bachir/materio-base-legacy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

security updates

Browse Source 
have to check views and entityreference for custom patches
This commit is contained in:
Bachir Soussi Chiadmi
2015-04-19 20:45:16 +02:00
parent 802ec0c6f3
commit b3221c71e2
516 changed files with 14267 additions and 7349 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
sites/all/modules/contrib/mail/mimemail/includes/mimemail.incoming.inc
View File

@@ -15,15 +15,23 @@
* The POSTed message.
*/
function mimemail_post() {
$message = $_POST['message'];
$token = $_POST['token'];
$hash = md5(variable_get('mimemail_key', '**') . $message);
if ($hash != $token) {
watchdog('access denied', 'Authentication error for POST e-mail', WATCHDOG_WARNING);
if (!isset($_POST['token']) || empty($_POST['token'])) {
return drupal_access_denied();
}
return mimemail_incoming($message);
if (isset($_POST['message']) && !empty($_POST['message'])) {
$key = variable_get('mimemail_key', drupal_random_key());
$hash = hash_hmac('sha1', $_POST['message'], $key);
if ($hash != $_POST['token']) {
watchdog('access denied', 'Authentication error for POST e-mail', WATCHDOG_WARNING);
return drupal_access_denied();
}
else {
return mimemail_incoming($_POST['message']);
}
}
return drupal_access_denied();
}
/**