Mercurial Mercurial > repos > enano-1.1 / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fixed improper serializing of IP that could allow reusing of key from multiple IP addresses.
authorDan
Sat, 01 Mar 2008 18:55:54 -0500
changeset 466 1cc8a038ad20
parent 465 fe8b8c9b54e8
child 467 e4bbd6fb8df3
Fixed improper serializing of IP that could allow reusing of key from multiple IP addresses.
includes/sessions.php file | annotate | diff | comparison | revisions 
--- a/includes/sessions.php	Sat Mar 01 18:55:30 2008 -0500
+++ b/includes/sessions.php	Sat Mar 01 18:55:54 2008 -0500
@@ -1112,8 +1112,8 @@
     // $keyhash is stored in the database, this is for compatibility with the older DB structure
     $keyhash = md5($session_key);
     // Record the user's IP
-    $ip = ip2hex($_SERVER['REMOTE_ADDR']);
-    if(!$ip)
+    $ip = $_SERVER['REMOTE_ADDR'];
+    if(!is_valid_ip($ip))
       die('$session->register_session: Remote-Addr was spoofed');
     // The time needs to be stashed to enforce the 15-minute limit on elevated session keys
     $time = time();
@@ -1179,7 +1179,7 @@
     else
     {
       $this->theme = ( isset($_GET['theme']) && isset($template->named_theme_list[$_GET['theme']])) ? $_GET['theme'] : $template->default_theme;
-      $this->style = ( isset($_GET['style']) && file_exists(ENANO_ROOT.'/themes/'.$this->theme . '/css/'.$_GET['style'].'.css' )) ? $_GET['style'] : substr($template->named_theme_list[$this->theme]['default_style'], 0, strlen($template->named_theme_list[$this->theme]['default_style'])-4);
+      $this->style = ( isset($_GET['style']) && file_exists(ENANO_ROOT.'/themes/'.$this->theme . '/css/'.$_GET['style'].'.css' )) ? $_GET['style'] : preg_replace('/\.css$/', '', $template->named_theme_list[$this->theme]['default_style']);
     }
     $this->user_id = 1;
     // This is a VERY special case we are allowing. It lets the installer create languages using the Enano API.
@@ -1250,7 +1250,7 @@
     }
     $row = $db->fetchrow();
     $row['user_id'] =& $row['uid'];
-    $ip = ip2hex($_SERVER['REMOTE_ADDR']);
+    $ip = $_SERVER['REMOTE_ADDR'];
     if($row['auth_level'] > $row['user_level'])
     {
       // Failed authorization check
@@ -3514,4 +3514,20 @@
   
 }
 
+/**
+ * Cron task - clears out the database of Diffie-Hellman keys
+ */
+
+function cron_clean_login_cache()
+{
+  global $db, $session, $paths, $template, $plugins; // Common objects
+  
+  if ( !$db->sql_query('DELETE FROM ' . table_prefix . 'diffiehellman;') )
+    $db->_die();
+  
+  setConfig('login_key_cache', '');
+}
+
+register_cron_task('cron_clean_login_cache', 72);
+
 ?>
Enano CMS (1.1.x)