mirrors/Piwigo
1
0
Fork 0
mirror of https://github.com/Piwigo/Piwigo.git synced 2025-04-28 04:09:56 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

feature 1915: add protection on user registration against robots

Browse source 
git-svn-id: http://piwigo.org/svn/trunk@7495 68402e56-0260-453c-a942-63ccdbb3a9ee
This commit is contained in:
rvelices 2010-10-30 11:32:11 +00:00
parent 6f841013d9
commit d8ec9b9fdd
7 changed files with 51 additions and 40 deletions
Download patch file Download diff file Expand all files Collapse all files

17
include/functions_comment.inc.php
View file

@ -119,14 +119,7 @@ SELECT COUNT(*) AS user_exists
$comment_action='reject';
}
$key = explode( ':', @$key );
if ( count($key)!=2
or $key[0]>time()-2 // page must have been retrieved more than 2 sec ago
or $key[0]<time()-3600 // 60 minutes expiration
or hash_hmac(
'md5', $key[0].':'.$comm['image_id'], $conf['secret_key']
) != $key[1]
)
if ( !verify_ephemeral_key(@$key, $comm['image_id']) )
{
$comment_action='reject';
}
@ -248,13 +241,7 @@ function update_user_comment($comment, $post_key)
$comment_action = 'validate';
$key = explode( ':', $post_key );
if ( count($key)!=2
or $key[0]>time()-2 // page must have been retrieved more than 2 sec ago
or $key[0]<time()-3600 // 60 minutes expiration
or hash_hmac('md5', $key[0].':'.$comment['image_id'], $conf['secret_key']
) != $key[1]
)
if ( !verify_ephemeral_key($post_key, $comment['image_id']) )
{
$comment_action='reject';
}