summaryrefslogtreecommitdiffstats
path: root/web/lib/aur.inc.php
diff options
context:
space:
mode:
authorLukas Fleischer <archlinux@cryptocrack.de>2013-01-30 09:25:42 +0100
committerLukas Fleischer <archlinux@cryptocrack.de>2013-01-30 09:25:42 +0100
commit8b791dee91bef312a0c3d06a8b77a5363720a88e (patch)
tree26e62794e2348067c510e8b58dd497aaffe454ff /web/lib/aur.inc.php
parent49e61845085aff6076a3dde056d08a278f447e6d (diff)
parent65e93f134faf9c98574a99f7f40d9f0bdb4256eb (diff)
downloadaur-8b791dee91bef312a0c3d06a8b77a5363720a88e.tar.gz
aur-8b791dee91bef312a0c3d06a8b77a5363720a88e.tar.xz
Merge branch 'maint'
Diffstat (limited to 'web/lib/aur.inc.php')
-rw-r--r--web/lib/aur.inc.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/web/lib/aur.inc.php b/web/lib/aur.inc.php
index 9317ec94..d8c5cb49 100644
--- a/web/lib/aur.inc.php
+++ b/web/lib/aur.inc.php
@@ -94,7 +94,7 @@ function check_sid($dbh=NULL) {
* @return bool True if the CSRF token is the same as the cookie SID, otherwise false
*/
function check_token() {
- if (isset($_POST['token'])) {
+ if (isset($_POST['token']) && isset($_COOKIE['AURSID'])) {
return ($_POST['token'] == $_COOKIE['AURSID']);
} else {
return false;