Temporary configuration 'RAND_NUMBER' is now 'cached' in session variable, possibly...

diff --git a/inc/filters.php b/inc/filters.php
index d512328709ea3dba65facf19dad983b1885fe1fc..83019226a20f89bd1b43270e53398637cfb2e0a8 100644 (file)
--- a/inc/filters.php
+++ b/inc/filters.php
@@ -863,7 +863,10 @@ function FILTER_CHECK_ADMIN_ACL () {
 // Init random number/cache buster
 function FILTER_INIT_RANDOM_NUMBER () {
        // Is the extension ext-sql_patches installed and at least 0.3.6?
-       if ((isExtensionInstalledAndNewer('sql_patches', '0.3.6')) && (isExtensionInstalledAndNewer('other', '0.2.5'))) {
+       if (isSessionVariableSet('random_number')) {
+               // Then set it
+               setConfigEntry('RAND_NUMBER', getSession('random_number'));
+       } elseif ((isExtensionInstalledAndNewer('sql_patches', '0.3.6')) && (isExtensionInstalledAndNewer('other', '0.2.5'))) {
                // Generate random number
                setConfigEntry('RAND_NUMBER', generateRandomCode(10, mt_rand(10000, 99999), getMemberId(), ''));
        } else {
@@ -871,6 +874,9 @@ function FILTER_INIT_RANDOM_NUMBER () {
                setConfigEntry('RAND_NUMBER', mt_rand(1000000, 9999999));
        }
 
+       // Set it in session for faster script execusion
+       setSession('random_number', getConfig('RAND_NUMBER'));
+
        // Copy it to CACHE_BUSTER
        setConfigEntry('CACHE_BUSTER', getConfig('RAND_NUMBER'));
 }

diff --git a/inc/functions.php b/inc/functions.php
index 33acd8c1c7d852c5551186024f6eb4ee79156ba3..b6083824ef45981a8d8d594c5bd3b9a03a6832f1 100644 (file)
--- a/inc/functions.php
+++ b/inc/functions.php
@@ -335,11 +335,14 @@ function generateDereferrerUrl ($url) {
                // Encode URL
                $encodedUrl = encodeString(compileUriCode($url));
 
-               // Log plain URL
-               //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'url=' . $url);
+               // Generate hash
+               $hash = generateHash($url . getSiteKey() . getDateKey());
+
+               // Log plain URL and hash
+               //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'url=' . $url . ',hash=' . $hash . '(' . strlen($hash) . ')');
 
                // De-refer this URL
-               $url = '{%url=modules.php?module=loader&url=' . $encodedUrl . '&hash=' . encodeHashForCookie(generateHash($url . getSiteKey() . getDateKey())) . '%}';
+               $url = '{%url=modules.php?module=loader&url=' . $encodedUrl . '&hash=' . encodeHashForCookie($hash) . '&salt=' . substr($hash, 0, getSaltLength()) . '%}';
        } // END - if
 
        // Return link

diff --git a/inc/modules/loader.php b/inc/modules/loader.php
index 006559f5eb95342caa6660fbf7c78440f68e635a..e154a9395b23bb9a815e37247502dd697fc87871 100644 (file)
--- a/inc/modules/loader.php
+++ b/inc/modules/loader.php
@@ -41,7 +41,7 @@ if (!defined('__SECURITY')) {
 } // END - if
 
 // Is an URL specified?
-if ((isGetRequestElementSet('url')) && (isGetRequestElementSet('hash'))) {
+if ((isGetRequestElementSet('url')) && (isGetRequestElementSet('hash')) && (isGetRequestElementSet('salt'))) {
        // Decode URL
        $decodedUrl = decodeString(str_replace(' ', '+', compileUriCode(urldecode(getRequestElement('url')))));
 
@@ -49,7 +49,7 @@ if ((isGetRequestElementSet('url')) && (isGetRequestElementSet('hash'))) {
        //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'decodedUrl=' . $decodedUrl . ',hash=' . getRequestElement('hash'));
 
        // Generate hash for comparing it
-       $hash = encodeHashForCookie(generateHash($decodedUrl . getSiteKey() . getDateKey(), getRequestElement('hash')));
+       $hash = encodeHashForCookie(generateHash($decodedUrl . getSiteKey() . getDateKey(), getRequestElement('salt')));
 
        // Debug message
        //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'decodedUrl=' . $decodedUrl . ',hash=' . $hash);