Merge branch 'next' of github.com:MPOS/php-mpos into next

README.md

@@ -38,7 +38,7 @@ These people have supported this project with a donation:
 * [xisi](https://github.com/xisi)
 * [PCFiL](https://github.com/PCFiL)
 * [rog1121](https://github.com/rog1121)(https://rapidhash.net)
-* [Wow, Much Pool](http://http://www.wowmuchpool.com/)
+* [Wow, Much Pool](http://www.wowmuchpool.com/)
 
 Pools running MPOS
 ==================
@@ -56,7 +56,7 @@ supported. They will never match an upstream share, solo miners do not create
 any shares, only blocks. Expect weird behavior if trying to mix them. See #299
 for full information.
 
-* 64 bit system
+* 64-bit system
  * Otherwise some coins will display wrong network hashrates
 * Apache2
  * libapache2-mod-php5

public/index.php

@@ -148,11 +148,11 @@ $action = (isset($_REQUEST['action']) && !is_array($_REQUEST['action'])) && isse
 
 // Check csrf token validity if necessary
 if ($config['csrf']['enabled'] && isset($_REQUEST['ctoken']) && !empty($_REQUEST['ctoken']) && !is_array($_REQUEST['ctoken'])) {
-  $csrftoken->valid = ($csrftoken->checkBasic($user->getCurrentIP(), $arrPages[$page], $_REQUEST['ctoken'])) ? 1 : 0;
+  $csrftoken->valid = ($csrftoken->checkBasic(session_id(), $arrPages[$page], $_REQUEST['ctoken'])) ? 1 : 0;
 } else if ($config['csrf']['enabled'] && (!@$_REQUEST['ctoken'] || empty($_REQUEST['ctoken']))) {
   $csrftoken->valid = 0;
 }
-if ($config['csrf']['enabled']) $smarty->assign('CTOKEN', $csrftoken->getBasic($user->getCurrentIP(), $arrPages[$page]));
+if ($config['csrf']['enabled']) $smarty->assign('CTOKEN', $csrftoken->getBasic(session_id(), $arrPages[$page]));
 
 // Load the page code setting the content for the page OR the page action instead if set
 if (!empty($action)) {