harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

validate the security context

Browse Source
This commit is contained in:
zotlabs
2017-09-03 23:50:18 -07:00
parent 3d0a7f4fc5
commit fc62f07a08
3 changed files with 11 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
Zotlabs/Zot/Auth.php
View File

@@ -43,6 +43,12 @@ class Auth {
$this->Finalise();
}
if(strpbrk($this->sec,'.:')) {
logger('illegal security context');
$this->Debug('illegal security context.');
$this->Finalise();
}
$x = $this->GetHublocs($this->address);
if($x) {
@@ -153,6 +159,7 @@ class Auth {
dbesc($hubloc['hubloc_url'])
);
// needs a nonce!!!!
$p = zot_build_packet($channel,$type = 'auth_check',
array(array('guid' => $hubloc['hubloc_guid'],'guid_sig' => $hubloc['hubloc_guid_sig'])),
$hubloc['hubloc_sitekey'], (($x) ? $x[0]['site_crypto'] : ''), $this->sec);