diff options
| author | Lukas Reschke <lukas@statuscode.ch> | 2012-09-29 17:15:35 +0400 |
|---|---|---|
| committer | Lukas Reschke <lukas@statuscode.ch> | 2012-09-29 17:15:35 +0400 |
| commit | f5fe95a1315200c7e0c08544b2aad5ef69167d7c (patch) | |
| tree | d78a6eddca4d24f07448e5a8be65cd759899beff /core | |
| parent | bd804b74c46ed6779bf82a506711b48644a197f4 (diff) | |
Removed sectoken
This token is completly useless since an attacker can easily extract it
from the page.
Diffstat (limited to 'core')
| -rw-r--r-- | core/lostpassword/index.php | 15 | ||||
| -rw-r--r-- | core/lostpassword/templates/lostpassword.php | 1 |
2 files changed, 4 insertions, 12 deletions
diff --git a/core/lostpassword/index.php b/core/lostpassword/index.php index 8da86d5a360..9eda0915b08 100644 --- a/core/lostpassword/index.php +++ b/core/lostpassword/index.php @@ -16,7 +16,7 @@ if (isset($_POST['user'])) { $token = sha1($_POST['user'].md5(uniqid(rand(), true))); OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword', $token); $email = OC_Preferences::getValue($_POST['user'], 'settings', 'email', ''); - if (!empty($email) and isset($_POST['sectoken']) and isset($_SESSION['sectoken']) and ($_POST['sectoken']==$_SESSION['sectoken']) ) { + if (!empty($email)) { $link = OC_Helper::linkToAbsolute('core/lostpassword', 'resetpassword.php', array('user' => $_POST['user'], 'token' => $token)); $tmpl = new OC_Template('core/lostpassword', 'email'); $tmpl->assign('link', $link, false); @@ -25,18 +25,11 @@ if (isset($_POST['user'])) { $from = 'lostpassword-noreply@' . OCP\Util::getServerHost(); OC_MAIL::send($email, $_POST['user'], $l->t('ownCloud password reset'), $msg, $from, 'ownCloud'); echo('sent'); - } - $sectoken=rand(1000000, 9999999); - $_SESSION['sectoken']=$sectoken; - OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => true, 'sectoken' => $sectoken)); + OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => true)); } else { - $sectoken=rand(1000000, 9999999); - $_SESSION['sectoken']=$sectoken; - OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => true, 'requested' => false, 'sectoken' => $sectoken)); + OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => true, 'requested' => false)); } } else { - $sectoken=rand(1000000, 9999999); - $_SESSION['sectoken']=$sectoken; - OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => false, 'sectoken' => $sectoken)); + OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => false)); } diff --git a/core/lostpassword/templates/lostpassword.php b/core/lostpassword/templates/lostpassword.php index 754eabdad67..4b871963b80 100644 --- a/core/lostpassword/templates/lostpassword.php +++ b/core/lostpassword/templates/lostpassword.php @@ -10,7 +10,6 @@ <p class="infield"> <label for="user" class="infield"><?php echo $l->t( 'Username' ); ?></label> <input type="text" name="user" id="user" value="" autocomplete="off" required autofocus /> - <input type="hidden" name="sectoken" id="sectoken" value="<?php echo($_['sectoken']); ?>" /> </p> <input type="submit" id="submit" value="<?php echo $l->t('Request reset'); ?>" /> <?php endif; ?> |