merge r4492 from trunk to branch 2.0

Bug 1328 add function to check token git-svn-id: http://piwigo.org/svn/branches/2.0@4501 68402e56-0260-453c-a942-63ccdbb3a9ee
author: plegall <plg@piwigo.org> 2009-12-15 22:53:51 +0000
committer: plegall <plg@piwigo.org> 2009-12-15 22:53:51 +0000
commit: aca87d534d3ac2ab88a8cfb6b1cafc9906c0fb86 (patch)
tree: 9f833975da91d9e5adea964b6d81aaa7e0c3f7e1
parent: 742e2a7c0ac86e9bcce2fa6eef65214e869cd19c (diff)
1 files changed, 22 insertions, 0 deletions
diff --git a/admin/include/functions.php b/admin/include/functions.php
index 66d7b52ec..1538a98ae 100644
--- a/admin/include/functions.php
+++ b/admin/include/functions.php
@@ -23,6 +23,28 @@
 
 include(PHPWG_ROOT_PATH.'admin/include/functions_metadata.php');
 
+/**
+ * check token comming from form posted or get params to prevent csrf attacks
+ * if pwg_token is empty action doesn't require token
+ * else pwg_token is compare to server token
+ *
+ * @return void access denied if token given is not equal to server token 
+ */
+function check_token()
+{
+  global $conf;
+
+  $token = hash_hmac('md5', session_id(), $conf['secret_key']);
+
+  if (!empty($_POST['pwg_token']) && ($_POST['pwg_token'] != $token))
+  {
+    access_denied();    
+  }
+  elseif (!empty($_GET['pwg_token']) && ($_GET['pwg_token'] != $token))
+  {
+    access_denied();    
+  }
+}
 
 // The function delete_site deletes a site and call the function
 // delete_categories for each primary category of the site
author	plegall <plg@piwigo.org>	2009-12-15 22:53:51 +0000
committer	plegall <plg@piwigo.org>	2009-12-15 22:53:51 +0000
commit	aca87d534d3ac2ab88a8cfb6b1cafc9906c0fb86 (patch)
tree	9f833975da91d9e5adea964b6d81aaa7e0c3f7e1
parent	742e2a7c0ac86e9bcce2fa6eef65214e869cd19c (diff)