mirror/php-adminer
1
0
Fork 0
mirror of https://github.com/vrana/adminer.git synced 2025-08-08 07:36:44 +02:00
Code Issues Releases Wiki Activity

Move $token to get_token()

Browse Source
This commit is contained in:
Jakub Vrana
2025-03-28 18:49:26 +01:00
parent 74457f0895
commit e219ef9ad1
7 changed files with 10 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
adminer/include/auth.inc.php
View File

@@ -7,7 +7,6 @@ $has_token = $_SESSION["token"];
if (!$has_token) {
$_SESSION["token"] = rand(1, 1e6); // defense against cross-site request forgery
}
$token = get_token(); ///< @var string CSRF protection
$permanent = array();
if ($_COOKIE["adminer_permanent"]) {
@@ -204,7 +203,7 @@ if ($_POST["logout"] && $has_token && !verify_token()) {
}
if ($auth && $_POST["token"]) {
$_POST["token"] = $token; // reset token after explicit login
$_POST["token"] = get_token(); // reset token after explicit login
}
$error = ''; ///< @var string