Fix *0 secure tripcodes caused by accidentally feeding + signs to crypt()

This commit is contained in:
8chan 2015-02-16 16:24:54 -08:00 committed by czaks
parent 7831da83fc
commit ce3ce4f1b6

View File

@ -2374,7 +2374,7 @@ function generate_tripcode($name) {
if (isset($config['custom_tripcode']["##{$trip}"])) if (isset($config['custom_tripcode']["##{$trip}"]))
$trip = $config['custom_tripcode']["##{$trip}"]; $trip = $config['custom_tripcode']["##{$trip}"];
else else
$trip = '!!' . substr(crypt($trip, '_..A.' . substr(base64_encode(sha1($trip . $config['secure_trip_salt'], true)), 0, 4)), -10); $trip = '!!' . substr(crypt($trip, str_replace('+', '.', '_..A.' . substr(base64_encode(sha1($trip . $config['secure_trip_salt'], true)), 0, 4))), -10);
} else { } else {
if (isset($config['custom_tripcode']["#{$trip}"])) if (isset($config['custom_tripcode']["#{$trip}"]))
$trip = $config['custom_tripcode']["#{$trip}"]; $trip = $config['custom_tripcode']["#{$trip}"];