zydronium/danwin-hosting
1
0
Fork 0
mirror of https://github.com/DanWin/hosting.git synced 2025-08-12 08:59:18 +02:00
Code Issues Projects Releases Packages Wiki Activity

Adding CSRF to file manager

Browse source
This commit is contained in:
Noah van der Aa 2019-01-23 17:44:04 +01:00 committed by GitHub
parent e537e06118
commit bc4a8a4d7c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
var/www/html/login.php
View file

@ -53,6 +53,7 @@ if($_SERVER['REQUEST_METHOD']==='POST'){
} }
if($ok){ if($ok){
$_SESSION['hosting_username']=$username; $_SESSION['hosting_username']=$username;
$_SESSION['csrf_token']=sha1(uniqid());
session_write_close(); session_write_close();
header('Location: home.php'); header('Location: home.php');
exit; exit;