Website
/
Manager
1
0
Fork 0
Code Releases 11 Activity

Generate CSRF token on session start

master
Anonymous Contributor 2023-08-23 18:16:34 +02:00
parent c78e7e2007
commit a446cfd9c1
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
index.php
View File

@ -10,7 +10,11 @@ session_set_cookie_params([
'secure' => true, 'secure' => true,
'samesite' => 'Lax' 'samesite' => 'Lax'
]); ]);
session_start(); session_start();
if(!isset($_SESSION['csrf']) || strlen($_SESSION['csrf'] != 64)) {
$_SESSION['csrf'] = bin2hex(random_bytes(32));
}
include_once 'classen/MAIL/PHPMailer.php'; include_once 'classen/MAIL/PHPMailer.php';
include_once 'classen/MAIL/SMTP.php'; include_once 'classen/MAIL/SMTP.php';