Dominique.Fournier/DomFramework
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

csrf : add the exceptions code to Exceptions

Browse Source 
git-svn-id: https://svn.fournier38.fr/svn/ProgSVN/trunk@2779 bf3deb0d-5f1a-0410-827f-c0cc1f45334c
This commit is contained in:
Dominique Fournier
2016-06-28 07:18:15 +00:00
parent 7ca9bb179d
commit 5f49609a28
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
csrf.php
View File

@@ -43,18 +43,18 @@ class csrf
if (! isset ($_SESSION["domframework"]["csrf"]["csrf"]))
{
throw new Exception (dgettext("domframework",
"No previous CSRF token : abort"));
"No previous CSRF token : abort"), 406);
}
if ($_SESSION["domframework"]["csrf"]["csrf"] !== $tokenFromUser)
{
throw new Exception (dgettext("domframework",
"Invalid CSRF token provided"));
"Invalid CSRF token provided"), 406);
}
if (($_SESSION["domframework"]["csrf"]["csrfStart"] + $this->csrfTimeout) <
microtime (TRUE))
{
throw new Exception (dgettext("domframework",
"Obsolete CSRF token provided"));
"Obsolete CSRF token provided"), 406);
}
return TRUE;
}