Friendica/friendica-github
1
0
Fork 0
mirror of https://github.com/friendica/friendica synced 2024-11-09 23:42:53 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #9067 from MrPetovan/bug/9065-csrf-anonymous

Browse source 
Re-allow anonymous use of CSRF tokens
This commit is contained in:
Tobias Diekershoff 2020-08-24 18:36:21 +02:00 committed by GitHub
commit 5ab4503140
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/BaseModule.php
View file

@ -140,11 +140,7 @@ abstract class BaseModule
return false;
}
if (empty($a->user)) {
return false;
}
$sec_hash = hash('whirlpool', $a->user['guid'] . $a->user['prvkey'] . session_id() . $x[0] . $typename);
$sec_hash = hash('whirlpool', ($a->user['guid'] ?? '') . ($a->user['prvkey'] ?? '') . session_id() . $x[0] . $typename);
return ($sec_hash == $x[1]);
}