oldkid/friendica
1
0
Fork 0
mirror of https://git.sekbaer.de/Friendica/friendica.git synced 2025-06-08 08:14:25 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #7725 from dew-git/develop

Browse source 
Fix security vulnerabilities.
This commit is contained in:
Hypolite Petovan 2019-10-11 14:48:07 -04:00 committed by GitHub
commit 27eaffd7fb
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
9 changed files with 454 additions and 334 deletions
Download patch file Download diff file Expand all files Collapse all files

29
src/Module/Login.php
View file

@ -1,7 +1,9 @@
<?php
/**
* @file src/Module/Login.php
*/
namespace Friendica\Module;
use Exception;
@ -48,10 +50,8 @@ class Login extends BaseModule
// OpenId Login
if (
empty($_POST['password'])
&& (
!empty($_POST['openid_url'])
|| !empty($_POST['username'])
)
&& (!empty($_POST['openid_url'])
|| !empty($_POST['username']))
) {
$openid_url = trim(defaults($_POST, 'openid_url', $_POST['username']));
@ -136,7 +136,9 @@ class Login extends BaseModule
throw new Exception(L10n::t('Login failed.'));
}
} else {
$record = DBA::selectFirst('user', [],
$record = DBA::selectFirst(
'user',
[],
['uid' => User::getIdFromPasswordAuthentication($username, $password)]
);
}
@ -176,7 +178,9 @@ class Login extends BaseModule
$data = json_decode($_COOKIE["Friendica"]);
if (isset($data->uid)) {
$user = DBA::selectFirst('user', [],
$user = DBA::selectFirst(
'user',
[],
[
'uid' => $data->uid,
'blocked' => false,
@ -186,7 +190,10 @@ class Login extends BaseModule
]
);
if (DBA::isResult($user)) {
if ($data->hash != Authentication::getCookieHashForUser($user)) {
if (!hash_equals(
Authentication::getCookieHashForUser($user),
$data->hash
)) {
Logger::log("Hash for user " . $data->uid . " doesn't fit.");
Authentication::deleteSession();
$a->internalRedirect();
@ -229,7 +236,9 @@ class Login extends BaseModule
$a->internalRedirect();
}
$user = DBA::selectFirst('user', [],
$user = DBA::selectFirst(
'user',
[],
[
'uid' => $_SESSION['uid'],
'blocked' => false,
@ -312,12 +321,12 @@ class Login extends BaseModule
'$logout' => L10n::t('Logout'),
'$login' => L10n::t('Login'),
'$lname' => ['username', L10n::t('Nickname or Email: ') , '', ''],
'$lname' => ['username', L10n::t('Nickname or Email: '), '', ''],
'$lpassword' => ['password', L10n::t('Password: '), '', ''],
'$lremember' => ['remember', L10n::t('Remember me'), 0, ''],
'$openid' => !$noid,
'$lopenid' => ['openid_url', L10n::t('Or login using OpenID: '),'',''],
'$lopenid' => ['openid_url', L10n::t('Or login using OpenID: '), '', ''],
'$hiddens' => $hiddens,