aboutsummaryrefslogtreecommitdiffstats
path: root/include/functions.inc.php
diff options
context:
space:
mode:
authorplegall <plg@piwigo.org>2010-03-19 22:25:39 +0000
committerplegall <plg@piwigo.org>2010-03-19 22:25:39 +0000
commitc695136e4d75695178a9fc848a7cf6bfa2b9346c (patch)
treeefba21de4995d7bd6b2f792e6d118a8e6e6bd405 /include/functions.inc.php
parentff7e537e2b4bceaef241096a377d12af4b917c43 (diff)
bug 1328: backport the pwg_token on trunk
bug 1329: backport the check_input_parameter on trunk feature 1026: add pwg_token feature for edit/delete comment. Heavy refactoring on this feature to make the code simpler and easier to maintain (I hope). git-svn-id: http://piwigo.org/svn/trunk@5195 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'include/functions.inc.php')
-rw-r--r--include/functions.inc.php82
1 files changed, 82 insertions, 0 deletions
diff --git a/include/functions.inc.php b/include/functions.inc.php
index 91738090f..092fe15a4 100644
--- a/include/functions.inc.php
+++ b/include/functions.inc.php
@@ -1482,4 +1482,86 @@ function get_icon($date, $is_child_date = false)
return $cache['get_icon'][$date] ? $icon : array();
}
+
+/**
+ * check token comming from form posted or get params to prevent csrf attacks
+ * if pwg_token is empty action doesn't require token
+ * else pwg_token is compare to server token
+ *
+ * @return void access denied if token given is not equal to server token
+ */
+function check_pwg_token()
+{
+ $valid_token = get_pwg_token();
+ $given_token = null;
+
+ if (!empty($_POST['pwg_token']))
+ {
+ $given_token = $_POST['pwg_token'];
+ }
+ elseif (!empty($_GET['pwg_token']))
+ {
+ $given_token = $_GET['pwg_token'];
+ }
+ if ($given_token != $valid_token)
+ {
+ access_denied();
+ }
+}
+
+function get_pwg_token()
+{
+ global $conf;
+
+ return hash_hmac('md5', session_id(), $conf['secret_key']);
+}
+
+/*
+ * breaks the script execution if the given value doesn't match the given
+ * pattern. This should happen only during hacking attempts.
+ *
+ * @param string param_name
+ * @param array param_array
+ * @param boolean is_array
+ * @param string pattern
+ *
+ * @return void
+ */
+function check_input_parameter($param_name, $param_array, $is_array, $pattern)
+{
+ $param_value = null;
+ if (isset($param_array[$param_name]))
+ {
+ $param_value = $param_array[$param_name];
+ }
+
+ // it's ok if the input parameter is null
+ if (empty($param_value))
+ {
+ return true;
+ }
+
+ if ($is_array)
+ {
+ if (!is_array($param_value))
+ {
+ fatal_error('[Hacking attempt] the input parameter "'.$param_name.'" should be an array');
+ }
+
+ foreach ($param_value as $item_to_check)
+ {
+ if (!preg_match($pattern, $item_to_check))
+ {
+ fatal_error('[Hacking attempt] an item is not valid in input parameter "'.$param_name.'"');
+ }
+ }
+ }
+ else
+ {
+ if (!preg_match($pattern, $param_value))
+ {
+ fatal_error('[Hacking attempt] the input parameter "'.$param_name.'" is not valid');
+ }
+ }
+}
?> \ No newline at end of file