X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Flibs%2Fsurfbar_functions.php;h=7df9fd5b8173bd60c9aac3a65b28af1aabd8f8b5;hp=8b491c650acadd8365588e92f1ac3e3f6ffeb09e;hb=963e55ca1ea79e255f235e359cde9f7862191dc5;hpb=0369c36aaab5af6ed44da1e13a53baef285f79b4

diff --git a/inc/libs/surfbar_functions.php b/inc/libs/surfbar_functions.php
index 8b491c650a..7df9fd5b81 100644
--- a/inc/libs/surfbar_functions.php
+++ b/inc/libs/surfbar_functions.php
@@ -32,7 +32,7 @@
  ************************************************************************/
 
 // Some security stuff...
-if (ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) {
+if (!defined('__SECURITY')) {
 	$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
 	require($INC);
 }
@@ -450,9 +450,18 @@ LIMIT %s",
 function SURFBAR_GENERATE_VALIDATION_CODE ($id, $salt="") {
 	global $_CONFIG, $SURFBAR_CACHE;
 
+	// @TODO Invalid salt should be refused
+	$SURFBAR_CACHE['salt'] = "INVALID";
+
+	// Get code length from config
+	$length = $_CONFIG['code_length'];
+
+	// Fix length to 10
+	if ($length == 0) $length = 10;
+
 	// Generate a code until the length matches
 	$valCode = "";
-	while (strlen($valCode) != $_CONFIG['code_length']) {
+	while (strlen($valCode) != $length) {
 		// Is the salt set?
 		if (empty($salt)) {
 			// Generate random hashed string
@@ -465,7 +474,7 @@ function SURFBAR_GENERATE_VALIDATION_CODE ($id, $salt="") {
 		}
 
 		// ... and now the validation code
-		$valCode = GEN_RANDOM_CODE($_CONFIG['code_length'], sha1(SURFBAR_GET_SALT().":".$id), $GLOBALS['userid']);
+		$valCode = GEN_RANDOM_CODE($length, sha1(SURFBAR_GET_SALT().":".$id), $GLOBALS['userid']);
 		//DEBUG_LOG(__FUNCTION__.":valCode={$valCode}");
 	} // END - while