Removed sectoken
This token is completly useless since an attacker can easily extract it from the page.
This commit is contained in:
Lukas Reschke
parent
bd804b74c4
commit
f5fe95a131
|
|
@ -16,7 +16,7 @@ if (isset($_POST['user'])) {
|
|||
$token = sha1($_POST['user'].md5(uniqid(rand(), true)));
|
||||
OC_Preferences::setValue($_POST['user'], 'owncloud', 'lostpassword', $token);
|
||||
$email = OC_Preferences::getValue($_POST['user'], 'settings', 'email', '');
|
||||
if (!empty($email) and isset($_POST['sectoken']) and isset($_SESSION['sectoken']) and ($_POST['sectoken']==$_SESSION['sectoken']) ) {
|
||||
if (!empty($email)) {
|
||||
$link = OC_Helper::linkToAbsolute('core/lostpassword', 'resetpassword.php', array('user' => $_POST['user'], 'token' => $token));
|
||||
$tmpl = new OC_Template('core/lostpassword', 'email');
|
||||
$tmpl->assign('link', $link, false);
|
||||
|
|
@ -25,18 +25,11 @@ if (isset($_POST['user'])) {
|
|||
$from = 'lostpassword-noreply@' . OCP\Util::getServerHost();
|
||||
OC_MAIL::send($email, $_POST['user'], $l->t('ownCloud password reset'), $msg, $from, 'ownCloud');
|
||||
echo('sent');
|
||||
|
||||
}
|
||||
$sectoken=rand(1000000, 9999999);
|
||||
$_SESSION['sectoken']=$sectoken;
|
||||
OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => true, 'sectoken' => $sectoken));
|
||||
OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => true));
|
||||
} else {
|
||||
$sectoken=rand(1000000, 9999999);
|
||||
$_SESSION['sectoken']=$sectoken;
|
||||
OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => true, 'requested' => false, 'sectoken' => $sectoken));
|
||||
OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => true, 'requested' => false));
|
||||
}
|
||||
} else {
|
||||
$sectoken=rand(1000000, 9999999);
|
||||
$_SESSION['sectoken']=$sectoken;
|
||||
OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => false, 'sectoken' => $sectoken));
|
||||
OC_Template::printGuestPage('core/lostpassword', 'lostpassword', array('error' => false, 'requested' => false));
|
||||
}
|
||||
|
|
|
|||
|
|
@ -10,7 +10,6 @@
|
|||
<p class="infield">
|
||||
<label for="user" class="infield"><?php echo $l->t( 'Username' ); ?></label>
|
||||
<input type="text" name="user" id="user" value="" autocomplete="off" required autofocus />
|
||||
<input type="hidden" name="sectoken" id="sectoken" value="<?php echo($_['sectoken']); ?>" />
|
||||
</p>
|
||||
<input type="submit" id="submit" value="<?php echo $l->t('Request reset'); ?>" />
|
||||
<?php endif; ?>
|
||||
|
|
|
|||
Loading…
Reference in New Issue