Skip to content

Commit 7bb78e4

Browse files
vboctordregad
authored andcommitted
Use session rather than form key for captcha
Fixes #17811 Signed-off-by: Damien Regad <dregad@mantisbt.org>
1 parent b002167 commit 7bb78e4

File tree

4 files changed

+10
-8
lines changed

4 files changed

+10
-8
lines changed

Diff for: core/constant_inc.php

+2
Original file line numberDiff line numberDiff line change
@@ -540,3 +540,5 @@
540540
define( 'PASSWORD_MAX_SIZE_BEFORE_HASH', 1024 );
541541

542542
define( 'SECONDS_PER_DAY', 86400 );
543+
544+
define( 'CAPTCHA_KEY', 'captcha_key' );

Diff for: make_captcha_img.php

+2-2
Original file line numberDiff line numberDiff line change
@@ -26,9 +26,9 @@
2626
*/
2727
require_once( 'core.php' );
2828

29-
$f_public_key = gpc_get_int( 'public_key' );
29+
$t_form_key = session_get( CAPTCHA_KEY );
3030

31-
$t_key = utf8_strtolower( utf8_substr( md5( config_get( 'password_confirm_hash_magic_string' ) . $f_public_key ), 1, 5) );
31+
$t_key = utf8_strtolower( utf8_substr( md5( config_get( 'password_confirm_hash_magic_string' ) . $t_form_key ), 1, 5) );
3232
$t_system_font_folder = get_font_path();
3333
$t_font_per_captcha = config_get( 'font_per_captcha' );
3434

Diff for: signup.php

+3-2
Original file line numberDiff line numberDiff line change
@@ -32,7 +32,6 @@
3232
$f_username = strip_tags( gpc_get_string( 'username' ) );
3333
$f_email = strip_tags( gpc_get_string( 'email' ) );
3434
$f_captcha = gpc_get_string( 'captcha', '' );
35-
$f_public_key = gpc_get_int( 'public_key', '' );
3635

3736
$f_username = trim( $f_username );
3837
$f_email = email_append_domain( trim( $f_email ) );
@@ -51,8 +50,10 @@
5150

5251
if( ON == config_get( 'signup_use_captcha' ) && get_gd_version() > 0 &&
5352
helper_call_custom_function( 'auth_can_change_password', array() ) ) {
53+
$t_form_key = session_get( CAPTCHA_KEY );
54+
5455
# captcha image requires GD library and related option to ON
55-
$t_key = utf8_strtolower( utf8_substr( md5( config_get( 'password_confirm_hash_magic_string' ) . $f_public_key ), 1, 5) );
56+
$t_key = utf8_strtolower( utf8_substr( md5( config_get( 'password_confirm_hash_magic_string' ) . $t_form_key ), 1, 5) );
5657

5758
if ( $t_key != $f_captcha ) {
5859
trigger_error( ERROR_SIGNUP_NOT_MATCHING_CAPTCHA, ERROR );

Diff for: signup_page.php

+3-4
Original file line numberDiff line numberDiff line change
@@ -35,8 +35,6 @@
3535

3636
html_page_top1();
3737
html_page_top2a();
38-
39-
$t_key = mt_rand( 0,99999 );
4038
?>
4139

4240
<br />
@@ -68,6 +66,8 @@
6866
<?php
6967
$t_allow_passwd = helper_call_custom_function( 'auth_can_change_password', array() );
7068
if( ON == config_get( 'signup_use_captcha' ) && get_gd_version() > 0 && ( true == $t_allow_passwd ) ) {
69+
session_set( CAPTCHA_KEY, mt_rand( 0,99999 ) );
70+
7171
# captcha image requires GD library and related option to ON
7272
?>
7373
<tr class="row-1">
@@ -78,8 +78,7 @@
7878
<?php print_captcha_input( 'captcha', '' ) ?>
7979
</td>
8080
<td>
81-
<img src="make_captcha_img.php?public_key=<?php echo $t_key ?>" alt="visual captcha" />
82-
<input type="hidden" name="public_key" value="<?php echo $t_key ?>" />
81+
<img src="make_captcha_img.php" alt="visual captcha" />
8382
</td>
8483
</tr>
8584
<?php

0 commit comments

Comments
 (0)