diff --git a/core/user.class.php b/core/user.class.php index 723a943d..1b5ff117 100644 --- a/core/user.class.php +++ b/core/user.class.php @@ -168,8 +168,9 @@ class User { */ public function get_auth_token() { global $config; + $salt = file_get_contents("config.php"); $addr = get_session_ip($config); - return md5(md5($this->passhash . $addr) . "salty-csrf"); + return md5(md5($this->passhash . $addr) . "salty-csrf-" . $salt); } public function get_auth_html() { diff --git a/core/util.inc.php b/core/util.inc.php index fe8b6a95..03259b20 100644 --- a/core/util.inc.php +++ b/core/util.inc.php @@ -226,7 +226,7 @@ function make_form($target, $method="POST", $multipart=False) { $auth = $user->get_auth_html(); $extra = ""; if($multipart) { - $extra .= " enctype='multipart/form-data'" + $extra .= " enctype='multipart/form-data'"; } return "
$auth"; } diff --git a/ext/alias_editor/theme.php b/ext/alias_editor/theme.php index 671dec8a..1fec6c25 100644 --- a/ext/alias_editor/theme.php +++ b/ext/alias_editor/theme.php @@ -60,7 +60,7 @@ class AliasEditorTheme extends Themelet { "; $bulk_html = " - ".make_form(make_link("alias/import"), multipart=True)." + ".make_form(make_link("alias/import"), $multipart=True)."
diff --git a/ext/upload/theme.php b/ext/upload/theme.php index 41ca6886..d5419707 100644 --- a/ext/upload/theme.php +++ b/ext/upload/theme.php @@ -50,7 +50,7 @@ class UploadTheme extends Themelet { }); }); - ".make_form(make_link("upload"), multipart=True)." + ".make_form(make_link("upload"), $multipart=True)." $upload_list @@ -120,7 +120,7 @@ class UploadTheme extends Themelet { }); }); - ".make_form(make_link("upload"), multipart=True)." + ".make_form(make_link("upload"), $multipart=True)." $upload_list
Tags