From dfef93246396369199d943fd3cdce260b2e49d68 Mon Sep 17 00:00:00 2001
From: Shish <shish@shishnet.org>
Date: Wed, 22 Sep 2010 13:20:08 +0100
Subject: [PATCH] use config.php as CSRF salt

---
 core/user.class.php        | 3 ++-
 core/util.inc.php          | 2 +-
 ext/alias_editor/theme.php | 2 +-
 ext/upload/theme.php       | 4 ++--
 4 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/core/user.class.php b/core/user.class.php
index 723a943d..1b5ff117 100644
--- a/core/user.class.php
+++ b/core/user.class.php
@@ -168,8 +168,9 @@ class User {
 	 */
 	public function get_auth_token() {
 		global $config;
+		$salt = file_get_contents("config.php");
 		$addr = get_session_ip($config);
-		return md5(md5($this->passhash . $addr) . "salty-csrf");
+		return md5(md5($this->passhash . $addr) . "salty-csrf-" . $salt);
 	}
 
 	public function get_auth_html() {
diff --git a/core/util.inc.php b/core/util.inc.php
index fe8b6a95..03259b20 100644
--- a/core/util.inc.php
+++ b/core/util.inc.php
@@ -226,7 +226,7 @@ function make_form($target, $method="POST", $multipart=False) {
 	$auth = $user->get_auth_html();
 	$extra = "";
 	if($multipart) {
-		$extra .= " enctype='multipart/form-data'"
+		$extra .= " enctype='multipart/form-data'";
 	}
 	return "<form action='$target' method='$method'$extra>$auth";
 }
diff --git a/ext/alias_editor/theme.php b/ext/alias_editor/theme.php
index 671dec8a..1fec6c25 100644
--- a/ext/alias_editor/theme.php
+++ b/ext/alias_editor/theme.php
@@ -60,7 +60,7 @@ class AliasEditorTheme extends Themelet {
 		";
 
 		$bulk_html = "
-			".make_form(make_link("alias/import"), multipart=True)."
+			".make_form(make_link("alias/import"), $multipart=True)."
 				<input type='file' name='alias_file'>
 				<input type='submit' value='Upload List'>
 			</form>
diff --git a/ext/upload/theme.php b/ext/upload/theme.php
index 41ca6886..d5419707 100644
--- a/ext/upload/theme.php
+++ b/ext/upload/theme.php
@@ -50,7 +50,7 @@ class UploadTheme extends Themelet {
 				});
 			});
 			</script>
-			".make_form(make_link("upload"), multipart=True)."
+			".make_form(make_link("upload"), $multipart=True)."
 				<table id='large_upload_form'>
 					$upload_list
 					<tr><td>Tags</td><td colspan='3'><input id='tag_box' name='tags' type='text'></td></tr>
@@ -120,7 +120,7 @@ class UploadTheme extends Themelet {
 				});
 			});
 			</script>
-			".make_form(make_link("upload"), multipart=True)."
+			".make_form(make_link("upload"), $multipart=True)."
 				$upload_list
 				<input id='tag_input' name='tags' type='text' autocomplete='off'>
 				<input type='submit' value='Post'>