Merge pull request 'Improve missing token check' (#36) from skazi/tt-rss:quiet-csrf into master

Reviewed-on: https://git.tt-rss.org/fox/tt-rss/pulls/36
2021-05-11 11:34:13 +03:00 · 2021-05-11 11:34:13 +03:00 · 82749ee7a7
parent b2f888e386 0c38dc8456
commit 82749ee7a7
1 changed files with 1 additions and 1 deletions
--- a/classes/userhelper.php
+++ b/classes/userhelper.php
@ -75,7 +75,7 @@ class UserHelper {
 			$_SESSION["auth_module"] = false;
-			if (!$_SESSION["csrf_token"])
+			if (empty($_SESSION["csrf_token"]))
 				$_SESSION["csrf_token"] = bin2hex(get_random_bytes(16));
 			$_SESSION["ip_address"] = UserHelper::get_user_ip();