From 578aa4e42546a81e572ecda2061e238d34a4f421 Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@statuscode.ch>
Date: Sat, 29 Sep 2012 15:18:38 +0200
Subject: [PATCH] Removed sectoken

This token is completly useless since an attacker can easily extract it
from the page.
---
 core/templates/login.php | 1 -
 lib/base.php             | 6 +-----
 lib/util.php             | 3 ---
 3 files changed, 1 insertion(+), 9 deletions(-)

diff --git a/core/templates/login.php b/core/templates/login.php
index 2c9b766aa4..bedff4453b 100644
--- a/core/templates/login.php
+++ b/core/templates/login.php
@@ -12,7 +12,6 @@
 		<p class="infield">
 			<label for="password" class="infield"><?php echo $l->t( 'Password' ); ?></label>
 			<input type="password" name="password" id="password" value="" required<?php echo $_['user_autofocus']?'':' autofocus'; ?> />
-			<input type="hidden" name="sectoken" id="sectoken" value="<?php echo($_['sectoken']); ?>"  />
 		</p>
 		<input type="checkbox" name="remember_login" value="1" id="remember_login" /><label for="remember_login"><?php echo $l->t('remember'); ?></label>
 		<input type="submit" id="submit" class="login" value="<?php echo $l->t( 'Log in' ); ?>" />
diff --git a/lib/base.php b/lib/base.php
index 5a2decc6f6..b89859ab2d 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -528,11 +528,7 @@ class OC{
 	}
 
 	protected static function tryFormLogin() {
-		if(!isset($_POST["user"])
-		|| !isset($_POST['password'])
-		|| !isset($_SESSION['sectoken'])
-		|| !isset($_POST['sectoken'])
-		|| ($_SESSION['sectoken']!=$_POST['sectoken']) ) {
+		if(!isset($_POST["user"]) || !isset($_POST['password'])) {
 			return false;
 		}
 
diff --git a/lib/util.php b/lib/util.php
index 15e6f2824e..29ab2c34e9 100755
--- a/lib/util.php
+++ b/lib/util.php
@@ -314,9 +314,6 @@ class OC_Util {
 			$parameters["username"] = '';
 			$parameters['user_autofocus'] = true;
 		}
-		$sectoken=rand(1000000,9999999);
-		$_SESSION['sectoken']=$sectoken;
-		$parameters["sectoken"] = $sectoken;
 		if (isset($_REQUEST['redirect_url'])) {
 			$redirect_url = OC_Util::sanitizeHTML($_REQUEST['redirect_url']);
 		} else {