mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-01-29 19:50:14 +01:00
Code Issues Projects Releases Wiki Activity

MDL-44642 session: Remove 403 from require_sesskey()

Browse Source 
This should not have been added in core at this time (needs a separate
issue).
This commit is contained in:
Andrew Nicols 2014-12-16 10:18:21 +08:00
parent de1c6859cc
commit f9b431b873
2 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/sessionkeepalive_ajax.php
View File

@ -27,7 +27,10 @@ require_once(dirname(__DIR__) . '/config.php');
// Require the session key - want to make sure that this isn't called
// maliciously to keep a session alive longer than intended.
require_sesskey();
if (!confirm_sesskey()) {
header('HTTP/1.1 403 Forbidden');
print_error('invalidsesskey');
}
// Update the session.
\core\session\manager::touch_session(session_id());

1
lib/sessionlib.php
View File

@ -82,7 +82,6 @@ function confirm_sesskey($sesskey=NULL) {
*/
function require_sesskey() {
if (!confirm_sesskey()) {
header('HTTP/1.1 403 Forbidden');
print_error('invalidsesskey');
}
}