Overview
Comment: | Utilisation de Form au lieu de Security pour faire du CSRF |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | dev |
Files: | files | file ages | folders |
SHA1: |
a80706f2b7c9d0215947737c06abb5f3 |
User & Date: | bohwaz on 2017-05-16 06:10:18 |
Other Links: | branch diff | manifest | tags |
Context
2017-05-16
| ||
06:11 | Modernisation page mes_infos_securite check-in: c2c740f554 user: bohwaz tags: dev | |
06:10 | Utilisation de Form au lieu de Security pour faire du CSRF check-in: a80706f2b7 user: bohwaz tags: dev | |
06:09 | DB: Fix legacy compatibility functions check-in: f9c05b3c39 user: bohwaz tags: dev | |
Changes
Modified src/include/lib/Garradin/Utils.php from [fbd4916050] to [eae3812611].
1 2 3 4 5 6 7 8 9 10 11 12 | <?php namespace Garradin; use KD2\Security; class Utils { static protected $country_list = null; static protected $skriv = null; | > | 1 2 3 4 5 6 7 8 9 10 11 12 13 | <?php namespace Garradin; use KD2\Security; use KD2\Form; class Utils { static protected $country_list = null; static protected $skriv = null; |
︙ | ︙ | |||
181 182 183 184 185 186 187 | if ($exit) exit(); } static public function CSRF_create($key) { | | | | | 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 | if ($exit) exit(); } static public function CSRF_create($key) { return Form::tokenGenerate($key); } static public function CSRF_check($key, $hash=null) { return Form::tokenCheck($key, $hash); } static public function CSRF_field_name($key) { return Form::tokenFieldName($key); } static public function post($key) { return isset($_POST[$key]) ? $_POST[$key] : ''; } |
︙ | ︙ | |||
487 488 489 490 491 492 493 | $dir->close(); return true; } static public function suggestPassword() { | | | 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 | $dir->close(); return true; } static public function suggestPassword() { return Security::getRandomPassphrase(ROOT . '/include/data/dictionary.fr'); } static public function checkIBAN($iban) { $iban = substr($iban, 4) . substr($iban, 0, 4); $iban = str_replace(range('A', 'Z'), range(10, 35), $iban); return (bcmod($iban, 97) == 1); |
︙ | ︙ |