rooty/yubikey-ksm
1
0
Fork 0
mirror of https://github.com/Yubico/yubikey-ksm.git synced 2025-01-19 16:52:16 +01:00
Code Issues Projects Releases Wiki Activity

First test for parameter, then use it

Browse Source 
One should test if a parameter exists before using it instead of letting the PHP auto-type conversion magic have its way with it.
This commit is contained in:
Mrten 2013-09-27 11:34:51 +02:00
parent cc6b292fe0
commit fff4394ca7
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ykksm-decrypt.php
View File

@ -34,11 +34,11 @@ require_once 'ykksm-utils.php';
openlog("ykksm", LOG_PID, $logfacility) openlog("ykksm", LOG_PID, $logfacility)
or die("ERR Syslog open error\n"); or die("ERR Syslog open error\n");
$otp = $_REQUEST["otp"]; if (!isset($_REQUEST["otp"])) {
if (!$otp) {
syslog(LOG_INFO, "No OTP provided"); syslog(LOG_INFO, "No OTP provided");
die("ERR No OTP provided\n"); die("ERR Invalid OTP format\n");
} }
$otp = $_REQUEST["otp"];
if (!preg_match("/^([cbdefghijklnrtuv]{0,16})([cbdefghijklnrtuv]{32})$/", if (!preg_match("/^([cbdefghijklnrtuv]{0,16})([cbdefghijklnrtuv]{32})$/",
$otp, $matches)) { $otp, $matches)) {