diff usrajax.php @ 360:2af8458058ab

Implement CSRF token checks.
author Matti Hamalainen <ccr@tnsp.org>
date Tue, 03 Dec 2013 11:13:44 +0200
parents 48d53945c6d3
children cbe2693a3cd1
line wrap: on
line diff
--- a/usrajax.php	Tue Dec 03 10:58:46 2013 +0200
+++ b/usrajax.php	Tue Dec 03 11:13:44 2013 +0200
@@ -40,7 +40,7 @@
 //
 // Initialize
 //
-if (!stUserSessionAuth())
+if (!stUserSessionAuth() || !stCSRFCheck())
 {
   stSetupCacheControl();