
if ($change_lang || $user_lang != $config['default_lang'])
@@ -121,8 +129,8 @@ class ucp_register
'S_SHOW_COPPA' => true,
'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields),
'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang))
);
'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang),
));
}
else
{
@@ -132,7 +140,9 @@ class ucp_register
'S_SHOW_COPPA' => false,
'S_REGISTRATION' => true,
'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields),
'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang . $add_coppa))
'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang . $add_coppa),
'S_TIME' => 1000 * (int)$config['min_time_terms'],
)
);
}
@@ -518,7 +528,9 @@ class ucp_register
'S_CONFIRM_CODE' => ($config['enable_confirm']) ? true : false,
'S_COPPA' => $coppa,
'S_HIDDEN_FIELDS' => $s_hidden_fields,
'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register'))
'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register'),
'S_TIME' => 1000 * (int)$config['min_time_reg'],
)
);
//