Skip to content
Snippets Groups Projects
Commit f5a2f6ea authored by Laurent Destailleur's avatar Laurent Destailleur
Browse files

Fix: Pb with the token post protection

parent 296ea344
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 1 addition and 1 deletion
htdocs/main.inc.php
+ 1
1
View file @ f5a2f6ea
......@@ -185,7 +185,7 @@ if (empty($conf->global->MAIN_FEATURES_LEVEL)) // Check validity of token, only
if (($_POST['token'] != $_SESSION['token_level_1']) && ($_POST['token'] != $_SESSION['token_level_2']))
{
dol_syslog("Invalid token in ".$_SERVER['HTTP_REFERER'].", action=".$_POST['action'].", _POST['token']=".$_POST['token'].", _SESSION['token_level_1']=".$_SESSION['token_level_1'].", _SESSION['token_level_2']=".$_SESSION['token_level_2']);
print 'Unset POST by CSRF protection in main.inc.php.';
//print 'Unset POST by CSRF protection in main.inc.php.'; // Do not output anything because this create problems when using the BACK button on browsers.
unset($_POST);
}
}
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment