X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=inc%2Fmodules%2Floader.php;h=e154a9395b23bb9a815e37247502dd697fc87871;hb=c9a5bbe818b2dbcf8e8d5774fb25f08c40c92bd8;hp=3ff6d6d8d7df5efcde4821dcf7225927a754f95a;hpb=0948ef3c6a5a46db5a7862eebb94c6e6f30125ef;p=mailer.git

diff --git a/inc/modules/loader.php b/inc/modules/loader.php
index 3ff6d6d8d7..e154a9395b 100644
--- a/inc/modules/loader.php
+++ b/inc/modules/loader.php
@@ -41,12 +41,18 @@ if (!defined('__SECURITY')) {
 } // END - if
 
 // Is an URL specified?
-if ((isGetRequestElementSet('url')) && (isGetRequestElementSet('hash'))) {
+if ((isGetRequestElementSet('url')) && (isGetRequestElementSet('hash')) && (isGetRequestElementSet('salt'))) {
 	// Decode URL
 	$decodedUrl = decodeString(str_replace(' ', '+', compileUriCode(urldecode(getRequestElement('url')))));
 
+	// Debug message
+	//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'decodedUrl=' . $decodedUrl . ',hash=' . getRequestElement('hash'));
+
 	// Generate hash for comparing it
-	$hash = encodeHashForCookie(generateHash($decodedUrl, getRequestElement('hash')));
+	$hash = encodeHashForCookie(generateHash($decodedUrl . getSiteKey() . getDateKey(), getRequestElement('salt')));
+
+	// Debug message
+	//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'decodedUrl=' . $decodedUrl . ',hash=' . $hash);
 
 	// Validate the URL and hash
 	if ($hash != getRequestElement('hash')) {
@@ -57,7 +63,7 @@ if ((isGetRequestElementSet('url')) && (isGetRequestElementSet('hash'))) {
 		logDebugMessage(__FILE__, __LINE__, 'Hash ' . getRequestElement('hash') . ' does not match URL ' . $decodedUrl);
 	} elseif (isUrlValid($decodedUrl)) {
 		// Generate a JavaScript that redirects us
-		loadTemplate('loader', false, $decodedUrl);
+		loadTemplate('loader', FALSE, $decodedUrl);
 	} else {
 		// URL invalid
 		redirectToUrl('modules.php?module=index');