$query = array( 'title' => 'Special:RunJobs',
'tasks' => 'jobs', 'maxjobs' => $n, 'sigexpiry' => time() + 5 );
- $query['signature'] = SpecialRunJobs::getQuerySignature( $query );
+ $query['signature'] = SpecialRunJobs::getQuerySignature(
+ $query, $this->config->get( 'SecretKey' ) );
$errno = $errstr = null;
$info = wfParseUrl( $this->config->get( 'Server' ) );
$squery = $params;
unset( $squery['signature'] );
- $cSig = self::getQuerySignature( $squery ); // correct signature
+ $cSig = self::getQuerySignature( $squery, $this->getConfig()->get( 'SecretKey' ) ); // correct signature
$rSig = $params['signature']; // provided signature
$verified = is_string( $rSig ) && hash_equals( $cSig, $rSig );
/**
* @param array $query
+ * @param string $secretKey
* @return string
*/
- public static function getQuerySignature( array $query ) {
- global $wgSecretKey;
-
+ public static function getQuerySignature( array $query, $secretKey ) {
ksort( $query ); // stable order
- return hash_hmac( 'sha1', wfArrayToCgi( $query ), $wgSecretKey );
+ return hash_hmac( 'sha1', wfArrayToCgi( $query ), $secretKey );
}
}
dépôts / lhc / web / wiklou.git / commitdiff