Skip to content

Commit

Permalink
Small change to formkey id
Browse files Browse the repository at this point in the history
  • Loading branch information
@pudge
pudge committed Jun 9, 2000
1 parent d80f65f commit d85a967
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 2 deletions.
3 changes: 3 additions & 0 deletions CHANGES
View file
Original file line number Diff line number Diff line change
Expand Up @@ -95,6 +95,9 @@ slash-1.0.5, 2000.06.xx
to encode every character that is not safe or reserved,
according to RFC1738)

* Changed formkey to be by uid for logged in users, IP address
for everyone else

* Plenty of minor code cleanups


Expand Down
6 changes: 4 additions & 2 deletions Slash.pm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2658,11 +2658,13 @@ sub getFormkeyId {
# if user logs in during submission of form, after getting
# formkey as AC, check formkey with user as AC
if ($I{query}->param('rlogin') && length($I{F}{upasswd}) > 1) {
$id = crypt($ENV{REMOTE_ADDR}, reverse $ENV{REMOTE_ADDR});
# id includes '&' to prevent uid's and IPs
# from potentially being the same
$id = '-1&' . $ENV{REMOTE_ADDR};
} elsif ($uid > 0) {
$id = $uid;
} else {
$id = crypt($ENV{REMOTE_ADDR}, reverse $ENV{REMOTE_ADDR});
$id = '-1&' . $ENV{REMOTE_ADDR};
}
return($id);
}
Expand Down

0 comments on commit d85a967

Please sign in to comment.