? modr8-actions-310723-2.patch
? modr8_coder-313907.patch
? more-modr8-cleanup-313907-5.patch
? response-form-319073-5.patch
? response-form-319073-6.patch
? response-form-319073-6x-fu.patch
Index: modr8.module
===================================================================
RCS file: /cvs/drupal-contrib/contributions/modules/modr8/modr8.module,v
retrieving revision 1.24
diff -u -p -r1.24 modr8.module
--- modr8.module	20 Oct 2008 22:44:52 -0000	1.24
+++ modr8.module	21 Oct 2008 15:12:26 -0000
@@ -87,10 +87,17 @@ function modr8_response_access($node, $t
 
 /**
  * Generate a token for responding to a node in moderation.
+ *
+ * Calculates a HMAC-MD5 according to RFC2104 (http://www.ietf.org/rfc/rfc2104.txt).
  */
 function modr8_response_token($nid, $uid) {
+  $key = md5(drupal_get_private_key() .'modr8token');
 
-  return sha1($uid . sha1('modr8' . $nid) . drupal_get_private_key() . $nid);
+  return bin2hex(
+    pack("H*", md5((str_pad($key, 64, chr(0x00)) ^ (str_repeat(chr(0x5c), 64))) .
+    pack("H*", md5((str_pad($key, 64, chr(0x00)) ^ (str_repeat(chr(0x36), 64))) .
+    $nid .':'. $key .':'. $uid))))
+  );
 }
 
 /**