summaryrefslogtreecommitdiff
path: root/classes/handler/public.php
diff options
context:
space:
mode:
Diffstat (limited to 'classes/handler/public.php')
-rwxr-xr-xclasses/handler/public.php7
1 files changed, 5 insertions, 2 deletions
diff --git a/classes/handler/public.php b/classes/handler/public.php
index 18be5c640..595473789 100755
--- a/classes/handler/public.php
+++ b/classes/handler/public.php
@@ -283,9 +283,12 @@ class Handler_Public extends Handler {
}
function logout() {
- if ($_POST["csrf_token"] == $_SESSION["csrf_token"]) {
+ if (validate_csrf($_POST["csrf_token"])) {
logout_user();
header("Location: index.php");
+ } else {
+ header("Content-Type: text/json");
+ print error_json(6);
}
}
@@ -777,7 +780,7 @@ class Handler_Public extends Handler {
<div class='content'>
<?php
- if (!$feed_url || $csrf_token != $_SESSION["csrf_token"]) {
+ if (!$feed_url || !validate_csrf($csrf_token)) {
?>
<form method="post">
<input type="hidden" name="op" value="subscribe">
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-30 19:22:00 +0000