PonyMirrors/ponepaste
1
0
Fork 0
mirror of https://github.com/Neetpone/ponepaste.git synced 2025-03-12 06:30:07 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix: make CSRF tokens exist for the duration of the session

Browse source
This commit is contained in:
Floorb 2023-07-11 03:20:58 -04:00
parent 894613e257
commit 483d0293f7
2 changed files with 2 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
includes/common.php
View file

@ -218,11 +218,7 @@ function verifyCsrfToken($token = null) : bool {
return false;
}
$success = hash_equals($_SESSION[SessionHelper::CSRF_TOKEN_KEY], $token);
unset($_SESSION[SessionHelper::CSRF_TOKEN_KEY]);
return $success;
return hash_equals($_SESSION[SessionHelper::CSRF_TOKEN_KEY], $token);
}
session_start();