- revert feature 564: log the login of each user; but add the possibility to be

done by a plugin
- create a "standard" way to define PHP functions that we use but might not be
available in the current php version
- when a comment is rejected (spam, anti-flood etc), put the content back to the
browser in case there is a real user behind it
- now a comment can be entered only if the page was retrieved between 2 seconds
ago and 1 hour ago

git-svn-id: http://piwigo.org/svn/trunk@1744 68402e56-0260-453c-a942-63ccdbb3a9ee

1 files changed, 25 insertions, 0 deletions

diff --git a/include/php_compat/hash_hmac.php b/include/php_compat/hash_hmac.php
new file mode 100644
index 000000000..5f05e370c
--- /dev/null
+++ b/include/php_compat/hash_hmac.php
@@ -0,0 +1,25 @@
+<?php
+//(hash) - enabled by default as of PHP 5.1.2
+function hash_hmac($algo, $data, $key, $raw_output=false)
+{
+  /* md5 and sha1 only */
+  $algo=strtolower($algo);
+  $p=array('md5'=>'H32','sha1'=>'H40');
+  if ( !isset($p[$algo]) or !function_exists($algo) )
+  {
+    $algo = 'md5';
+  }
+  if(strlen($key)>64) $key=pack($p[$algo],$algo($key));
+  if(strlen($key)<64) $key=str_pad($key,64,chr(0));
+
+  $ipad=substr($key,0,64) ^ str_repeat(chr(0x36),64);
+  $opad=substr($key,0,64) ^ str_repeat(chr(0x5C),64);
+
+  $ret = $algo($opad.pack($p[$algo],$algo($ipad.$data)));
+  if ($raw_output)
+  {
+    $ret = pack('H*', $ret);
+  }
+  return $ret;
+}
+?>
\ No newline at end of file