[geeklog-cvs] geeklog-1.3/public_html usersettings.php,1.70,1.70.2.1
dhaun at geeklog.net
dhaun at geeklog.net
Fri Jan 23 05:11:04 EST 2004
Update of /usr/cvs/geeklog/geeklog-1.3/public_html
In directory geeklog_prod:/tmp/cvs-serv1267
Modified Files:
Tag: geeklog_1_3_8_1_1
usersettings.php
Log Message:
Added check for a random hash before accepting account changes or deleting an account.
Index: usersettings.php
===================================================================
RCS file: /usr/cvs/geeklog/geeklog-1.3/public_html/usersettings.php,v
retrieving revision 1.70
retrieving revision 1.70.2.1
diff -C2 -d -r1.70 -r1.70.2.1
*** usersettings.php 4 Aug 2003 12:11:52 -0000 1.70
--- usersettings.php 23 Jan 2004 10:11:02 -0000 1.70.2.1
***************
*** 6,18 ****
// +---------------------------------------------------------------------------+
// | usersettings.php |
- // | Geeklog user settings page. |
// | |
// +---------------------------------------------------------------------------+
! // | Copyright (C) 2000-2003 by the following authors: |
// | |
! // | Authors: Tony Bibbs - tony at tonybibbs.com |
! // | Mark Limburg - mlimburg at users.sourceforge.net |
! // | Jason Wittenburg - jwhitten at securitygeeks.com |
! // | Dirk Haun - dirk at haun-online.de |
// +---------------------------------------------------------------------------+
// | |
--- 6,18 ----
// +---------------------------------------------------------------------------+
// | usersettings.php |
// | |
+ // | Geeklog user settings page. |
// +---------------------------------------------------------------------------+
! // | Copyright (C) 2000-2004 by the following authors: |
// | |
! // | Authors: Tony Bibbs - tony at tonybibbs.com |
! // | Mark Limburg - mlimburg at users.sourceforge.net |
! // | Jason Whittenburg - jwhitten at securitygeeks.com |
! // | Dirk Haun - dirk at haun-online.de |
// +---------------------------------------------------------------------------+
// | |
***************
*** 146,152 ****
$A = DB_fetchArray($result);
$preferences->set_var ('about_value', $A['about']);
$preferences->set_var ('pgpkey_value', $A['pgpkey']);
! $preferences->set_var ('uid_value', $_USER['uid']);
$preferences->set_var ('username_value', $_USER['username']);
--- 146,156 ----
$A = DB_fetchArray($result);
+ $reqid = substr (md5 (uniqid (rand (), 1)), 1, 16);
+ DB_change ($_TABLES['users'], 'pwrequestid', "$reqid",
+ 'username', $username);
+
$preferences->set_var ('about_value', $A['about']);
$preferences->set_var ('pgpkey_value', $A['pgpkey']);
! $preferences->set_var ('uid_value', $reqid);
$preferences->set_var ('username_value', $_USER['username']);
***************
*** 158,162 ****
$preferences->set_var ('lang_button_delete', $LANG04[96]);
$preferences->set_var ('delete_mode', 'confirmdelete');
! $preferences->set_var ('account_id', $_USER['uid']);
$preferences->parse ('delete_account_option', 'deleteaccount', false);
} else {
--- 162,166 ----
$preferences->set_var ('lang_button_delete', $LANG04[96]);
$preferences->set_var ('delete_mode', 'confirmdelete');
! $preferences->set_var ('account_id', $reqid);
$preferences->parse ('delete_account_option', 'deleteaccount', false);
} else {
***************
*** 175,191 ****
* Ask user for confirmation to delete his/her account.
*
! * @param int account_id uid of account to delete (must match current user's uid)
* @return string confirmation form
*
*/
! function confirmAccountDelete ($account_id)
{
! global $_CONF, $_USER, $LANG04;
! if ($account_id != $_USER['uid']) {
! // now that doesn't look right - abort ...
return COM_refresh ($_CONF['site_url'] . '/index.php');
}
$retval = '';
--- 179,199 ----
* Ask user for confirmation to delete his/her account.
*
! * @param string form_reqid request id
* @return string confirmation form
*
*/
! function confirmAccountDelete ($form_reqid)
{
! global $_CONF, $_TABLES, $_USER, $LANG04;
! if (DB_count ($_TABLES['users'], array ('pwrequestid', 'uid'), array ($form_reqid, $_USER['uid'])) != 1) {
! // not found - abort
return COM_refresh ($_CONF['site_url'] . '/index.php');
}
+ $reqid = substr (md5 (uniqid (rand (), 1)), 1, 16);
+ DB_change ($_TABLES['users'], 'pwrequestid', "$reqid",
+ 'uid', $_USER['uid']);
+
$retval = '';
***************
*** 201,205 ****
$confirm->set_var ('lang_button_delete', $LANG04[96]);
$confirm->set_var ('delete_mode', 'deleteconfirmed');
! $confirm->set_var ('account_id', $_USER['uid']);
$retval .= COM_siteHeader ('menu');
--- 209,213 ----
$confirm->set_var ('lang_button_delete', $LANG04[96]);
$confirm->set_var ('delete_mode', 'deleteconfirmed');
! $confirm->set_var ('account_id', $reqid);
$retval .= COM_siteHeader ('menu');
***************
*** 217,233 ****
* Delete an account (keep in sync with delete_user() in admin/user.php).
*
! * @param uid int uid of account to delete
* @return string redirection to main page (+ success msg)
*
*/
! function deleteUserAccount ($uid)
{
global $_CONF, $_TABLES, $_USER;
! if ($uid != $_USER['uid']) {
! // now that doesn't look right - abort ...
return COM_refresh ($_CONF['site_url'] . '/index.php');
}
// log the user out
SESS_endUserSession ($_USER['uid']);
--- 225,243 ----
* Delete an account (keep in sync with delete_user() in admin/user.php).
*
! * @param string form_reqid request id
* @return string redirection to main page (+ success msg)
*
*/
! function deleteUserAccount ($form_reqid)
{
global $_CONF, $_TABLES, $_USER;
! if (DB_count ($_TABLES['users'], array ('pwrequestid', 'uid'), array ($form_reqid, $_USER['uid'])) != 1) {
! // not found - abort
return COM_refresh ($_CONF['site_url'] . '/index.php');
}
+ $uid = $_USER['uid'];
+
// log the user out
SESS_endUserSession ($_USER['uid']);
***************
*** 256,259 ****
--- 266,272 ----
DB_query ("UPDATE {$_TABLES['stories']} SET uid = 1 WHERE uid = $uid");
+ // delete personal events
+ DB_delete ($_TABLES['personal_events'], 'uid', $uid);
+
// now delete the user itself
DB_delete ($_TABLES['users'], 'uid', $uid);
***************
*** 624,627 ****
--- 637,649 ----
}
+ $reqid = DB_getItem ($_TABLES['users'], 'pwrequestid',
+ "uid = {$_USER['uid']}");
+ if ($reqid != $A['uid']) {
+ DB_change ($_TABLES['users'], 'pwrequestid', "NULL",
+ 'uid', $_USER['uid']);
+ COM_accessLog ("An attempt was made to illegally change the account information of user {$_USER['uid']}.");
+ return COM_refresh ($_CONF['site_url'] . '/index.php');
+ }
+
if ($_CONF['allow_username_change'] == 1) {
$A['new_username'] = strip_tags (COM_stripslashes ($A['new_username']));
***************
*** 896,903 ****
break;
case 'confirmdelete':
! $display .= confirmAccountDelete ($HTTP_POST_VARS['account_id']);
break;
case 'deleteconfirmed':
! $display .= deleteUserAccount ($HTTP_POST_VARS['account_id']);
break;
}
--- 918,943 ----
break;
case 'confirmdelete':
! if (($_CONF['allow_account_delete'] == 1) && ($_USER['uid'] > 1)) {
! if (isset ($HTTP_POST_VARS['account_id']) &&
! !empty ($HTTP_POST_VARS['account_id'])) {
! $display .= confirmAccountDelete ($HTTP_POST_VARS['account_id']);
! } else {
! $display = COM_refresh ($_CONF['site_url'] . '/index.php');
! }
! } else {
! $display = COM_refresh ($_CONF['site_url'] . '/index.php');
! }
break;
case 'deleteconfirmed':
! if (($_CONF['allow_account_delete'] == 1) && ($_USER['uid'] > 1)) {
! if (isset ($HTTP_POST_VARS['account_id']) &&
! !empty ($HTTP_POST_VARS['account_id'])) {
! $display .= deleteUserAccount ($HTTP_POST_VARS['account_id']);
! } else {
! $display = COM_refresh ($_CONF['site_url'] . '/index.php');
! }
! } else {
! $display = COM_refresh ($_CONF['site_url'] . '/index.php');
! }
break;
}
More information about the geeklog-cvs
mailing list