nas
/
todo_api
Watch 2
Star 1
Fork 0
Code Issues 1 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Improve csrf

Maurits van der Schee 8 years ago
parent
20c805f09a
commit
00d1dfc00b
1 changed files with 2 additions and 2 deletions
Split View Show Diff Stats
  1. 2
    2
      api.php

+ 2
- 2
api.php View File 

@@ -2137,7 +2137,7 @@ class PHP_CRUD_API {
2137 2137 
 // $auth = new PHP_API_AUTH(array(
2138 2138 
 // 	'secret'=>'someVeryLongPassPhraseChangeMe',
2139 2139 
 // ));
2140 
-// $auth->executeCommand();
2140 
+// if ($auth->executeCommand()) exit(0);
2141 2141 
 // if (empty($_SESSION['user']) || $_GET['csrf']!=$_SESSION['csrf']) {
2142 2142 
 //	header('HTTP/1.0 401 Unauthorized');
2143 2143 
 //	exit(0);
 
@@ -2148,7 +2148,7 @@ class PHP_CRUD_API {
2148 2148 
 // $auth = new PHP_API_AUTH(array(
2149 2149 
 // 	'authenticator'=>function($user,$pass){ $_SESSION['user']=($user=='admin' && $pass=='admin'); }
2150 2150 
 // ));
2151 
-// $auth->executeCommand();
2151 
+// if ($auth->executeCommand()) exit(0);
2152 2152 
 // if (empty($_SESSION['user']) || $_GET['csrf']!=$_SESSION['csrf']) {
2153 2153 
 //	header('HTTP/1.0 401 Unauthorized');
2154 2154 
 //	exit(0);

Write Preview
Loading…
Cancel
Save