RanchiMall/php-mpos
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #1479 from xisi/next

Browse Source 
forgot to move this to the new config setting, oops
This commit is contained in:
Sebastian Grewe 2014-01-20 03:30:37 -08:00
commit 34463d8966
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
public/include/pages/login.inc.php
View File

@ -41,7 +41,7 @@ if ($setting->getValue('maintenance') && !$user->isAdmin($user->getUserId($_POST
$_SESSION['POPUP'][] = array('CONTENT' => 'Unable to login: The captcha you entered was incorrect', 'TYPE' => 'errormsg');
}
}
if ($config['csrf']['enabled'] && $config['csrf']['forms']['login']) {
if ($config['csrf']['enabled'] && !in_array('login', $config['csrf']['disabled_forms'])) {
if ((isset($_POST['ctoken']) && $_POST['ctoken'] !== $csrftoken->getBasic($user->getCurrentIP(), 'login')) || (!isset($_POST['ctoken']))) {
// csrf protection is on and this token is invalid, error out -> time expired
$nocsrf = 0;