From cf3180f6b8c552bbf7214d1ba72fbf1fc90ef861 Mon Sep 17 00:00:00 2001 From: nicosomb Date: Mon, 15 Apr 2013 14:09:58 +0200 Subject: =?UTF-8?q?v=C3=A9rificatio=20CSRF=20et=20mise=20en=20page?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- inc/functions.php | 30 +++++++++++++++++++++++++++--- 1 file changed, 27 insertions(+), 3 deletions(-) (limited to 'inc/functions.php') diff --git a/inc/functions.php b/inc/functions.php index 45828bf2..30e00393 100755 --- a/inc/functions.php +++ b/inc/functions.php @@ -125,7 +125,7 @@ function prepare_url($url) /** * Appel d'une action (mark as fav, archive, delete) */ -function action_to_do($action, $id) +function action_to_do($action, $id, $url, $token) { global $db; @@ -140,8 +140,11 @@ function action_to_do($action, $id) $params_action = array($url, $parametres_url['title'], $parametres_url['content']); break; case 'delete': - $sql_action = "DELETE FROM entries WHERE id=?"; - $params_action = array($id); + if (verif_token($token)) { + $sql_action = "DELETE FROM entries WHERE id=?"; + $params_action = array($id); + } + else die('CSRF problem'); break; default: break; @@ -224,4 +227,25 @@ function get_article($id) } return $entry; +} + +/** + * Vérifie si le jeton passé en $_POST correspond à celui en session + */ +function verif_token($token) +{ + if(isset($_SESSION['token_poche']) && isset($_SESSION['token_time_poche']) && isset($token)) + { + if($_SESSION['token_poche'] == $token) + { + $old_timestamp = time() - (15*60); + if($_SESSION['token_time_poche'] >= $old_timestamp) + { + return TRUE; + } + else return FALSE; + } + else return FALSE; + } + else return FALSE; } \ No newline at end of file -- cgit v1.2.3