diff --git a/inc/config.php b/inc/config.php
index e7089061..bf62afb7 100644
--- a/inc/config.php
+++ b/inc/config.php
@@ -205,6 +205,9 @@
// Used to salt secure tripcodes ("##trip") and poster IDs (if enabled).
$config['secure_trip_salt'] = ')(*&^%$#@!98765432190zyxwvutsrqponmlkjihgfedcba';
+ // Used to salt poster passwords.
+ $config['secure_password_salt'] = 'wKJSb7M5SyzMcFWD2gPO3j2RYUSO9B789!@#$%^&*()';
+
/*
* ====================
* Flood/spam settings
diff --git a/inc/functions.php b/inc/functions.php
index c5b256ec..46e03d2a 100755
--- a/inc/functions.php
+++ b/inc/functions.php
@@ -1581,7 +1581,7 @@ function checkMute() {
if ($config['cache']['enabled']) {
// Cached mute?
- if (($mute = cache::get("mute_${_SERVER['REMOTE_ADDR']}")) && ($mutetime = cache::get("mutetime_${_SERVER['REMOTE_ADDR']}"))) {
+ if (($mute = cache::get("mute_{$_SERVER['REMOTE_ADDR']}")) && ($mutetime = cache::get("mutetime_{$_SERVER['REMOTE_ADDR']}"))) {
error(sprintf($config['error']['youaremuted'], $mute['time'] + $mutetime - time()));
}
}
@@ -1600,8 +1600,8 @@ function checkMute() {
if ($mute['time'] + $mutetime > time()) {
if ($config['cache']['enabled']) {
- cache::set("mute_${_SERVER['REMOTE_ADDR']}", $mute, $mute['time'] + $mutetime - time());
- cache::set("mutetime_${_SERVER['REMOTE_ADDR']}", $mutetime, $mute['time'] + $mutetime - time());
+ cache::set("mute_{$_SERVER['REMOTE_ADDR']}", $mute, $mute['time'] + $mutetime - time());
+ cache::set("mutetime_{$_SERVER['REMOTE_ADDR']}", $mutetime, $mute['time'] + $mutetime - time());
}
// Not expired yet
error(sprintf($config['error']['youaremuted'], $mute['time'] + $mutetime - time()));
@@ -3022,3 +3022,9 @@ function check_thread_limit($post) {
return $r['count'] >= $config['max_threads_per_hour'];
}
}
+
+function hashPassword($password) {
+ global $config;
+
+ return hash('sha3-256', $password . $config['secure_password_salt']);
+}
\ No newline at end of file
diff --git a/inc/mod/pages.php b/inc/mod/pages.php
index 0e3c9c99..77fba803 100644
--- a/inc/mod/pages.php
+++ b/inc/mod/pages.php
@@ -1287,7 +1287,7 @@ function mod_move_reply($originBoard, $postID) {
// trigger themes
rebuildThemes('post', $targetBoard);
// mod log
- modLog("Moved post #${postID} to " . sprintf($config['board_abbreviation'], $targetBoard) . " (#${newID})", $originBoard);
+ modLog("Moved post #{$postID} to " . sprintf($config['board_abbreviation'], $targetBoard) . " (#{$newID})", $originBoard);
// return to original board
openBoard($originBoard);
@@ -1464,7 +1464,7 @@ function mod_move($originBoard, $postID) {
}
}
- modLog("Moved thread #${postID} to " . sprintf($config['board_abbreviation'], $targetBoard) . " (#${newID})", $originBoard);
+ modLog("Moved thread #{$postID} to " . sprintf($config['board_abbreviation'], $targetBoard) . " (#{$newID})", $originBoard);
// build new thread
buildThread($newID);
diff --git a/install.php b/install.php
index 44bbb085..90d8af57 100644
--- a/install.php
+++ b/install.php
@@ -921,6 +921,7 @@ if ($step == 0) {
$sg = new SaltGen();
$config['cookies']['salt'] = $sg->generate();
$config['secure_trip_salt'] = $sg->generate();
+ $config['secure_password_salt'] = $sg->generate();
echo Element('page.html', array(
'body' => Element('installer/config.html', array(
diff --git a/post.php b/post.php
index 7babb04e..ba339395 100644
--- a/post.php
+++ b/post.php
@@ -347,10 +347,11 @@ if (isset($_POST['delete'])) {
if (!isset($_POST['board'], $_POST['password']))
error($config['error']['bot']);
- $password = &$_POST['password'];
-
- if ($password == '')
+ if (empty($_POST['password'])){
error($config['error']['invalidpassword']);
+ }
+
+ $password = hashPassword($_POST['password']);
$delete = array();
foreach ($_POST as $post => $value) {
@@ -398,10 +399,12 @@ if (isset($_POST['delete'])) {
error(sprintf($config['error']['delete_too_late'], Format\until($post['time'] + $config['max_delete_time'])));
}
- if ($password != '' && $post['password'] != $password && (!$thread || $thread['password'] != $password))
+ if (!hash_equals($post['password'], $password) && (!$thread || !hash_equals($thread['password'], $password))) {
error($config['error']['invalidpassword']);
+ }
- if ($post['time'] > time() - $config['delete_time'] && (!$thread || $thread['password'] != $password)) {
+
+ if ($post['time'] > time() - $config['delete_time'] && (!$thread || !hash_equals($thread['password'], $password))) {
error(sprintf($config['error']['delete_too_soon'], Format\until($post['time'] + $config['delete_time'])));
}
@@ -770,7 +773,7 @@ if (isset($_POST['delete'])) {
$post['subject'] = $_POST['subject'];
$post['email'] = str_replace(' ', '%20', htmlspecialchars($_POST['email']));
$post['body'] = $_POST['body'];
- $post['password'] = $_POST['password'];
+ $post['password'] = hashPassword($_POST['password']);
$post['has_file'] = (!isset($post['embed']) && (($post['op'] && !isset($post['no_longer_require_an_image_for_op']) && $config['force_image_op']) || count($_FILES) > 0));
if (!$dropped_post) {
@@ -928,8 +931,6 @@ if (isset($_POST['delete'])) {
error($config['error']['toolong_body']);
if (!$mod && substr_count($post['body'], "\n") >= $config['maximum_lines'])
error($config['error']['toomanylines']);
- if (mb_strlen($post['password']) > 20)
- error(sprintf($config['error']['toolong'], 'password'));
}
wordfilters($post['body']);
@@ -1056,9 +1057,6 @@ if (isset($_POST['delete'])) {
error($config['error']['maxsize']);
}
- // If, on the basis of the file extension, the image file has metadata we can operate on.
- $file_image_has_operable_metadata = $file['extension'] === 'jpg' || $file['extension'] === 'jpeg' || $file['extension'] === 'webp' || $file['extension'] == 'png';
-
$file['exif_stripped'] = false;
if ($file_image_has_operable_metadata && $config['convert_auto_orient']) {
diff --git a/templates/installer/config.html b/templates/installer/config.html
index 973328f5..00a5b241 100644
--- a/templates/installer/config.html
+++ b/templates/installer/config.html
@@ -88,6 +88,9 @@
+
+
+
diff --git a/templates/posts.sql b/templates/posts.sql
index 9c468c97..71bad994 100644
--- a/templates/posts.sql
+++ b/templates/posts.sql
@@ -13,7 +13,7 @@ CREATE TABLE IF NOT EXISTS ``posts_{{ board }}`` (
`files` text DEFAULT NULL,
`num_files` int(11) DEFAULT 0,
`filehash` text CHARACTER SET ascii,
- `password` varchar(20) DEFAULT NULL,
+ `password` varchar(64) DEFAULT NULL,
`ip` varchar(39) CHARACTER SET ascii NOT NULL,
`sticky` int(1) NOT NULL,
`locked` int(1) NOT NULL,
diff --git a/tools/hash-passwords.php b/tools/hash-passwords.php
new file mode 100644
index 00000000..3c6463ee
--- /dev/null
+++ b/tools/hash-passwords.php
@@ -0,0 +1,17 @@
+execute() or error(db_error($query));
+
+ while($entry = $query->fetch(PDO::FETCH_ASSOC)) {
+ $update_query = prepare(sprintf("UPDATE ``posts_%s`` SET `password` = :password WHERE `password` = :password_org", $_board['uri']));
+ $update_query->bindValue(':password', hashPassword($entry['password']));
+ $update_query->bindValue(':password_org', $entry['password']);
+ $update_query->execute() or error(db_error());
+ }
+ }