diff options
| author | Klap-in <klapinklapin@gmail.com> | 2013-06-09 21:22:12 +0200 |
|---|---|---|
| committer | Klap-in <klapinklapin@gmail.com> | 2013-06-09 21:22:12 +0200 |
| commit | 9b6fa49c06b538c53c9cf3e404ade82d6c003f79 (patch) | |
| tree | 68771b589052382f9e4824bf3a4857f5648fdf3d /inc/media.php | |
| parent | a38a6f25d7e46f47a8f358bb16c766f5b96dae45 (diff) | |
| parent | 62765857f84626449d6c53b1a46c462a37e5083a (diff) | |
| download | rpg-9b6fa49c06b538c53c9cf3e404ade82d6c003f79.tar.gz rpg-9b6fa49c06b538c53c9cf3e404ade82d6c003f79.tar.bz2 | |
Merge remote-tracking branch 'origin/master' into fetchimagetokexternal
Diffstat (limited to 'inc/media.php')
| -rw-r--r-- | inc/media.php | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/inc/media.php b/inc/media.php index e29a47631..18148a446 100644 --- a/inc/media.php +++ b/inc/media.php @@ -1879,20 +1879,21 @@ function media_crop_image($file, $ext, $w, $h=0){ * cropped images have been internally generated - and prevent external * DDOS attacks via fetch * + * @author Christopher Smith <chris@jalakai.co.uk> + * * @param string $id id of the image * @param int $w resize/crop width * @param int $h resize/crop height - * - * @author Christopher Smith <chris@jalakai.co.uk> + * @return string */ function media_get_token($id,$w,$h){ // token is only required for modified images if ($w || $h) { - $token = auth_cookiesalt().$id; + $token = $id; if ($w) $token .= '.'.$w; if ($h) $token .= '.'.$h; - return substr(md5($token),0,6); + return substr(PassHash::hmac('md5', $token, auth_cookiesalt()),0,6); } return ''; |