Download
Ok, I have added nonces in every form or link that does modify the system and tested possibly all of them (I think).
There's no point in changing the code for my website only, so I'm sharing my modifications.
The nonce functions are defined in admin/inc/nonce.php, get_nonce and check_nonce.
The first is called when outputting a form or link; the latter is used for verification after a form is submitted. get_nonce outputs a sha1 hash containing:
* $SALT and $USR
* Ip address
* Action and file responsible for that action
Future development may introduce time-based nonces somehow.
I see some forms already had a protection against CSRF, the variable $SESSIONHASH defined in admin/inc/common.php: I haven't touched them as for now, but it would be better in the future (if you want to integrate my edits) to replace them with my nonce functions. I also haven't edited admin/download.php as I don't know which files are downloaded through there. Adding the nonce protection is easy, if needed.
In attachment is the $( svn diff ) from the latest checkout (r184). Of course it's a derivative work and thus released under the same GPLv3 license as GetSimple.
Edit: now nonce.php included in the diff
There's no point in changing the code for my website only, so I'm sharing my modifications.
The nonce functions are defined in admin/inc/nonce.php, get_nonce and check_nonce.
The first is called when outputting a form or link; the latter is used for verification after a form is submitted. get_nonce outputs a sha1 hash containing:
* $SALT and $USR
* Ip address
* Action and file responsible for that action
Future development may introduce time-based nonces somehow.
I see some forms already had a protection against CSRF, the variable $SESSIONHASH defined in admin/inc/common.php: I haven't touched them as for now, but it would be better in the future (if you want to integrate my edits) to replace them with my nonce functions. I also haven't edited admin/download.php as I don't know which files are downloaded through there. Adding the nonce protection is easy, if needed.
In attachment is the $( svn diff ) from the latest checkout (r184). Of course it's a derivative work and thus released under the same GPLv3 license as GetSimple.
Edit: now nonce.php included in the diff
./tankmiche_
