wdwms
05-14-2008, 01:59 PM
Greetings,
We had a number of pages on our site that would allow people to post pre-formatted data to specific forums and threads. This was done so that uses using our model collection system could easily post a list of those models they have for sale to a forum. These systems worked great until 3.7 was introduced, now all of our custom code does not work thanks to security tokens.
So my question is this, what do I have to do to modify our NON VB code [these are stand-alone php files, these are NOT mods] in order to get the security token to work? In other words, what php code is needed so that I can have the proper security token value filled in when I create the HTML form to post back to vb?
Is there a way to set CSRF protection to "false" just for these specific php files? that would probably be the easiest..
Thanks!
Todd
--------------- Added 1210778820 at 1210778820 ---------------
Well i'm trying to find a solution and i'm close... i've got my custom code creating the token via this format which I found in the vbcode:
$user['securitytoken'] = sha1($user['userid'] . sha1($user['salt']) . sha1(COOKIE_SALT));
I've got the tokens matching now, just a matter of getting the html form stuff correct.
-t
We had a number of pages on our site that would allow people to post pre-formatted data to specific forums and threads. This was done so that uses using our model collection system could easily post a list of those models they have for sale to a forum. These systems worked great until 3.7 was introduced, now all of our custom code does not work thanks to security tokens.
So my question is this, what do I have to do to modify our NON VB code [these are stand-alone php files, these are NOT mods] in order to get the security token to work? In other words, what php code is needed so that I can have the proper security token value filled in when I create the HTML form to post back to vb?
Is there a way to set CSRF protection to "false" just for these specific php files? that would probably be the easiest..
Thanks!
Todd
--------------- Added 1210778820 at 1210778820 ---------------
Well i'm trying to find a solution and i'm close... i've got my custom code creating the token via this format which I found in the vbcode:
$user['securitytoken'] = sha1($user['userid'] . sha1($user['salt']) . sha1(COOKIE_SALT));
I've got the tokens matching now, just a matter of getting the html form stuff correct.
-t