fuzzy
/
dev_endboard
mirror of http://git.simp.i2p/fuzzykitten/dev_endboard
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

changed make_token, so that characterset can be determined

main
fuzzykitten 2025-04-11 12:42:35 -04:00
parent 4b365df11f
commit d48ae4c40c
5 changed files with 25 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
opt/admin.php
View File

@ -109,7 +109,7 @@ function check_admin($db, $settings)
} }
if ( ($key == '') && (!file_exists($filename)) ) { if ( ($key == '') && (!file_exists($filename)) ) {
$token = make_token(250); $token = make_token(250, 'alnum');
$token_hash = password_hash($token, PASSWORD_DEFAULT); $token_hash = password_hash($token, PASSWORD_DEFAULT);
if ($counter == 0) { if ($counter == 0) {
@ -264,7 +264,7 @@ function check_auth_admin($db, $settings)
} }
$token = make_token(250); $token = make_token(250, 'alnum');
$token_hash = password_hash($token, PASSWORD_DEFAULT); $token_hash = password_hash($token, PASSWORD_DEFAULT);
$statement = $db->prepare("UPDATE keys $statement = $db->prepare("UPDATE keys
@ -371,7 +371,7 @@ function check_auth_mod($db, $settings)
} }
$token = make_token(250); $token = make_token(250, 'alnum');
$token_hash = password_hash($token, PASSWORD_DEFAULT); $token_hash = password_hash($token, PASSWORD_DEFAULT);
$statement = $db->prepare("UPDATE keys $statement = $db->prepare("UPDATE keys
@ -621,7 +621,7 @@ function dump_full($db, $settings)
array_push($json_dump, $post); array_push($json_dump, $post);
} }
$diff = make_token(20); $diff = make_token(20, 'alnum');
$filename = $settings['work_dir'] . 'full_dump_' . $diff . '.json'; $filename = $settings['work_dir'] . 'full_dump_' . $diff . '.json';
file_put_contents($filename, json_encode($json_dump, file_put_contents($filename, json_encode($json_dump,

15
opt/base.php
View File

@ -492,18 +492,25 @@ function make_tables($db)
// a limited time. A way of having sessions without cookies. // a limited time. A way of having sessions without cookies.
// Also used as a hidden field in the post form to prevent double // Also used as a hidden field in the post form to prevent double
// posting by sending the same input twice. // posting by sending the same input twice.
function make_token($length) function make_token($length, $mode)
{ {
if ( $mode == 'alnum' ) {
$characters = '0123456789' $characters = '0123456789'
. 'abcdefghijklmnopqrstuvwxyz' . 'abcdefghijklmnopqrstuvwxyz'
. 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'; . 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
} elseif ( $mode == 'alpha' ) {
$characters = 'abcdefghijklmnopqrstuvwxyz'
. 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
} elseif ( $mode == 'num' ) {
$characters = '0123456789';
}
$counter = count($characters) - 1;
$random_string = ''; $random_string = '';
for ($i = 0; $i < $length; $i++) { for ($i = 0; $i < $length; $i++) {
$index = random_int(0, 61); $index = random_int(0, $counter);
// we have 62 to choose, so 0 to 61
$random_string .= $characters[$index]; $random_string .= $characters[$index];
} }

12
opt/bot.php
View File

@ -248,17 +248,7 @@ function check_portal($db, $settings, $ip)
log_event($db, $settings, "portal", $portal_message, $ip); log_event($db, $settings, "portal", $portal_message, $ip);
return; return;
} else { } else {
$characters = 'abcdefghijklmnopqrstuvwxyz' $random_string = make_token(20, 'alpha');
. 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
$random_string = '';
for ($i = 0; $i < 20; $i++) {
// token length is set to 20 characters
$index = random_int(0, 51);
// we have 52 to choose, so 0 to 51
$random_string .= $characters[$index];
}
// $request = '/' . $random_string; // $request = '/' . $random_string;

16
opt/post.php
View File

@ -52,17 +52,7 @@
function answer_redirect($sub, $css, $post_id, $settings) function answer_redirect($sub, $css, $post_id, $settings)
{ {
$characters = 'abcdefghijklmnopqrstuvwxyz' $random_string = make_token(10, 'alpha');
. 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
$random_string = '';
for ($i = 0; $i < 20; $i++) {
// token length is set to 20 characters
$index = random_int(0, 51);
// we have 52 to choose, so 0 to 51
$random_string .= $characters[$index];
}
if ( ( $settings['enable_tripcodes'] == TRUE ) && if ( ( $settings['enable_tripcodes'] == TRUE ) &&
( $_POST['combination'] == $_POST['combination_hidden'] ) && ( $_POST['combination'] == $_POST['combination_hidden'] ) &&
@ -557,8 +547,8 @@ function make_post($db, $sub, $settings, $text, $org_id)
function make_tripcode($settings) function make_tripcode($settings)
{ {
$tripkey = make_token(25); $tripkey = make_token(25, 'alnum');
$differ = make_token(6); $differ = make_token(6, 'alnum');
$name = $settings['prefix_autogen'] . $differ; $name = $settings['prefix_autogen'] . $differ;
$combination = $name . '#' . $tripkey; $combination = $name . '#' . $tripkey;

4
opt/show.php
View File

@ -109,7 +109,7 @@ function show_edit_form($db, $sub, $post_id, $ip, $css, $settings)
. "<input type='hidden' name='original' value='$original'>" . "<input type='hidden' name='original' value='$original'>"
. "<input type='hidden' name='post_id' value='$post_id'>"; . "<input type='hidden' name='post_id' value='$post_id'>";
$token = make_token(250); $token = make_token(250, 'alnum');
$current = time(); $current = time();
$hash = hash('sha512', $token); $hash = hash('sha512', $token);
@ -183,7 +183,7 @@ function show_post_form($db, $msg, $sub, $settings, $org_id, $css, $quote, $ip)
$html_string .= "<input type='hidden' name='org_id' value='$org_id'>"; $html_string .= "<input type='hidden' name='org_id' value='$org_id'>";
} }
$token = make_token(250); $token = make_token(250, 'alnum');
$current = time(); $current = time();
if ($settings['use_captcha']) { if ($settings['use_captcha']) {