From ef638ee9c49282e3f2d6bb53219a06b18948d976 Mon Sep 17 00:00:00 2001 From: Joshua Ramon Enslin Date: Fri, 3 Jul 2020 17:54:40 +0200 Subject: [PATCH] Fix bug in crsf token handling phpcs-errors:238 phpunit-status:successful --- functions/functions.php | 15 ++++++++------- upload.php | 4 ++++ 2 files changed, 12 insertions(+), 7 deletions(-) diff --git a/functions/functions.php b/functions/functions.php index 48f541c..68c0216 100644 --- a/functions/functions.php +++ b/functions/functions.php @@ -258,11 +258,11 @@ function identical_values(array $arrayA, array $arrayB):bool { */ function getAntiCsrfToken():string { - if (empty($_SESSION['anti-csrf-token'])) { - $_SESSION['anti-csrf-token'] = bin2hex(random_bytes(32)); + if (empty($_SESSION['csrf-token'])) { + $_SESSION['csrf-token'] = bin2hex(random_bytes(32)); } - return $_SESSION['anti-csrf-token']; + return $_SESSION['csrf-token']; } @@ -275,14 +275,15 @@ function getAntiCsrfToken():string { function validateAntiCsrfToken():bool { $validity = false; - if (!empty($_POST['anti-csrf-token']) - && !empty($_SESSION['anti-csrf-token']) - && hash_equals($_SESSION['anti-csrf-token'], $_POST['anti-csrf-token']) === true + if (!empty($_POST['csrf-token']) + && !empty($_SESSION['csrf-token']) + && hash_equals($_SESSION['csrf-token'], $_POST['csrf-token']) === true ) { $validity = true; } - $_SESSION['anti-csrf-token'] = null; unset($_SESSION['anti-csrf-token']); + $_SESSION['csrf-token'] = null; unset($_SESSION['csrf-token']); return $validity; } + diff --git a/upload.php b/upload.php index 0dbd633..1ca6e9a 100644 --- a/upload.php +++ b/upload.php @@ -6,6 +6,10 @@ $target = "csv/"; $target .= basename($_FILES['uploaded']['name']); $targetpart = basename($_FILES['uploaded']['name']); +if (session_status() != PHP_SESSION_ACTIVE) { + session_start(); +} + if (validateAntiCsrfToken() === false) { throw new WrongCsrfTokenException(); }