jostreff/nsedit
1
0
Fork 0
mirror of https://github.com/tuxis-ie/nsedit.git synced 2025-06-07 00:47:00 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Rework session handling; add CSRF tokens and autologin

Browse source
This commit is contained in:
Stefan Bühler 2014-10-04 20:46:19 +02:00
parent 922642005d
commit e8f071f67c
6 changed files with 295 additions and 93 deletions
Download patch file Download diff file Expand all files Collapse all files

4
users.php
View file

@ -4,7 +4,7 @@ include_once('includes/config.inc.php');
include_once('includes/session.inc.php');
include_once('includes/misc.inc.php');
if (!is_logged_in()) {
if (!is_csrf_safe()) {
header('Status: 403');
header('Location: ./index.php');
jtable_respond(null, 'error', "Authentication required");
@ -96,5 +96,3 @@ default:
jtable_respond(null, 'error', 'Invalid action');
break;
}
?>