去掉对ip的检测,因为再某些多出口的网络环境中可能存在多个ip来回切换的情况

This commit is contained in:
joyqi 2014-03-01 17:29:32 +08:00
parent 7ccd45dd87
commit 8aa706fd49

View File

@ -32,8 +32,7 @@ class Widget_Security extends Typecho_Widget
$token = uniqid();
if ($user->hasLogin()) {
$token = $user->authCode . '&' . $user->uid
. '&' . $this->request->getRequestUrl()
. '&' . $this->request->getIp();
. '&' . $this->request->getRequestUrl();
}
$this->_token = md5($token);
@ -70,8 +69,7 @@ class Widget_Security extends Typecho_Widget
$token = uniqid();
if ($user->hasLogin()) {
$token = $user->authCode . '&' . $user->uid
. '&' . $this->request->getReferer()
. '&' . $this->request->getIp();
. '&' . $this->request->getReferer();
}
if ($this->request->get('_') != md5($token)) {