diff options
| author | Lukas Fleischer <lfleischer@archlinux.org> | 2020-01-30 11:52:32 +0100 |
|---|---|---|
| committer | Lukas Fleischer <lfleischer@archlinux.org> | 2020-01-30 13:25:15 +0100 |
| commit | 8fc8898fef39af20a24c9928464fd8420481d819 (patch) | |
| tree | 34cf8f9eeeb9b642e074d2a5b1186ecbf6b8b3a1 /web/html | |
| parent | 7aa420d24da7e8c2c214ab421d44b4684d42e73e (diff) | |
| download | aur-8fc8898fef39af20a24c9928464fd8420481d819.tar.gz aur-8fc8898fef39af20a24c9928464fd8420481d819.tar.xz | |
Require password when deleting an account
Further reduce the attack surface in case of a stolen session ID.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Diffstat (limited to 'web/html')
| -rw-r--r-- | web/html/account.php | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/web/html/account.php b/web/html/account.php index 7c6c424a..03af8d43 100644 --- a/web/html/account.php +++ b/web/html/account.php @@ -120,12 +120,21 @@ if (isset($_COOKIE["AURSID"])) { } elseif ($action == "DeleteAccount") { /* Details for account being deleted. */ if (can_edit_account($row)) { - $UID = $row['ID']; + $uid_removal = $row['ID']; + $uid_session = uid_from_sid($_COOKIE['AURSID']); + $username = $row['Username']; + if (in_request('confirm') && check_token()) { - user_delete($UID); - header('Location: /'); + if (check_passwd($uid_session, $_REQUEST['passwd']) == 1) { + user_delete($uid_removal); + header('Location: /'); + } else { + echo "<ul class='errorlist'><li>"; + echo __("Invalid password."); + echo "</li></ul>"; + include("account_delete.php"); + } } else { - $username = $row['Username']; include("account_delete.php"); } } else { |