From 964dc00fab4ff7f7ec7c10ca07b2083c7686b7ed Mon Sep 17 00:00:00 2001
From: glaszig <glaszig@gmail.com>
Date: Tue, 30 Jul 2019 20:15:10 +0200
Subject: [PATCH] generate a new csrf token for each request

---
 includes/functions.php | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/includes/functions.php b/includes/functions.php
index 66d87116..07d48efa 100755
--- a/includes/functions.php
+++ b/includes/functions.php
@@ -59,9 +59,7 @@ function safefilerewrite($fileName, $dataToSave)
 */
 function ensureCSRFSessionToken()
 {
-    if (empty($_SESSION['csrf_token'])) {
-        $_SESSION['csrf_token'] = bin2hex(random_bytes(32));
-    }
+    $_SESSION['csrf_token'] = bin2hex(random_bytes(32));
 }
 
 /**