Inicio Explorar Ayuda
Registro Iniciar sesión
Omnimaga
/
SMF2.1
espejo de git@github.com:Omnimaga/SMF2.1.git
2
0
Fork 0
Archivos Incidencias 0 Wiki
Explorar el Código

Merge pull request #568 from jdarwood007/upgrade-login-fix

 Fixed login on upgrade not working on first try.
Michael Eshom hace 11 años
padre
b99e430da2 7cc1428fdc
commit
962ae65e4f
Se han modificado 2 ficheros con 14 adiciones y 3 borrados
Dividir vista Mostrar estadísticas de diff
  1. 10 1
      .gitignore
  2. 4 2
      other/upgrade.php

+ 10 - 1
.gitignore
Ver fichero 

@@ -1,3 +1,5 @@
 
+# SMF Generated Files #
 
+#######################
 
 Settings.php
 
 Settings_bak.php
 
 db_last_error.php
 
@@ -8,6 +10,8 @@ Packages/temp
 
 Packages/*.tgz
 
 Packages/*.tar.gz
 
 Packages/*.zip
 
+Packages/*/
 
+/upgrade.php
 
 
 # Compiled source #
 
 ###################
 
@@ -19,6 +23,7 @@ Packages/*.zip
 
 *.so
 
 *.bat
 
 *.session
 
+
 
 # Packages #
 
 ############
 
 # it's better to unpack these files and commit the raw source
 
@@ -46,7 +51,11 @@ ehthumbs.db
 
 Icon?
 
 Thumbs.db
 
 *.lnk
 
+
 
+# Test / Private files #
 
+########################
 
 /nbproject/private/
 
 /nbproject/
 
 .directory
 
-.idea/
 
+.idea/
 
+/test.php

+ 4 - 2
other/upgrade.php
Ver fichero 

@@ -998,7 +998,6 @@ function WelcomeLogin()
 
 	);
 
 
 	require_once($sourcedir . '/Security.php');
 
-	$upcontext += createToken('login');
 
 
 	// Check the cache directory.
 
 	$cachedir_temp = empty($cachedir) ? $boarddir . '/cache' : $cachedir;
 
@@ -1054,6 +1053,8 @@ function WelcomeLogin()
 
 	if (checkLogin())
 
 		return true;
 
 
+	$upcontext += createToken('login');
 
+
 
 	return false;
 
 }
 
 
@@ -1126,7 +1127,8 @@ function checkLogin()
 
 				if (isset($_REQUEST['hash_passwrd']) && strlen($_REQUEST['hash_passwrd']) == 40)
 
 				{
 
 					// Challenge passed.
 
-					if ($_REQUEST['hash_passwrd'] == sha1($password . $upcontext['rid']))
 
+					$tk = validateToken('login');
 
+					if ($_REQUEST['hash_passwrd'] == sha1($password . $upcontext['rid'] . $tk))
 
 						$sha_passwd = $password;
 
 				}
 
 				else