use hash_equals() correctly
This commit is contained in:
parent
e3adacc588
commit
f72e6947d5
|
@ -679,7 +679,7 @@
|
|||
}
|
||||
|
||||
function validate_csrf($csrf_token) {
|
||||
return hash_equals($csrf_token, $_SESSION['csrf_token']);
|
||||
return hash_equals($_SESSION['csrf_token'], $csrf_token);
|
||||
}
|
||||
|
||||
function load_user_plugins($owner_uid, $pluginhost = false) {
|
||||
|
|
Loading…
Reference in New Issue