Permalink
Browse files

Merge @bytewave's security fixes from ~2 months ago

  • Loading branch information...
antigravities committed Apr 25, 2017
1 parent 5ed0b74 commit 44333762eed0e2e33f23df457f0fd41c2e107fb4
Showing with 13 additions and 8 deletions.
  1. +12 −0 inc/init.inc
  2. +1 −8 www/login.php
@@ -15,6 +15,18 @@
require_once("log.inc");
session_start();
// Regerate session IDs every 5 minutes
// https://paragonie.com/blog/2015/04/fast-track-safe-and-secure-php-sessions
if (!isset($_SESSION['canary'])) {
session_regenerate_id(true);
$_SESSION['canary'] = time();
}
if ($_SESSION['canary'] < time() - 300) {
session_regenerate_id(true);
$_SESSION['canary'] = time();
}
$logUser=updateLogUser($_SESSION);
elog("eeti2", "Pageview from " . $logUser . ": " . $_SERVER['REQUEST_URI']);
@@ -2,16 +2,8 @@
require_once("../inc/init.inc");
function session_fully_destroy(){
// Invalidate the cookie just in case session.use_strict_mode is still set to 0 for some reason
$params = session_get_cookie_params();
setcookie(session_name(), '', time()-42000, $params["path"], $params["domain"], $params["secure"], $params["httponly"]);
session_destroy();
}
if( @isset($_GET['logout']) ){
session_start();
session_fully_destroy();
header("Location: index.php?loggedout");
}
@@ -35,6 +27,7 @@ function session_fully_destroy(){
$res=authenticate($_POST['user'], $_POST['pass']);
if( $res > -1 ){
session_regenerate_id(true);
$_SESSION['user']=$_POST['user'];
$_SESSION['uid']=$res;
$_SESSION['ip']=$_SERVER["REMOTE_ADDR"];

2 comments on commit 4433376

@antigravities

This comment has been minimized.

Member

antigravities replied Apr 25, 2017

And by "Bytewave" I mean @BytewaveMLP, because he has a different username in our internal repository system and kjkjawdkljadlkjs

@BytewaveMLP

This comment has been minimized.

Member

BytewaveMLP replied Apr 25, 2017

I can't control when my username is taken. ¯\_(ツ)_/¯

Please sign in to comment.