makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 06:08:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #48 from phpbb/ticket/security/228

Browse source 
[ticket/security/228] Add form token to login box
This commit is contained in:
Marc Alexander 2019-04-27 13:26:36 +02:00
commit f75dd1628c
No known key found for this signature in database
GPG key ID: 50E0D2423696F995
4 changed files with 22 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
phpBB/includes/functions.php
View file

@ -2288,6 +2288,7 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
global $request, $phpbb_container, $phpbb_dispatcher, $phpbb_log; global $request, $phpbb_container, $phpbb_dispatcher, $phpbb_log;
$err = ''; $err = '';
$form_name = 'login';
// Make sure user->setup() has been called // Make sure user->setup() has been called
if (!$user->is_setup()) if (!$user->is_setup())
@ -2363,8 +2364,19 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
trigger_error('NO_AUTH_ADMIN_USER_DIFFER'); trigger_error('NO_AUTH_ADMIN_USER_DIFFER');
} }
// If authentication is successful we redirect user to previous page // Check form key
$result = $auth->login($username, $password, $autologin, $viewonline, $admin); if ($password && !check_form_key($form_name))
{
$result = array(
'status' => false,
'error_msg' => 'FORM_INVALID',
);
}
else
{
// If authentication is successful we redirect user to previous page
$result = $auth->login($username, $password, $autologin, $viewonline, $admin);
}
// If admin authentication and login, we will log if it was a success or not... // If admin authentication and login, we will log if it was a success or not...
// We also break the operation on the first non-success login - it could be argued that the user already knows // We also break the operation on the first non-success login - it could be argued that the user already knows
@ -2515,6 +2527,9 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
)); ));
} }
// Add form token for login box
add_form_key($form_name, '_LOGIN');
$s_hidden_fields = build_hidden_fields($s_hidden_fields); $s_hidden_fields = build_hidden_fields($s_hidden_fields);
$login_box_template_data = array( $login_box_template_data = array(

3
phpBB/index.php
View file

@ -211,6 +211,9 @@ if ($show_birthdays)
$template->assign_block_vars_array('birthdays', $birthdays); $template->assign_block_vars_array('birthdays', $birthdays);
} }
// Add form token for login box
add_form_key('login', '_LOGIN');
// Assign index specific vars // Assign index specific vars
$template->assign_vars(array( $template->assign_vars(array(
'TOTAL_POSTS' => $user->lang('TOTAL_POSTS_COUNT', (int) $config['num_posts']), 'TOTAL_POSTS' => $user->lang('TOTAL_POSTS_COUNT', (int) $config['num_posts']),

1
phpBB/styles/prosilver/template/index_body.html
View file

@ -29,6 +29,7 @@
<!-- ENDIF --> <!-- ENDIF -->
<input type="submit" tabindex="5" name="login" value="{L_LOGIN}" class="button2" /> <input type="submit" tabindex="5" name="login" value="{L_LOGIN}" class="button2" />
{S_LOGIN_REDIRECT} {S_LOGIN_REDIRECT}
{S_FORM_TOKEN_LOGIN}
</fieldset> </fieldset>
</form> </form>
<!-- ENDIF --> <!-- ENDIF -->

1
phpBB/styles/prosilver/template/login_body.html
View file

@ -33,6 +33,7 @@
<!-- ENDIF --> <!-- ENDIF -->
{S_LOGIN_REDIRECT} {S_LOGIN_REDIRECT}
{S_FORM_TOKEN_LOGIN}
<dl> <dl>
<dt>&nbsp;</dt> <dt>&nbsp;</dt>
<dd>{S_HIDDEN_FIELDS}<input type="submit" name="login" tabindex="6" value="{L_LOGIN}" class="button1" /></dd> <dd>{S_HIDDEN_FIELDS}<input type="submit" name="login" tabindex="6" value="{L_LOGIN}" class="button1" /></dd>