iarv/Piwigo
1
0
Fork 0
mirror of https://github.com/Piwigo/Piwigo.git synced 2026-03-28 17:42:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

merge r4493 from trunk to branch 2.0

Browse Source 
Bug 1328 : improve check function


git-svn-id: http://piwigo.org/svn/branches/2.0@4502 68402e56-0260-453c-a942-63ccdbb3a9ee
This commit is contained in:
plegall
2009-12-15 22:54:11 +00:00
parent aca87d534d
commit 5d017241d3
1 changed files with 9 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
admin/include/functions.php
View File

@@ -34,13 +34,18 @@ function check_token()
{
global $conf;
$token = hash_hmac('md5', session_id(), $conf['secret_key']);
$valid_token = hash_hmac('md5', session_id(), $conf['secret_key']);
$given_token = null;
if (!empty($_POST['pwg_token']) && ($_POST['pwg_token'] != $token))
if (!empty($_POST['pwg_token']))
{
access_denied();
$given_token = $_POST['pwg_token'];
}
elseif (!empty($_GET['pwg_token']) && ($_GET['pwg_token'] != $token))
elseif (!empty($_GET['pwg_token']))
{
$given_token = $_GET['pwg_token'];
}
if ($given_token != $valid_token)
{
access_denied();
}