From 3c124064ad6f670d52c3678335caa57892408362 Mon Sep 17 00:00:00 2001
From: Andreas Gohr <gohr@cosmocode.de>
Date: Thu, 30 May 2013 16:56:34 +0200
Subject: use HMAC in media_token FS#2794

---
 inc/media.php | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

(limited to 'inc/media.php')

diff --git a/inc/media.php b/inc/media.php
index e29a47631..18148a446 100644
--- a/inc/media.php
+++ b/inc/media.php
@@ -1879,20 +1879,21 @@ function media_crop_image($file, $ext, $w, $h=0){
  * cropped images have been internally generated - and prevent external
  * DDOS attacks via fetch
  *
+ * @author Christopher Smith <chris@jalakai.co.uk>
+ *
  * @param string  $id    id of the image
  * @param int     $w     resize/crop width
  * @param int     $h     resize/crop height
- *
- * @author Christopher Smith <chris@jalakai.co.uk>
+ * @return string
  */
 function media_get_token($id,$w,$h){
     // token is only required for modified images
     if ($w || $h) {
-        $token = auth_cookiesalt().$id;
+        $token = $id;
         if ($w) $token .= '.'.$w;
         if ($h) $token .= '.'.$h;
 
-        return substr(md5($token),0,6);
+        return substr(PassHash::hmac('md5', $token, auth_cookiesalt()),0,6);
     }
 
     return '';
-- 
cgit v1.2.3