diff options
author | Frederic Guillot <fred@kanboard.net> | 2015-11-15 12:50:33 -0500 |
---|---|---|
committer | Frederic Guillot <fred@kanboard.net> | 2015-11-15 12:50:33 -0500 |
commit | a675271ad71b7713d1b33bdba3c51b2b04813229 (patch) | |
tree | e54d8a95e16ca521193b9fd5a5eb071aa2910823 /app/Core/Security/Token.php | |
parent | 2fc402f6733573627ad25394d109b9f848ef04f6 (diff) |
Rewrite of session management
Diffstat (limited to 'app/Core/Security/Token.php')
-rw-r--r-- | app/Core/Security/Token.php | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/app/Core/Security/Token.php b/app/Core/Security/Token.php index 7aca08af..2bb66ef2 100644 --- a/app/Core/Security/Token.php +++ b/app/Core/Security/Token.php @@ -38,12 +38,12 @@ class Token extends Base */ public function getCSRFToken() { - if (! isset($_SESSION['csrf_tokens'])) { - $_SESSION['csrf_tokens'] = array(); + if (! isset($this->sessionStorage->csrf)) { + $this->sessionStorage->csrf = array(); } $nonce = self::getToken(); - $_SESSION['csrf_tokens'][$nonce] = true; + $this->sessionStorage->csrf[$nonce] = true; return $nonce; } @@ -57,8 +57,8 @@ class Token extends Base */ public function validateCSRFToken($token) { - if (isset($_SESSION['csrf_tokens'][$token])) { - unset($_SESSION['csrf_tokens'][$token]); + if (isset($this->sessionStorage->csrf[$token])) { + unset($this->sessionStorage->csrf[$token]); return true; } |