ISPConfig3 devel
parent: e8f9436f | patch | commit | ignore whitespace
Marius Cramer
2015-05-21 f3cc2c3985d20b9d7c75998ad100cacf5cad5789 
- session removal fix (csrf)
1 files modified
6 ■■■■■ changed files
interface/lib/classes/tform.inc.php 6 ●●●●● patch | view | raw | blame | history 
 interface/lib/classes/tform.inc.php


@@ -685,8 +685,8 @@


                unset($_POST);


                unset($record);


            }


            $_SESSION['_csrf'][$_csrf_id] = ' ';


            $_SESSION['_csrf_timeout'][$_csrf_id] = ' ';


            $_SESSION['_csrf'][$_csrf_id] = null;


            $_SESSION['_csrf_timeout'][$_csrf_id] = null;


            unset($_SESSION['_csrf'][$_csrf_id]);


            unset($_SESSION['_csrf_timeout'][$_csrf_id]);


            


@@ -696,6 +696,8 @@


                    if($timeout < time()) $to_unset[] = $_csrf_id;


                }


                foreach($to_unset as $_csrf_id) {


                    $_SESSION['_csrf'][$_csrf_id] = null;


                    $_SESSION['_csrf_timeout'][$_csrf_id] = null;


                    unset($_SESSION['_csrf'][$_csrf_id]);


                    unset($_SESSION['_csrf_timeout'][$_csrf_id]);


                }