Browse Source

Delete apache_request_headers for token verification

merge-requests/1/head
Erase 4 years ago
parent
commit
2cc5240106
1 changed files with 0 additions and 1 deletions
  1. +0
    -1
      generate.php

+ 0
- 1
generate.php View File

@ -10,7 +10,6 @@
$_SESSION['csrf_token'] = uniqid(mt_rand(), true);
}
$headers = apache_request_headers();
if(!array_key_exists('t', $_POST) || !empty($_POST['t'])){
if ($_POST['t'] !== $_SESSION['csrf_token']) {
//~ Wrong token


Loading…
Cancel
Save