gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-05-15 06:01:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

do not use session id in form key if not logged in

Browse Source
This commit is contained in:
Uwe Steinmann 2021-04-18 07:02:53 +02:00
parent 888d75953e
commit 6c0b544446
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
inc/inc.Utils.php
View File

@ -473,10 +473,10 @@ function showtree() { /* {{{ */
function createFormKey($formid='') { /* {{{ */ function createFormKey($formid='') { /* {{{ */
global $settings, $session; global $settings, $session;
if($id = $session->getId()) { if($session && $id = $session->getId()) {
return md5($id.$settings->_encryptionKey.$formid); return md5($id.$settings->_encryptionKey.$formid);
} else { } else {
return false; return md5($settings->_encryptionKey.$formid);
} }
} /* }}} */ } /* }}} */