kevinowino869/mitrobill
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

enable/disable CSRF

Browse Source
This commit is contained in:
iBNu Maksum 2024-11-04 12:05:08 +07:00
parent 7fb08eb76f
commit 8908f4bdc3
No known key found for this signature in database
GPG Key ID: 7FC82848810579E5
1 changed files with 13 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
system/autoload/Csrf.php
View File

@ -22,6 +22,8 @@ class Csrf
public static function check($token)
{
global $config;
if($config['csrf_enabled'] == 'yes') {
if (isset($_SESSION['csrf_token'], $_SESSION['csrf_token_time'], $token)) {
$storedToken = $_SESSION['csrf_token'];
$tokenTime = $_SESSION['csrf_token_time'];
@ -35,6 +37,8 @@ class Csrf
}
return false;
}
return true;
}
public static function generateAndStoreToken()
{