From 4db38ec64a44de425d6966cb2b50d487d70b5366 Mon Sep 17 00:00:00 2001 From: Max Kostikov Date: Tue, 21 Jul 2020 23:59:26 +0200 Subject: Add minimum form displaying time before login --- include/security.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/security.php b/include/security.php index 38cb72263..c9df00f1e 100644 --- a/include/security.php +++ b/include/security.php @@ -594,9 +594,11 @@ function check_form_security_token($typename = '', $formname = 'form_security_to $hash = $_REQUEST[$formname]; $max_livetime = 10800; // 3 hours + $min_livetime = 3; // 3 sec $x = explode('.', $hash); - if (time() > (IntVal($x[0]) + $max_livetime)) return false; + if (time() > (IntVal($x[0]) + $max_livetime) || time() < (IntVal($x[0]) + $min_livetime)) + return false; $sec_hash = hash('whirlpool', App::$observer['xchan_guid'] . ((local_channel()) ? App::$channel['channel_prvkey'] : '') . session_id() . $x[0] . $typename); -- cgit v1.2.3 From 13ff9a897da05fbd4d82f9bfa758e6f821b833b3 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 22 Jul 2020 16:20:36 -0700 Subject: foreach warning --- include/network.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/network.php b/include/network.php index aada36fba..d9d534cd7 100644 --- a/include/network.php +++ b/include/network.php @@ -1101,7 +1101,7 @@ function discover_by_webbie($webbie, $protocol = '') { $network = null; $x = webfinger_rfc7033($webbie, true); - if($x && array_key_exists('links',$x) && $x['links']) { + if($x && array_key_exists('links',$x) && is_array($x['links'])) { foreach($x['links'] as $link) { if(array_key_exists('rel',$link)) { -- cgit v1.2.3 From 7ae86d29d2474c5e85965c06a4c6a6b7e416b333 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 22 Jul 2020 16:23:38 -0700 Subject: add api_verify to api_zot --- include/api_zot.php | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/api_zot.php b/include/api_zot.php index 287720484..8f621d998 100644 --- a/include/api_zot.php +++ b/include/api_zot.php @@ -1,7 +1,9 @@