added timestamp to hash

2011-02-15 13:33:57 +01:00 · 2011-02-15 13:33:57 +01:00 · d447d5dc50
commit d447d5dc50
parent 5005c20ffe
2 changed files with 4 additions and 2 deletions
--- a/sms_contact/index.php
+++ b/sms_contact/index.php
@ -27,11 +27,12 @@ if ($_POST) {
 	$balance = $sipgate->getBalance();
 	$message = str_replace("\r", "", trim($_POST['message']));
 	$blacklist = read_blacklist($config['blocked']);
+	$delta_t = 60*5;

 	if (!isset($_POST['message'])) {
 		throw new Exception('Keine Nachricht!', 5);
 	}
-	if ($_POST['antispam'] != md5($message)) {
+	if ($_POST['antispam'] != md5($message . ceil(time() / $delta_t))) { // check hash
 		throw new Exception('Willst du mich bescheissen? Bitte aktiviere Javascript!', 1);
 	}
 	if (strlen($message) > 160) {
--- a/sms_contact/js/sms.js
+++ b/sms_contact/js/sms.js
@ -20,8 +20,9 @@ function update_length(msg) {
 }

 function send(frm) {
+	var delta_t = 1000*5*60; // vadility of hash in seconds
 	frm.message.value = frm.message.value.trim()
-	frm.antispam.value = hex_md5(frm.message.value);
+	frm.antispam.value = hex_md5(frm.message.value + Math.ceil(new Date().getTime() / delta_t));
 	
 	if (frm.message.value.length > 160) {
 		alert('Message is too long!');