gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-02-11 09:35:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

do not use session id in form key if not logged in

Browse Source
This commit is contained in:
Uwe Steinmann 2021-04-18 07:02:53 +02:00
parent 888d75953e
commit 6c0b544446
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
inc/inc.Utils.php
View File

@ -473,10 +473,10 @@ function showtree() { /* {{{ */
function createFormKey($formid='') { /* {{{ */
global $settings, $session;
if($id = $session->getId()) {
if($session && $id = $session->getId()) {
return md5($id.$settings->_encryptionKey.$formid);
} else {
return false;
return md5($settings->_encryptionKey.$formid);
}
} /* }}} */