rooty/yubikey-ksm
1
0
Fork 0
mirror of https://github.com/Yubico/yubikey-ksm.git synced 2025-01-19 16:52:16 +01:00
Code Issues Projects Releases Wiki Activity

Use GET instead of REQUEST

Browse Source 
REQUEST is an unholy combination of GET, POST and COOKIE, and the order of combining is user-configurable on every server. To prevent surprises, one should be explicit.
This commit is contained in:
Mrten 2013-09-27 11:38:05 +02:00
parent fff4394ca7
commit 113c3193ff
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ykksm-decrypt.php
View File

@ -34,11 +34,11 @@ require_once 'ykksm-utils.php';
openlog("ykksm", LOG_PID, $logfacility) openlog("ykksm", LOG_PID, $logfacility)
or die("ERR Syslog open error\n"); or die("ERR Syslog open error\n");
if (!isset($_REQUEST["otp"])) { if (!isset($_GET["otp"])) {
syslog(LOG_INFO, "No OTP provided"); syslog(LOG_INFO, "No OTP provided");
die("ERR Invalid OTP format\n"); die("ERR Invalid OTP format\n");
} }
$otp = $_REQUEST["otp"]; $otp = $_GET["otp"];
if (!preg_match("/^([cbdefghijklnrtuv]{0,16})([cbdefghijklnrtuv]{32})$/", if (!preg_match("/^([cbdefghijklnrtuv]{0,16})([cbdefghijklnrtuv]{32})$/",
$otp, $matches)) { $otp, $matches)) {