From 5e5e751271570769e4c1f7f5dcff7004eaee9c20 Mon Sep 17 00:00:00 2001
From: xisi <chaeldarrs@gmail.com>
Date: Sat, 18 Jan 2014 17:12:41 -0500
Subject: [PATCH] switched account edit csrf token to 1 min now that saving
 works on an incorrect entry

---
 public/include/pages/account/edit.inc.php    | 4 ++--
 public/include/pages/password/change.inc.php | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/public/include/pages/account/edit.inc.php b/public/include/pages/account/edit.inc.php
index 6acd773c..98b42c3c 100644
--- a/public/include/pages/account/edit.inc.php
+++ b/public/include/pages/account/edit.inc.php
@@ -16,7 +16,7 @@ $updating = (@$_POST['do']) ? 1 : 0;
 // csrf stuff 
 $csrfenabled = ($config['csrf']['enabled'] && $config['csrf']['options']['sitewide']) ? 1 : 0;
 if ($csrfenabled) {
-  $nocsrf = ($csrftoken->getBasic($user->getCurrentIP(), 'editaccount', 'mdyH') == @$_POST['ctoken']) ? 1 : 0;
+  $nocsrf = ($csrftoken->getBasic($user->getCurrentIP(), 'editaccount') == @$_POST['ctoken']) ? 1 : 0;
 }
 
 if ($user->isAuthenticated()) {
@@ -199,7 +199,7 @@ $smarty->assign("CHANGEPASSSENT", $cp_sent);
 $smarty->assign("WITHDRAWSENT", $wf_sent);
 $smarty->assign("DETAILSSENT", $ea_sent);
 if ($csrfenabled) {
-  $token = $csrftoken->getBasic($user->getCurrentIP(), 'editaccount', 'mdyH');
+  $token = $csrftoken->getBasic($user->getCurrentIP(), 'editaccount');
   $smarty->assign('CTOKEN', $token);
 }
 // Tempalte specifics
diff --git a/public/include/pages/password/change.inc.php b/public/include/pages/password/change.inc.php
index 263e20f7..07a5e72e 100644
--- a/public/include/pages/password/change.inc.php
+++ b/public/include/pages/password/change.inc.php
@@ -8,7 +8,7 @@ if (!defined('SECURITY'))
 $csrfenabled = ($config['csrf']['enabled'] && $config['csrf']['options']['sitewide']) ? 1 : 0;
 if ($csrfenabled) {
   // we have to use editaccount token because this can be called from 2 separate places
-  $nocsrf = ($csrftoken->getBasic($user->getCurrentIP(), 'editaccount', 'mdyH') == @$_POST['ctoken']) ? 1 : 0;
+  $nocsrf = ($csrftoken->getBasic($user->getCurrentIP(), 'editaccount') == @$_POST['ctoken']) ? 1 : 0;
 }
 
 if (!$csrfenabled || $csrfenabled && $nocsrf) {
@@ -26,7 +26,7 @@ if (!$csrfenabled || $csrfenabled && $nocsrf) {
 
 // csrf token
 if ($config['csrf']['enabled'] && $config['csrf']['options']['sitewide']) {
-  $token = $csrftoken->getBasic($user->getCurrentIP(), 'editaccount', 'mdyH');
+  $token = $csrftoken->getBasic($user->getCurrentIP(), 'editaccount');
   $smarty->assign('CTOKEN', $token);
 }