From 454ed8940fbc0ea32e00e3d334d4717d55abea90 Mon Sep 17 00:00:00 2001 From: Max Pozdeev Date: Wed, 9 Feb 2022 12:17:46 +0300 Subject: [PATCH] * check csrf token on login; regenerate session id on logout instead of login --- src/ajax.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/ajax.php b/src/ajax.php index db8218e..78797ed 100644 --- a/src/ajax.php +++ b/src/ajax.php @@ -301,6 +301,7 @@ elseif(isset($_GET['changeOrder'])) } elseif(isset($_POST['login'])) { + check_token(); $t = array('logged' => 0); if (!need_auth()) { $t['disabled'] = 1; @@ -308,7 +309,6 @@ elseif(isset($_POST['login'])) } if ( isPasswordEqualsToHash(_post('password'), Config::get('password')) ) { $t['logged'] = 1; - session_regenerate_id(1); $_SESSION['logged'] = 1; $_SESSION['token'] = generateUUID(); $_SESSION['sign'] = idSignature(session_id(), Config::get('password'), defined('MTT_SALT') ? MTT_SALT : ''); @@ -321,6 +321,7 @@ elseif(isset($_POST['logout'])) unset($_SESSION['logged']); unset($_SESSION['token']); unset($_SESSION['sign']); + session_regenerate_id(1); $t = array('logged' => 0); jsonExit($t); }