gnh1201/reasonableframework
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix

Browse Source
This commit is contained in:
Namhyeon Go 2019-06-09 20:24:50 +09:00
parent 284dd0b3c5
commit b355e43cb6
9 changed files with 18 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
helper/php-sec-ddos.lnk.php
View File

@ -1,2 +0,0 @@
<?php
echo "php-sec-ddos is only for sponsors: <a href=\"https://patreon.com/catswords\">https://patreon.com/catswords</a>";

2
helper/php-sec-fw.lnk.php
View File

@ -1,2 +0,0 @@
<?php
echo "php-sec-fw is only for sponsors: <a href=\"https://patreon.com/catswords\">https://patreon.com/catswords</a>";

2
helper/php-sec-scc.lnk.php
View File

@ -1,2 +0,0 @@
<?php
echo "php-sec-scc is only for sponsors: <a href=\"https://patreon.com/catswords\">https://patreon.com/catswords</a>";

2
helper/php-sec-shell.lnk.php
View File

@ -1,2 +0,0 @@
<?php
echo "php-sec-shell is only for sponsors: <a href=\"https://patreon.com/catswords\">https://patreon.com/catswords</a>";

2
helper/sec-ddos.lnk.php Normal file
View File

@ -0,0 +1,2 @@
<?php
echo "sec-ddos is only for sponsors: <a href=\"https://patreon.com/catswords\">https://patreon.com/catswords</a>";

2
helper/sec-fw.lnk.php Normal file
View File

@ -0,0 +1,2 @@
<?php
echo "sec-fw is only for sponsors: <a href=\"https://patreon.com/catswords\">https://patreon.com/catswords</a>";

2
helper/sec-scc.lnk.php Normal file
View File

@ -0,0 +1,2 @@
<?php
echo "sec-scc is only for sponsors: <a href=\"https://patreon.com/catswords\">https://patreon.com/catswords</a>";

2
helper/sec-ws.lnk.php Normal file
View File

@ -0,0 +1,2 @@
<?php
echo "sec-ws is only for sponsors: <a href=\"https://patreon.com/catswords\">https://patreon.com/catswords</a>";

20
system/security.php
View File

@ -11,7 +11,7 @@
if(!check_function_exists("check_token_abuse")) {
function check_token_abuse($_p_token, $_n_token) {
$abuse = false;
$_c_token = $_p_token . $_n_token;
if(empty($_c_token) || $_p_token != $_n_token || strlen($_c_token) != (strlen($_p_token) + strlen($_n_token)) || !ctype_alnum($_c_token)) {
$abuse = true;
@ -70,7 +70,7 @@ if(!check_function_exists("get_session_token")) {
if(!check_function_exists("check_token_abuse_by_requests")) {
function check_token_abuse_by_requests($name, $method="_POST") {
$requests = get_requests();
$flag = false;
if(array_key_empty($name, $requests[$method])) {
$flag = true;
@ -255,7 +255,7 @@ if(!check_function_exists("get_hashed_text")) {
if(!check_function_exists("get_salt")) {
function get_salt() {
$salt = "";
$config = get_config();
if(!array_key_equals("saltdisabled", $config, 1)) {
$salt = get_value_in_array("salt", $config, make_random_id(16));
@ -277,7 +277,7 @@ if(!check_function_exists("check_match_password")) {
function check_match_password($p, $n, $algo="sha1") {
$flag = false;
$salt = get_salt();
$n_plain_text = $n . $salt;
$n_hashed_text = "";
@ -307,7 +307,7 @@ if(!check_function_exists("session_logout")) {
$config = get_config();
$flag = false;
$ss_user_name = get_session("ss_user_name");
$ss_key = get_session("ss_key");
@ -497,7 +497,7 @@ if(!check_function_exists("encapsulate_text")) {
$encapsulated_text = get_hashed_text($encrypted_text, "base64");
}
}
return $encapsulated_text;
}
}
@ -629,20 +629,20 @@ session_start();
// set PHP firewall (only for advanced security)
if(PHP_FIREWALL_ACTIVATION !== false) {
loadHelper("php-sec-fw.lnk");
loadHelper("sec-fw.lnk");
}
// set DDOS protection (only for advanced security)
if(PHP_DDOS_PROTECTION !== false) {
loadHelper("php-sec-ddos.lnk");
loadHelper("sec-ddos.lnk");
}
// set Webshell detection (only for advanced security)
if(PHP_WEBSHELL_DETECTION !== false) {
loadHelper("php-sec-shell.lnk");
loadHelper("sec-ws.lnk");
}
// set Webshell detection (only for advanced security)
if(PHP_SECURE_CONFIG_CHECK !== false) {
loadHelper("php-sec-scc.lnk");
loadHelper("sec-scc.lnk");
}