Uploaded image for project: 'phpBB3'
  1. phpBB3
  2. PHPBB3-10237

Unwatching a forum/topic does not check for correct hash parameter

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 3.0.8, 3.0.9-RC2
    • Fix Version/s: 3.0.10-RC1
    • Component/s: Other
    • Labels:
      None

      Description

      The URL for watching/unwatching a forum/topic has a hash= parameter.

      		$s_watching['link'] = append_sid("{$phpbb_root_path}view$mode.$phpEx", "$u_url=$match_id&" . (($is_watching) ? 'unwatch' : 'watch') . "=$mode&start=$start&hash=" . generate_link_hash("{$mode}_$match_id"));

      However, the parameter is only checked when watching, but not when unwatching

      				$token = request_var('hash', '');
      				$redirect_url = append_sid("{$phpbb_root_path}view$mode.$phpEx", "$u_url=$match_id&start=$start");
       
      				if ($_GET['watch'] == $mode && check_link_hash($token, "{$mode}_$match_id"))

      The check should also be added to the unwatching code, if possible.

      bantu said, it may be because of the emails as the user_form_salt can get changed on session_create() and may than throw an error, but that can only happen if the user did not create any session yet, because he than can't get an empty user_form_salt anymore?

        Attachments

          Activity

            People

            • Assignee:
              nickvergessen Joas Schilling
              Reporter:
              nickvergessen Joas Schilling
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: