Commit f3cc2c39 authored by Marius Cramer's avatar Marius Cramer

- session removal fix (csrf)

parent e8f9436f
......@@ -685,8 +685,8 @@ class tform {
unset($_POST);
unset($record);
}
$_SESSION['_csrf'][$_csrf_id] = ' ';
$_SESSION['_csrf_timeout'][$_csrf_id] = ' ';
$_SESSION['_csrf'][$_csrf_id] = null;
$_SESSION['_csrf_timeout'][$_csrf_id] = null;
unset($_SESSION['_csrf'][$_csrf_id]);
unset($_SESSION['_csrf_timeout'][$_csrf_id]);
......@@ -696,6 +696,8 @@ class tform {
if($timeout < time()) $to_unset[] = $_csrf_id;
}
foreach($to_unset as $_csrf_id) {
$_SESSION['_csrf'][$_csrf_id] = null;
$_SESSION['_csrf_timeout'][$_csrf_id] = null;
unset($_SESSION['_csrf'][$_csrf_id]);
unset($_SESSION['_csrf_timeout'][$_csrf_id]);
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment