public/tt-rss
1
0
Fork 0
mirror of https://git.tt-rss.org/git/tt-rss.git synced 2025-12-13 08:35:55 +00:00
Code Issues Releases Wiki Activity

don't try to call hash_equals() on unset user token

Browse Source
This commit is contained in:
Andrew Dolgov
2020-09-17 10:20:55 +03:00
parent f72e6947d5
commit 5a7e7e1367
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
include/functions.php
View File

@@ -679,7 +679,7 @@
} }
function validate_csrf($csrf_token) { function validate_csrf($csrf_token) {
return hash_equals($_SESSION['csrf_token'], $csrf_token); return isset($csrf_token) && hash_equals($_SESSION['csrf_token'], $csrf_token);
} }
function load_user_plugins($owner_uid, $pluginhost = false) { function load_user_plugins($owner_uid, $pluginhost = false) {