generate a new csrf token for each request

This commit is contained in:
glaszig 2019-07-30 20:15:10 +02:00
parent 7898dc24c8
commit 964dc00fab

View file

@ -59,9 +59,7 @@ function safefilerewrite($fileName, $dataToSave)
*/
function ensureCSRFSessionToken()
{
if (empty($_SESSION['csrf_token'])) {
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
}
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
}
/**