Fix security issue: check password before generate a LaTeX document
This commit is contained in:
parent
92e135f5d6
commit
47372cf211
@ -57,7 +57,7 @@ foreach ($_GET as $k => $t)
|
||||
<meta charset="UTF-8">
|
||||
<title>.: Pommultimédia - Paste :.</title>
|
||||
<link href="style.css" rel="stylesheet" type="text/css">
|
||||
<link href="favicon.ico" type="image/x-icon" rel="shortcut icon"/>
|
||||
<link href="favicon.ico" type="image/x-icon" rel="shortcut icon">
|
||||
</head>
|
||||
<body>
|
||||
<div id="corps" style="text-align: center;">
|
||||
@ -84,9 +84,12 @@ foreach ($_GET as $k => $t)
|
||||
if (!empty($paste->crypt))
|
||||
{
|
||||
if (!empty($_POST["passwd"]))
|
||||
$paste->crypt($_POST["passwd"]);
|
||||
else
|
||||
$t = $_POST["passwd"];
|
||||
|
||||
$paste->crypt($t);
|
||||
|
||||
if ($paste->crypt != sha1($t))
|
||||
die ("Bad password");
|
||||
}
|
||||
|
||||
$filename = "../gen/".$paste->fileref;
|
||||
|
Reference in New Issue
Block a user