Skip to content

Commit

Permalink
Hashing the reset password key for more security
Browse files Browse the repository at this point in the history
With the hashing, the portions of the key will no longer be open to
discovery. I've also added another test so if the key is wrong, it
redirects to the user page and does not send another email. This way,
the user will not get flooded with emails if someone is attempting a
brute force attack on their account.

I'll leave the language constants as is for now.
  • Loading branch information
skenow authored and fiammybe committed Nov 23, 2023
1 parent 683e677 commit c35b4d8
Showing 1 changed file with 8 additions and 3 deletions.
11 changes: 8 additions & 3 deletions htdocs/lostpass.php
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,7 @@
} else {
$icmspass = new icms_core_Password();

$areyou = substr($getuser[0]->getVar('pass'), -5) . $getuser[0]->getVar('last_login');
$areyou = hash('sha1',substr($getuser[0]->getVar('pass'), -5) . $getuser[0]->getVar('last_login'));
if ($code != '' && $areyou == $code) {
$newpass = $icmspass->createSalt(8);
$pass = $icmspass->encryptPass($newpass);
Expand Down Expand Up @@ -114,8 +114,9 @@
exit();
}
redirect_header('user.php', 3, sprintf(_US_PWDMAILED, $getuser[0]->getVar('uname')), false);
// If no Code, send it
} else {

// If no Code, send it
} elseif ($code == '') {
$xoopsMailer = new icms_messaging_Handler();
$xoopsMailer->useMail();
$xoopsMailer->setTemplate('lostpass1.tpl');
Expand All @@ -138,5 +139,9 @@
echo '</h4>';
/** Include footer.php to complete page rendering */
include 'footer.php';

// code is set and doesn't match - expired or attempt to guess/hack
} else {
redirect_header('user.php', 2, _US_SORRYNOTFOUND);
}
}

0 comments on commit c35b4d8

Please sign in to comment.