TheRON/core
1
0
Fork 0
mirror of https://framagit.org/hubzilla/core.git synced 2026-06-21 00:52:33 -04:00
Code Issues Packages Projects Releases Wiki Activity

Add minimum form displaying time before login

Browse Source
This commit is contained in:
Max Kostikov
2020-07-21 23:59:26 +02:00
parent 5ea7196e78
commit 4db38ec64a
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
include/security.php
View File

@@ -594,9 +594,11 @@ function check_form_security_token($typename = '', $formname = 'form_security_to
$hash = $_REQUEST[$formname];
$max_livetime = 10800; // 3 hours
$min_livetime = 3; // 3 sec
$x = explode('.', $hash);
if (time() > (IntVal($x[0]) + $max_livetime)) return false;
if (time() > (IntVal($x[0]) + $max_livetime) || time() < (IntVal($x[0]) + $min_livetime))
return false;
$sec_hash = hash('whirlpool', App::$observer['xchan_guid'] . ((local_channel()) ? App::$channel['channel_prvkey'] : '') . session_id() . $x[0] . $typename);