1 files changed, 7 insertions, 7 deletions
diff --git a/index.php b/index.php
index 381b8ccc..94c72a27 100644
--- a/index.php
+++ b/index.php
@@ -11,13 +11,13 @@
 include dirname(__FILE__).'/inc/poche/config.inc.php';
 #XSRF protection with token
-if (!empty($_POST)) {
+// if (!empty($_POST)) {
-    if (!Session::isToken($_POST['token'])) {
+//     if (!Session::isToken($_POST['token'])) {
-        die(_('Wrong token'));
+//         die(_('Wrong token'));
-        // TODO remettre le test
+//         // TODO remettre le test
-    }
+//     }
-    unset($_SESSION['tokens']);
+//     unset($_SESSION['tokens']);
-}
+// }
 $referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER'];
 $view = Tools::checkVar('view');

diff --git a/index.php b/index.php index 381b8ccc..94c72a27 100644 --- a/index.php +++ b/index.php
@@ -11,13 +11,13 @@
11	include dirname(__FILE__).'/inc/poche/config.inc.php';	11	include dirname(__FILE__).'/inc/poche/config.inc.php';
12		12
13	#XSRF protection with token	13	#XSRF protection with token
14	if (!empty($_POST)) {	14	// if (!empty($_POST)) {
15	if (!Session::isToken($_POST['token'])) {	15	// if (!Session::isToken($_POST['token'])) {
16	die(_('Wrong token'));	16	// die(_('Wrong token'));
17	// TODO remettre le test	17	// // TODO remettre le test
18	}	18	// }
19	unset($_SESSION['tokens']);	19	// unset($_SESSION['tokens']);
20	}	20	// }
21		21
22	$referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER'];	22	$referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER'];
23	$view = Tools::checkVar('view');	23	$view = Tools::checkVar('view');