Change checks

MioVisman · MioVisman · commit 79ad509d53e7 · 2025-04-07T17:12:40.000+07:00
diff --git a/addons/security_for_login.php b/addons/security_for_login.php
@@ -142,7 +142,7 @@ function hook_login_before_validation()
 			return;
 		}
 
-		if ($cur_form['form_ip'] != get_remote_address())
+		if ($cur_form['form_ip'] !== get_remote_address())
 			$errors[] = security_msg('4');
 
 		if ($now - $this->time_min < $cur_form['form_time'])
diff --git a/addons/security_for_post.php b/addons/security_for_post.php
@@ -138,7 +138,7 @@ function hook_post_after_validation()
 			return;
 		}
 
-		if ($cur_form['form_ip'] != get_remote_address())
+		if ($cur_form['form_ip'] !== get_remote_address())
 			$errors[] = security_msg('4');
 
 		if ($now - $this->time_min < $cur_form['form_time'])
diff --git a/addons/security_for_register.php b/addons/security_for_register.php
@@ -124,7 +124,7 @@ function hook_register_after_validation()
 			return;
 		}
 
-		if (!isset($_POST['req_user']) || !isset($_POST['req_email1']) || !isset($_POST['timezone']) || !isset($_POST['email_setting']))
+		if (!isset($_POST['req_user'], $_POST['req_email1'], $_POST['timezone'], $_POST['email_setting']) || (empty($_POST['language']) && count(forum_list_langs()) > 1))
 			$errors[] = security_msg('1');
 
 		if (security_test_browser())
@@ -139,7 +139,7 @@ function hook_register_after_validation()
 			return;
 		}
 
-		if ($cur_form['form_ip'] != get_remote_address())
+		if ($cur_form['form_ip'] !== get_remote_address())
 			$errors[] = security_msg('4');
 
 		if ($now - $this->time_min < $cur_form['form_time'])
diff --git a/include/security.php b/include/security.php
@@ -236,7 +236,7 @@ function security_show_captcha(int $tabindex, bool $acaptcha = true, bool $qcapt
 
 function security_test_browser()
 {
-		return empty($_SERVER['HTTP_ACCEPT_CHARSET']) && empty($_SERVER['HTTP_ACCEPT_ENCODING']) && empty($_SERVER['HTTP_ACCEPT_LANGUAGE']);
+	return empty($_SERVER['HTTP_ACCEPT']) || '*/*' == $_SERVER['HTTP_ACCEPT'] || empty($_SERVER['HTTP_ACCEPT_ENCODING']) || empty($_SERVER['HTTP_ACCEPT_LANGUAGE']) || empty($_SERVER['HTTP_ORIGIN']);
 }
 
 
diff --git a/register.php b/register.php
@@ -106,7 +106,7 @@
 
 	if (!is_valid_email($email1))
 		$errors[] = $lang_common['Invalid email'];
-	else if ($pun_config['o_regs_verify'] == '1' && $email1 != $email2)
+	else if ($pun_config['o_regs_verify'] == '1' && $email1 !== $email2)
 		$errors[] = $lang_register['Email not match'];
 
 	// Check if it's a banned email address

Original file line number	Diff line number	Diff line change
`@@ -142,7 +142,7 @@ function hook_login_before_validation()`
`142`	`142`	`return;`
`143`	`143`	`}`
`144`	`144`
`145`		`- if ($cur_form['form_ip'] != get_remote_address())`
	`145`	`+ if ($cur_form['form_ip'] !== get_remote_address())`
`146`	`146`	`$errors[] = security_msg('4');`
`147`	`147`
`148`	`148`	`if ($now - $this->time_min < $cur_form['form_time'])`
Original file line number	Diff line number	Diff line change
`@@ -138,7 +138,7 @@ function hook_post_after_validation()`
`138`	`138`	`return;`
`139`	`139`	`}`
`140`	`140`
`141`		`- if ($cur_form['form_ip'] != get_remote_address())`
	`141`	`+ if ($cur_form['form_ip'] !== get_remote_address())`
`142`	`142`	`$errors[] = security_msg('4');`
`143`	`143`
`144`	`144`	`if ($now - $this->time_min < $cur_form['form_time'])`
Original file line number	Diff line number	Diff line change
`@@ -124,7 +124,7 @@ function hook_register_after_validation()`
`124`	`124`	`return;`
`125`	`125`	`}`
`126`	`126`
`127`		`- if (!isset($_POST['req_user']) \|\| !isset($_POST['req_email1']) \|\| !isset($_POST['timezone']) \|\| !isset($_POST['email_setting']))`
	`127`	`+ if (!isset($_POST['req_user'], $_POST['req_email1'], $_POST['timezone'], $_POST['email_setting']) \|\| (empty($_POST['language']) && count(forum_list_langs()) > 1))`
`128`	`128`	`$errors[] = security_msg('1');`
`129`	`129`
`130`	`130`	`if (security_test_browser())`
`@@ -139,7 +139,7 @@ function hook_register_after_validation()`
`139`	`139`	`return;`
`140`	`140`	`}`
`141`	`141`
`142`		`- if ($cur_form['form_ip'] != get_remote_address())`
	`142`	`+ if ($cur_form['form_ip'] !== get_remote_address())`
`143`	`143`	`$errors[] = security_msg('4');`
`144`	`144`
`145`	`145`	`if ($now - $this->time_min < $cur_form['form_time'])`
Original file line number	Diff line number	Diff line change
`@@ -236,7 +236,7 @@ function security_show_captcha(int $tabindex, bool $acaptcha = true, bool $qcapt`
`236`	`236`
`237`	`237`	`function security_test_browser()`
`238`	`238`	`{`
`239`		`- return empty($_SERVER['HTTP_ACCEPT_CHARSET']) && empty($_SERVER['HTTP_ACCEPT_ENCODING']) && empty($_SERVER['HTTP_ACCEPT_LANGUAGE']);`
	`239`	`+ return empty($_SERVER['HTTP_ACCEPT']) \|\| '/' == $_SERVER['HTTP_ACCEPT'] \|\| empty($_SERVER['HTTP_ACCEPT_ENCODING']) \|\| empty($_SERVER['HTTP_ACCEPT_LANGUAGE']) \|\| empty($_SERVER['HTTP_ORIGIN']);`
`240`	`240`	`}`
`241`	`241`
`242`	`242`