Dominique.Fournier/DomFramework
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

csrf : add the exceptions code to Exceptions

Browse Source 
git-svn-id: https://svn.fournier38.fr/svn/ProgSVN/trunk@2779 bf3deb0d-5f1a-0410-827f-c0cc1f45334c
This commit is contained in:
Dominique Fournier
2016-06-28 07:18:15 +00:00
parent 7ca9bb179d
commit 5f49609a28
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
csrf.php
View File

@@ -43,18 +43,18 @@ class csrf
if (! isset ($_SESSION["domframework"]["csrf"]["csrf"])) if (! isset ($_SESSION["domframework"]["csrf"]["csrf"]))
{ {
throw new Exception (dgettext("domframework", throw new Exception (dgettext("domframework",
"No previous CSRF token : abort")); "No previous CSRF token : abort"), 406);
} }
if ($_SESSION["domframework"]["csrf"]["csrf"] !== $tokenFromUser) if ($_SESSION["domframework"]["csrf"]["csrf"] !== $tokenFromUser)
{ {
throw new Exception (dgettext("domframework", throw new Exception (dgettext("domframework",
"Invalid CSRF token provided")); "Invalid CSRF token provided"), 406);
} }
if (($_SESSION["domframework"]["csrf"]["csrfStart"] + $this->csrfTimeout) < if (($_SESSION["domframework"]["csrf"]["csrfStart"] + $this->csrfTimeout) <
microtime (TRUE)) microtime (TRUE))
{ {
throw new Exception (dgettext("domframework", throw new Exception (dgettext("domframework",
"Obsolete CSRF token provided")); "Obsolete CSRF token provided"), 406);
} }
return TRUE; return TRUE;
} }