Browse Source

Fixed login on upgrade not working on first try.

Signed-off-by: jdarwood007 <[email protected]>
jdarwood007 10 years ago
parent
commit
7cc1428fdc
2 changed files with 14 additions and 3 deletions
  1. 10 1
      .gitignore
  2. 4 2
      other/upgrade.php

+ 10 - 1
.gitignore

@@ -1,3 +1,5 @@
+# SMF Generated Files #
+#######################
 Settings.php
 Settings_bak.php
 db_last_error.php
@@ -8,6 +10,8 @@ Packages/temp
 Packages/*.tgz
 Packages/*.tar.gz
 Packages/*.zip
+Packages/*/
+/upgrade.php
 
 # Compiled source #
 ###################
@@ -19,6 +23,7 @@ Packages/*.zip
 *.so
 *.bat
 *.session
+
 # Packages #
 ############
 # it's better to unpack these files and commit the raw source
@@ -46,7 +51,11 @@ ehthumbs.db
 Icon?
 Thumbs.db
 *.lnk
+
+# Test / Private files #
+########################
 /nbproject/private/
 /nbproject/
 .directory
-.idea/
+.idea/
+/test.php

+ 4 - 2
other/upgrade.php

@@ -998,7 +998,6 @@ function WelcomeLogin()
 	);
 
 	require_once($sourcedir . '/Security.php');
-	$upcontext += createToken('login');
 
 	// Check the cache directory.
 	$cachedir_temp = empty($cachedir) ? $boarddir . '/cache' : $cachedir;
@@ -1054,6 +1053,8 @@ function WelcomeLogin()
 	if (checkLogin())
 		return true;
 
+	$upcontext += createToken('login');
+
 	return false;
 }
 
@@ -1126,7 +1127,8 @@ function checkLogin()
 				if (isset($_REQUEST['hash_passwrd']) && strlen($_REQUEST['hash_passwrd']) == 40)
 				{
 					// Challenge passed.
-					if ($_REQUEST['hash_passwrd'] == sha1($password . $upcontext['rid']))
+					$tk = validateToken('login');
+					if ($_REQUEST['hash_passwrd'] == sha1($password . $upcontext['rid'] . $tk))
 						$sha_passwd = $password;
 				}
 				else