necro_nemesis
/
LabyrinthAP
mirror of https://github.com/necro-nemesis/LabyrinthAP
2
1
Fork 0
Code Issues Releases Wiki Activity

Add CSRF token to password change page

Browse Source
pull/4/head
Joe Haig 9 years ago
parent f98af5c60b
commit 5c2492e785
3 changed files with 52 additions and 17 deletions
Show Stats Download Patch File Download Diff File

5
includes/admin.php
Unescape Escape View File

@ -13,6 +13,7 @@ function Status($message, $level='success', $dismissable=true) {
function DisplayAuthConfig($username, $password){ function DisplayAuthConfig($username, $password){
$status = ''; $status = '';
if (isset($_POST['UpdateAdminPassword'])) { if (isset($_POST['UpdateAdminPassword'])) {
if (CSRFValidate()) {
if (password_verify($_POST['oldpass'], $password)) { if (password_verify($_POST['oldpass'], $password)) {
$new_username=trim($_POST['username']); $new_username=trim($_POST['username']);
if ($_POST['newpass'] != $_POST['newpassagain']) { if ($_POST['newpass'] != $_POST['newpassagain']) {
@ -33,6 +34,9 @@ function DisplayAuthConfig($username, $password){
} else { } else {
$status = Status('Old password does not match', 'danger'); $status = Status('Old password does not match', 'danger');
} }
} else {
// Log something
}
} }
?> ?>
<div class="row"> <div class="row">
@ -42,6 +46,7 @@ function DisplayAuthConfig($username, $password){
<div class="panel-body"> <div class="panel-body">
<p><?php echo $status; ?></p> <p><?php echo $status; ?></p>
<form role="form" action="/?page=admin_conf" method="POST"> <form role="form" action="/?page=admin_conf" method="POST">
<?php CSRFToken() ?>
<div class="row"> <div class="row">
<div class="form-group col-md-4"> <div class="form-group col-md-4">
<label for="username">Username</label> <label for="username">Username</label>

20
includes/functions.php
Unescape Escape View File

@ -1,5 +1,25 @@
<?php <?php
/**
*
* Add CSRF Token to form
*
*/
function CSRFToken() {
?>
<input type="hidden" name="csrf_token" value="<?php echo $csrf_token; ?>" />
<?php
}
/**
*
* Validate CSRF Token
*
*/
function CSRFValidate() {
return hash_equals($_POST['csrf_token'], $_SESSION['csrf_token']);
}
/** /**
* *
* @param string $input * @param string $input

10
index.php
Unescape Escape View File

@ -44,6 +44,16 @@ include_once( 'includes/functions.php' );
$output = $return = 0; $output = $return = 0;
$page = $_GET['page']; $page = $_GET['page'];
session_start();
if (empty($_SESSION['csrf_token'])) {
if (function_exists('mcrypt_create_iv')) {
$_SESSION['csrf_token'] = bin2hex(mcrypt_create_iv(32, MCRYPT_DEV_URANDOM));
} else {
$_SESSION['csrf_token'] = bin2hex(openssl_random_pseudo_bytes(32));
}
}
$csrf_token = $_SESSION['csrf_token'];
?> ?>
<!DOCTYPE html> <!DOCTYPE html>

Write Preview
Loading…
Cancel
Save