diff options
Diffstat (limited to 'inc/poche')
| -rw-r--r-- | inc/poche/Poche.class.php | 1 | ||||
| -rwxr-xr-x | inc/poche/config.inc.php | 10 |
2 files changed, 10 insertions, 1 deletions
diff --git a/inc/poche/Poche.class.php b/inc/poche/Poche.class.php index 9db4a034..2f0f7038 100644 --- a/inc/poche/Poche.class.php +++ b/inc/poche/Poche.class.php | |||
| @@ -93,6 +93,7 @@ class Poche | |||
| 93 | private function init() | 93 | private function init() |
| 94 | { | 94 | { |
| 95 | Tools::initPhp(); | 95 | Tools::initPhp(); |
| 96 | Session::$sessionName = 'poche'; | ||
| 96 | Session::init(); | 97 | Session::init(); |
| 97 | 98 | ||
| 98 | if (isset($_SESSION['poche_user']) && $_SESSION['poche_user'] != array()) { | 99 | if (isset($_SESSION['poche_user']) && $_SESSION['poche_user'] != array()) { |
diff --git a/inc/poche/config.inc.php b/inc/poche/config.inc.php index aaa26af8..9247c292 100755 --- a/inc/poche/config.inc.php +++ b/inc/poche/config.inc.php | |||
| @@ -48,4 +48,12 @@ if (!ini_get('date.timezone') || !@date_default_timezone_set(ini_get('date.timez | |||
| 48 | date_default_timezone_set('UTC'); | 48 | date_default_timezone_set('UTC'); |
| 49 | } | 49 | } |
| 50 | 50 | ||
| 51 | $poche = new Poche(); \ No newline at end of file | 51 | $poche = new Poche(); |
| 52 | |||
| 53 | #XSRF protection with token | ||
| 54 | if (!empty($_POST)) { | ||
| 55 | if (!Session::isToken($_POST['token'])) { | ||
| 56 | die(_('Wrong token')); | ||
| 57 | } | ||
| 58 | unset($_SESSION['tokens']); | ||
| 59 | } \ No newline at end of file | ||