From 7f959169b7220b4ed3e083cb2a545fe2c5400f9c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= <nicolas.loeuillet@gmail.com>
Date: Mon, 5 Aug 2013 10:32:15 +0200
Subject: copy of poche.sqlite

---
 index.php | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

(limited to 'index.php')

diff --git a/index.php b/index.php
index 294620d1..654403c8 100644
--- a/index.php
+++ b/index.php
@@ -11,16 +11,15 @@
 include dirname(__FILE__).'/inc/poche/config.inc.php';
 
 #XSRF protection with token
-// if (!empty($_POST)) {
-//     if (!Session::isToken($_POST['token'])) {
-//         die(_('Wrong token'));
-//         // TODO remettre le test
-//     }
-//     unset($_SESSION['tokens']);
-// }
+if (!empty($_POST)) {
+    if (!Session::isToken($_POST['token'])) {
+        die(_('Wrong token'));
+    }
+    unset($_SESSION['tokens']);
+}
 
 $referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER'];
-$view = Tools::checkVar('view');
+$view = Tools::checkVar('view', 'home');
 $action = Tools::checkVar('action');
 $id = Tools::checkVar('id');
 $_SESSION['sort'] = Tools::checkVar('sort');
-- 
cgit v1.2.3