Commit e3bee8e9 authored by Mike Sheldon's avatar Mike Sheldon

Merge commit 'refs/merge-requests/48' of git://gitorious.org/foocorp/gnu-fm into merge48

parents 9c37d92b 8bdf1b3a
......@@ -30,10 +30,10 @@ if (!isset($config_version) || $config_version != $version) {
die('Configuration file is out of date. Please delete it (and associated database) and <a href="install.php">reinstall</a>.'); //TODO: Upgrade script for release versions
}
if (isset($_GET['hs']) && isset($_GET['p'])) {
if (substr($_GET['p'], 0, 3) == '1.2') {
if (isset($_REQUEST['hs']) && isset($_REQUEST['p'])) {
if (substr($_REQUEST['p'], 0, 3) == '1.2') {
require_once('submissions/1.2/handshake.php');
} else if (substr($_GET['p'], 0, 3) == '1.1') {
} else if (substr($_REQUEST['p'], 0, 3) == '1.1') {
require_once('submissions/1.1/handshake.php');
}
} else {
......
......@@ -30,11 +30,11 @@ require_once('temp-utils.php');
$supported_protocols = array('1.1');
if (!isset($_GET['p']) || !isset($_GET['u']) || !isset($_GET['c'])) {
if (!isset($_REQUEST['p']) || !isset($_REQUEST['u']) || !isset($_REQUEST['c'])) {
die("FAILED\n");
}
$protocol = $_GET['p']; $username = $_GET['u']; $client = $_GET['c'];
$protocol = $_REQUEST['p']; $username = $_REQUEST['u']; $client = $_REQUEST['c'];
if (!in_array($protocol, $supported_protocols)) {
die("FAILED Unsupported protocol version\n");
......
......@@ -26,15 +26,15 @@ require_once('temp-utils.php');
$supported_protocols = array('1.2', '1.2.1');
if (!isset($_GET['p']) || !isset($_GET['u']) || !isset($_GET['t']) || !isset($_GET['a']) || !isset($_GET['c'])) {
if (!isset($_REQUEST['p']) || !isset($_REQUEST['u']) || !isset($_REQUEST['t']) || !isset($_REQUEST['a']) || !isset($_REQUEST['c'])) {
die("BADAUTH\n");
}
$protocol = $_GET['p'];
$username = $_GET['u'];
$timestamp = $_GET['t'];
$auth_token = $_GET['a'];
$client = $_GET['c'];
$protocol = $_REQUEST['p'];
$username = $_REQUEST['u'];
$timestamp = $_REQUEST['t'];
$auth_token = $_REQUEST['a'];
$client = $_REQUEST['c'];
if ($client == 'import') {
die("FAILED Import scripts are broken\n"); // this should be removed or changed to check the version once import.php is fixed
......@@ -48,8 +48,8 @@ if (abs($timestamp - time()) > 300) {
die("BADTIME\n"); // let's try a 5-minute tolerance
}
if (isset($_GET['api_key']) && isset($_GET['sk'])) {
$authed = check_web_auth($username, $auth_token, $timestamp, $_GET['api_key'], $_GET['sk']);
if (isset($_REQUEST['api_key']) && isset($_REQUEST['sk'])) {
$authed = check_web_auth($username, $auth_token, $timestamp, $_REQUEST['api_key'], $_REQUEST['sk']);
} else {
$authed = check_standard_auth($username, $auth_token, $timestamp);
}
......
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment