diff options
| author | Marc Alexander <admin@m-a-styles.de> | 2019-04-27 13:26:36 +0200 |
|---|---|---|
| committer | Marc Alexander <admin@m-a-styles.de> | 2019-04-27 13:26:36 +0200 |
| commit | f75dd1628cd3add8f69128ff63e0c1cd296cd2a3 (patch) | |
| tree | b2b017a47ea5720b04f925ba8464864888f3e889 | |
| parent | f3c4587d47af6aa3e39368653b542f97ed3428c6 (diff) | |
| parent | b8368980162392bf9f97496ecec18abe2bd34fad (diff) | |
| download | forums-f75dd1628cd3add8f69128ff63e0c1cd296cd2a3.tar forums-f75dd1628cd3add8f69128ff63e0c1cd296cd2a3.tar.gz forums-f75dd1628cd3add8f69128ff63e0c1cd296cd2a3.tar.bz2 forums-f75dd1628cd3add8f69128ff63e0c1cd296cd2a3.tar.xz forums-f75dd1628cd3add8f69128ff63e0c1cd296cd2a3.zip | |
Merge pull request #48 from phpbb/ticket/security/228
[ticket/security/228] Add form token to login box
| -rw-r--r-- | phpBB/includes/functions.php | 19 | ||||
| -rw-r--r-- | phpBB/index.php | 3 | ||||
| -rw-r--r-- | phpBB/styles/prosilver/template/index_body.html | 1 | ||||
| -rw-r--r-- | phpBB/styles/prosilver/template/login_body.html | 1 |
4 files changed, 22 insertions, 2 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 24f251601f..1d1c9f6f4f 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2288,6 +2288,7 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa global $request, $phpbb_container, $phpbb_dispatcher, $phpbb_log; $err = ''; + $form_name = 'login'; // Make sure user->setup() has been called if (!$user->is_setup()) @@ -2363,8 +2364,19 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa trigger_error('NO_AUTH_ADMIN_USER_DIFFER'); } - // If authentication is successful we redirect user to previous page - $result = $auth->login($username, $password, $autologin, $viewonline, $admin); + // Check form key + if ($password && !check_form_key($form_name)) + { + $result = array( + 'status' => false, + 'error_msg' => 'FORM_INVALID', + ); + } + else + { + // If authentication is successful we redirect user to previous page + $result = $auth->login($username, $password, $autologin, $viewonline, $admin); + } // If admin authentication and login, we will log if it was a success or not... // We also break the operation on the first non-success login - it could be argued that the user already knows @@ -2515,6 +2527,9 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa )); } + // Add form token for login box + add_form_key($form_name, '_LOGIN'); + $s_hidden_fields = build_hidden_fields($s_hidden_fields); $login_box_template_data = array( diff --git a/phpBB/index.php b/phpBB/index.php index 13b914abd3..5eee7723a9 100644 --- a/phpBB/index.php +++ b/phpBB/index.php @@ -211,6 +211,9 @@ if ($show_birthdays) $template->assign_block_vars_array('birthdays', $birthdays); } +// Add form token for login box +add_form_key('login', '_LOGIN'); + // Assign index specific vars $template->assign_vars(array( 'TOTAL_POSTS' => $user->lang('TOTAL_POSTS_COUNT', (int) $config['num_posts']), diff --git a/phpBB/styles/prosilver/template/index_body.html b/phpBB/styles/prosilver/template/index_body.html index b292c40eb2..239a91c580 100644 --- a/phpBB/styles/prosilver/template/index_body.html +++ b/phpBB/styles/prosilver/template/index_body.html @@ -29,6 +29,7 @@ <!-- ENDIF --> <input type="submit" tabindex="5" name="login" value="{L_LOGIN}" class="button2" /> {S_LOGIN_REDIRECT} + {S_FORM_TOKEN_LOGIN} </fieldset> </form> <!-- ENDIF --> diff --git a/phpBB/styles/prosilver/template/login_body.html b/phpBB/styles/prosilver/template/login_body.html index ef08035717..dc597af51d 100644 --- a/phpBB/styles/prosilver/template/login_body.html +++ b/phpBB/styles/prosilver/template/login_body.html @@ -33,6 +33,7 @@ <!-- ENDIF --> {S_LOGIN_REDIRECT} + {S_FORM_TOKEN_LOGIN} <dl> <dt> </dt> <dd>{S_HIDDEN_FIELDS}<input type="submit" name="login" tabindex="6" value="{L_LOGIN}" class="button1" /></dd> |