mirror of
https://github.com/billz/raspap-webgui.git
synced 2023-10-10 13:37:24 +02:00
generate only one csrf token per session
some pages issue xhr which lead to new tokens in the session and a future check is garuanteed to fail.
This commit is contained in:
parent
df81ce2a07
commit
20d9e919c3
@ -59,8 +59,10 @@ function safefilerewrite($fileName, $dataToSave)
|
||||
*/
|
||||
function ensureCSRFSessionToken()
|
||||
{
|
||||
if (empty($_SESSION['csrf_token'])) {
|
||||
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
|
Loading…
Reference in New Issue
Block a user