summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Tänzer <neo@nhng.de>2014-03-20 04:47:12 +0100
committerMichael Tänzer <neo@nhng.de>2014-03-20 04:47:12 +0100
commitb5b461e194aa7adbeeda21d0ee65d1f20a17b262 (patch)
treec48d59b1f7c0f71215f81f5f81dffe5e396b62ab
parent8872049b1d43ce98f528b9360e778bddd989067b (diff)
downloadcacert-devel-b5b461e194aa7adbeeda21d0ee65d1f20a17b262.tar.gz
cacert-devel-b5b461e194aa7adbeeda21d0ee65d1f20a17b262.tar.xz
cacert-devel-b5b461e194aa7adbeeda21d0ee65d1f20a17b262.zip
bug 807: Doh, forgot to check in include/account.php
Signed-off-by: Michael Tänzer <neo@nhng.de>
-rw-r--r--includes/account.php28
1 files changed, 4 insertions, 24 deletions
diff --git a/includes/account.php b/includes/account.php
index 0dbab8d..7e85cac 100644
--- a/includes/account.php
+++ b/includes/account.php
@@ -285,12 +285,7 @@ function buildSubjectFromSession() {
$_SESSION['_config']['rootcert'] = 1;
}
- // Check if we got a valid hash algorithm, otherwise use default
- if (array_key_exists('hash_alg', $_REQUEST) && array_key_exists($_REQUEST['hash_alg'], HASH_ALGORITHMS)) {
- $_SESSION['_config']['hash_alg'] = $_REQUEST['hash_alg'];
- } else {
- $_SESSION['_config']['hash_alg'] = DEFAULT_HASH_ALGORITHM;
- }
+ $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
$csr = "";
if(trim($_REQUEST['optionalCSR']) == "")
@@ -773,12 +768,7 @@ function buildSubjectFromSession() {
$_SESSION['_config']['rootcert'] = 1;
}
- // Check if we got a valid hash algorithm, otherwise use default
- if (array_key_exists('hash_alg', $_REQUEST) && array_key_exists($_REQUEST['hash_alg'], HASH_ALGORITHMS)) {
- $_SESSION['_config']['hash_alg'] = $_REQUEST['hash_alg'];
- } else {
- $_SESSION['_config']['hash_alg'] = DEFAULT_HASH_ALGORITHM;
- }
+ $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
}
if($process != "" && $oldid == 11)
@@ -1481,12 +1471,7 @@ function buildSubjectFromSession() {
if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
$_SESSION['_config']['rootcert'] = 1;
- // Check if we got a valid hash algorithm, otherwise use default
- if (array_key_exists('hash_alg', $_REQUEST) && array_key_exists($_REQUEST['hash_alg'], HASH_ALGORITHMS)) {
- $_SESSION['_config']['hash_alg'] = $_REQUEST['hash_alg'];
- } else {
- $_SESSION['_config']['hash_alg'] = DEFAULT_HASH_ALGORITHM;
- }
+ $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
if(trim($_REQUEST['description']) != ""){
$_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
@@ -1919,12 +1904,7 @@ function buildSubjectFromSession() {
if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
$_SESSION['_config']['rootcert'] = 1;
- // Check if we got a valid hash algorithm, otherwise use default
- if (array_key_exists('hash_alg', $_REQUEST) && array_key_exists($_REQUEST['hash_alg'], HASH_ALGORITHMS)) {
- $_SESSION['_config']['hash_alg'] = $_REQUEST['hash_alg'];
- } else {
- $_SESSION['_config']['hash_alg'] = DEFAULT_HASH_ALGORITHM;
- }
+ $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
}
if($process != "" && $oldid == 21)