csrf functions
This commit is contained in:
Shish
parent
c6f358a8fc
commit
6cd53fed8a
2 changed files with 29 additions and 0 deletions
|
|
@ -35,6 +35,7 @@ class User {
|
|||
$this->email = $row['email'];
|
||||
$this->join_date = $row['joindate'];
|
||||
$this->admin = ($row['admin'] == 'Y');
|
||||
$this->passhash = $row['pass'];
|
||||
}
|
||||
|
||||
public static function by_session($name, $session) {
|
||||
|
|
@ -153,5 +154,32 @@ class User {
|
|||
}
|
||||
return "";
|
||||
}
|
||||
|
||||
/**
|
||||
* Get an auth token to be used in POST forms
|
||||
*
|
||||
* password = secret, avoid storing directly
|
||||
* passhash = md5(password), so someone who gets to the database can't get passwords
|
||||
* sesskey = md5(passhash . IP), so if it gets sniffed it can't be used from another IP,
|
||||
* and it can't be used to get the passhash to generate new sesskeys
|
||||
* authtok = md5(sesskey, salt), presented to the user in web forms, to make sure that
|
||||
* the form was generated within the session. Salted and re-hashed so that
|
||||
* reading a web page from the user's cache doesn't give access to the session key
|
||||
*/
|
||||
public function get_auth_token() {
|
||||
global $config;
|
||||
$addr = get_session_ip($config);
|
||||
return md5(md5($this->passhash . $addr) . "salty-csrf");
|
||||
}
|
||||
|
||||
public function get_auth_html() {
|
||||
$at = $this->get_auth_token();
|
||||
return "<input type='hidden' name='auth_token' value='$at'>";
|
||||
}
|
||||
|
||||
public function check_auth_token() {
|
||||
return ($_POST["auth_token"] == $this->get_auth_token());
|
||||
}
|
||||
|
||||
}
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -878,6 +878,7 @@ function _get_user() {
|
|||
$user = User::by_id($config->get_int("anon_id", 0));
|
||||
}
|
||||
assert(!is_null($user));
|
||||
|
||||
return $user;
|
||||
}
|
||||
|
||||
|
|
|
|||
Reference in a new issue