Code: Select all
"U_AGREE_OVER13" => append_sid("profile.$phpEx?mode=register&". AGREED_VAR ."=".AGREED_VAL),
"U_AGREE_UNDER13" => append_sid("profile.$phpEx?mode=register&". AGREED_VAR ."=". AGREED_VAL ."&".COPPA_VAR."=true"))
);
Code: Select all
$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
Code: Select all
$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="agreed" value="' . $registration_hash . '" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
Code: Select all
#
$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
$s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
Code: Select all
$s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
[Sec] Added session checks to various forms - kellanved
Code: Select all
#-----[ OPEN ]---------------------------------------------
#
includes/usercp_register.php
#
#-----[ FIND ]---------------------------------------------
# Line 145
$notifypm = ( isset($HTTP_POST_VARS['notifypm']) ) ? ( ($HTTP_POST_VARS['notifypm']) ? TRUE : 0 ) : TRUE;
$popup_pm = ( isset($HTTP_POST_VARS['popup_pm']) ) ? ( ($HTTP_POST_VARS['popup_pm']) ? TRUE : 0 ) : TRUE;
#
#-----[ AFTER, ADD ]---------------------------------------------
#
$sid = (isset($HTTP_POST_VARS['sid'])) ? $HTTP_POST_VARS['sid'] : 0;
#
#-----[ FIND ]---------------------------------------------
# Line 253
if ( isset($HTTP_POST_VARS['submit']) )
{
include($phpbb_root_path . 'includes/usercp_avatar.'.$phpEx);
#
#-----[ AFTER, ADD ]---------------------------------------------
#
// session id check
if ($sid == '' || $sid != $userdata['session_id'])
{
$error = true;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Session_invalid'];
}
#
#-----[ FIND ]---------------------------------------------
# Line 298
message_die(GENERAL_ERROR, 'Could not obtain confirmation code', __LINE__, __FILE__, $sql);
#
#-----[ REPLACE WITH ]---------------------------------------------
#
message_die(GENERAL_ERROR, 'Could not obtain confirmation code', '', __LINE__, __FILE__, $sql);
#
#-----[ FIND ]---------------------------------------------
# Line 315
message_die(GENERAL_ERROR, 'Could not delete confirmation code', __LINE__, __FILE__, $sql);
#
#-----[ REPLACE WITH ]---------------------------------------------
#
message_die(GENERAL_ERROR, 'Could not delete confirmation code', '', __LINE__, __FILE__, $sql);
#
#-----[ FIND ]---------------------------------------------
# Line 903
$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
#
#-----[ AFTER, ADD ]---------------------------------------------
#
Code: Select all
// Begin Unique Registration Hash MOD by pentapenguin (http://www.pentapenguin.com)
$registration_hash = md5($userdata['session_ip'] . $userdata['session_id']);
// End Unique Registration Hash MOD by pentapenguin
CosmicD wrote: it's all on 1 line here: which makes me confused as a programming noob , shouldn't there bie at least a few lines of code without the // ?
jalaln wrote: Thanks for this MOD . Works well, until now .