Mercurial > hg > fapweb
comparison usrajax.php @ 360:2af8458058ab
Implement CSRF token checks.
| author | Matti Hamalainen <ccr@tnsp.org> |
|---|---|
| date | Tue, 03 Dec 2013 11:13:44 +0200 |
| parents | 48d53945c6d3 |
| children | cbe2693a3cd1 |
comparison
equal
deleted
inserted
replaced
| 359:f7a806d5060f | 360:2af8458058ab |
|---|---|
| 38 | 38 |
| 39 | 39 |
| 40 // | 40 // |
| 41 // Initialize | 41 // Initialize |
| 42 // | 42 // |
| 43 if (!stUserSessionAuth()) | 43 if (!stUserSessionAuth() || !stCSRFCheck()) |
| 44 { | 44 { |
| 45 stSetupCacheControl(); | 45 stSetupCacheControl(); |
| 46 | 46 |
| 47 stSessionEnd(SESS_USER); | 47 stSessionEnd(SESS_USER); |
| 48 | 48 |