Modifies GET request behaviour if no CSRF TOKEN, but session cookie sent, to generate a new token and redirect to same url with token
Modifies GET request behaviour if no CSRF TOKEN, but session cookie sent, to generate a new token and redirect to same url with token
diff --git a/src/controllers/AdminController.php b/src/controllers/AdminController.php
index 5d94dcc77..f78420ecb 100755
--- a/src/controllers/AdminController.php
+++ b/src/controllers/AdminController.php
@@ -104,6 +104,14 @@ class AdminController extends Controller implements CrawlConstants
$view = "signin";
if (!empty($_SESSION['USER_ID'])) {
$user = $_SESSION['USER_ID'];
+ if ($this->getCSRFTime(C\CSRF_TOKEN) == 0 &&
+ $_SERVER['REQUEST_METHOD'] == "GET") {
+ $_REQUEST[C\CSRF_TOKEN] = $this->generateCSRFToken(
+ $_SESSION['USER_ID']);
+ $this->redirectLocation(C\SHORT_BASE_URL . "?" .
+ http_build_query($_REQUEST));
+ exit();
+ }
} else if (!empty($_SESSION['USER_NAME']) && empty($_REQUEST['u'])) {
$user = $this->model("signin")->getUserId($_SESSION['USER_NAME'],
"string");
diff --git a/src/controllers/ApiController.php b/src/controllers/ApiController.php
index a548c03f5..531e12b13 100644
--- a/src/controllers/ApiController.php
+++ b/src/controllers/ApiController.php
@@ -63,6 +63,14 @@ class ApiController extends Controller implements CrawlConstants
return $this->configureRequest();
}
if (isset($_SESSION['USER_ID'])) {
+ if ($this->getCSRFTime(C\CSRF_TOKEN) == 0 &&
+ $_SERVER['REQUEST_METHOD'] == "GET") {
+ $_REQUEST[C\CSRF_TOKEN] = $this->generateCSRFToken(
+ $_SESSION['USER_ID']);
+ $this->redirectLocation(C\SHORT_BASE_URL . "?" .
+ http_build_query($_REQUEST));
+ exit();
+ }
$user_id = $_SESSION['USER_ID'];
$data['ADMIN'] = 1;
} else {
diff --git a/src/controllers/Controller.php b/src/controllers/Controller.php
index 7c36d05d4..870787ddc 100755
--- a/src/controllers/Controller.php
+++ b/src/controllers/Controller.php
@@ -647,7 +647,7 @@ abstract class Controller
if (strlen($token_value) == 22) {
$token_parts = explode("*", $token_value);
if (isset($token_parts[1]) &&
- $token_parts[1] + C\AUTOLOGOUT > time() &&
+ intval(trim($token_parts[1])) + C\AUTOLOGOUT > time() &&
L\crawlHash($user_id . $token_parts[1] . C\AUTH_KEY) ==
$token_parts[0]) {
$token_okay = true;
diff --git a/src/controllers/GroupController.php b/src/controllers/GroupController.php
index c5179f21e..926ce11d6 100644
--- a/src/controllers/GroupController.php
+++ b/src/controllers/GroupController.php
@@ -69,6 +69,14 @@ class GroupController extends Controller implements CrawlConstants
return $this->configureRequest();
}
if (isset($_SESSION['USER_ID'])) {
+ if ($this->getCSRFTime(C\CSRF_TOKEN) == 0 &&
+ $_SERVER['REQUEST_METHOD'] == "GET") {
+ $_REQUEST[C\CSRF_TOKEN] = $this->generateCSRFToken(
+ $_SESSION['USER_ID']);
+ $this->redirectLocation(C\SHORT_BASE_URL . "?" .
+ http_build_query($_REQUEST));
+ exit();
+ }
$user_id = $_SESSION['USER_ID'];
$data['ADMIN'] = 1;
$data['USERNAME'] = $signin_model->getUserName($user_id);
diff --git a/src/controllers/RegisterController.php b/src/controllers/RegisterController.php
index 9ef6e8082..5e7ece334 100755
--- a/src/controllers/RegisterController.php
+++ b/src/controllers/RegisterController.php
@@ -124,6 +124,14 @@ class RegisterController extends Controller implements CrawlConstants
{
$visitor_model = $this->model("visitor");
if (isset($_SESSION['USER_ID'])) {
+ if ($this->getCSRFTime(C\CSRF_TOKEN) == 0 &&
+ $_SERVER['REQUEST_METHOD'] == "GET") {
+ $_REQUEST[C\CSRF_TOKEN] = $this->generateCSRFToken(
+ $_SESSION['USER_ID']);
+ $this->redirectLocation(C\SHORT_BASE_URL . "?" .
+ http_build_query($_REQUEST));
+ exit();
+ }
$user = $_SESSION['USER_ID'];
} else {
$user = L\remoteAddress();
diff --git a/src/controllers/SearchController.php b/src/controllers/SearchController.php
index 809e6ab89..df26e5c55 100755
--- a/src/controllers/SearchController.php
+++ b/src/controllers/SearchController.php
@@ -441,6 +441,14 @@ class SearchController extends Controller implements CrawlConstants
}
}
if (isset($_SESSION['USER_ID'])) {
+ if ($this->getCSRFTime(C\CSRF_TOKEN) == 0 &&
+ $_SERVER['REQUEST_METHOD'] == "GET") {
+ $_REQUEST[C\CSRF_TOKEN] = $this->generateCSRFToken(
+ $_SESSION['USER_ID']);
+ $this->redirectLocation(C\SHORT_BASE_URL . "?" .
+ http_build_query($_REQUEST));
+ exit();
+ }
$user = $_SESSION['USER_ID'];
$token_okay = $this->checkCSRFToken(C\CSRF_TOKEN, $user);
if ($token_okay === false) {
diff --git a/src/controllers/TestsController.php b/src/controllers/TestsController.php
index 2793b0ce8..3214b9d69 100644
--- a/src/controllers/TestsController.php
+++ b/src/controllers/TestsController.php
@@ -80,6 +80,14 @@ class TestsController extends Controller
set_error_handler(null);
$signin_model = $this->model("signin");
if (isset($_SESSION['USER_ID'])) {
+ if ($this->getCSRFTime(C\CSRF_TOKEN) == 0 &&
+ $_SERVER['REQUEST_METHOD'] == "GET") {
+ $_REQUEST[C\CSRF_TOKEN] = $this->generateCSRFToken(
+ $_SESSION['USER_ID']);
+ $this->redirectLocation(C\SHORT_BASE_URL . "?" .
+ http_build_query($_REQUEST));
+ exit();
+ }
$user_id = $_SESSION['USER_ID'];
$data['ADMIN'] = 1;
$data['USERNAME'] = $signin_model->getUserName($user_id);
diff --git a/src/controllers/components/SocialComponent.php b/src/controllers/components/SocialComponent.php
index b9c2ec264..d18feb8bd 100644
--- a/src/controllers/components/SocialComponent.php
+++ b/src/controllers/components/SocialComponent.php
@@ -1862,7 +1862,6 @@ class SocialComponent extends Component implements CrawlConstants
$parent->generateCSRFToken($_SESSION["USER_ID"]) ;
$_SESSION['DISPLAY_MESSAGE'] =
tl('social_component_thread_created');
- //return $parent->redirectLocation($thread_url);
return $parent->redirectWithMessage(
tl('social_component_thread_created'));
break;