The following warnings occurred:
Warning [2] Undefined variable $unreadreports - Line: 26 - File: global.php(961) : eval()'d code PHP 8.2.25 (Linux)
File Line Function
/global.php(961) : eval()'d code 26 errorHandler->error
/global.php 961 eval
/showthread.php 28 require_once





× This forum is read only. As of July 23, 2019, the UserSpice forums have been closed. To receive support, please join our Discord by clicking here. Thank you!
UserSpice   ›   Support Center   ›   UserSpice 4.3 and Below   ›   US4 Include Classes

  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
US4 Include Classes
mudmin
Lead Developer
*******
Joined: Dec 2015
Posts: 2,285

Reputation: 17
#10
02-25-2016, 04:56 PM
The problem is that checking he token deletes it from the session. The check function has this line in it...
Session::delete($tokenName);

That's supposed to prevent it from being reused. I'm checking if it it secure to do an ajax check function or something like that which doesn't delete it. I feel like that's a security vulnerability, but I'm checking.
  Reply


Messages In This Thread
US4 Include Classes - by brian - 02-24-2016, 09:44 PM
US4 Include Classes - by brian - 02-24-2016, 10:10 PM
US4 Include Classes - by mudmin - 02-24-2016, 11:09 PM
US4 Include Classes - by brian - 02-25-2016, 01:23 PM
US4 Include Classes - by brian - 02-25-2016, 01:27 PM
US4 Include Classes - by mudmin - 02-25-2016, 02:13 PM
US4 Include Classes - by brian - 02-25-2016, 02:43 PM
US4 Include Classes - by mudmin - 02-25-2016, 04:02 PM
US4 Include Classes - by brian - 02-25-2016, 04:22 PM
US4 Include Classes - by mudmin - 02-25-2016, 04:56 PM
US4 Include Classes - by mudmin - 02-25-2016, 05:27 PM
US4 Include Classes - by brian - 02-25-2016, 05:58 PM
US4 Include Classes - by mudmin - 02-25-2016, 06:14 PM
US4 Include Classes - by mudmin - 02-25-2016, 11:09 PM
US4 Include Classes - by brian - 02-26-2016, 01:20 PM
US4 Include Classes - by brian - 02-26-2016, 01:41 PM
US4 Include Classes - by mudmin - 02-26-2016, 01:57 PM
US4 Include Classes - by brian - 02-26-2016, 02:05 PM
US4 Include Classes - by brian - 02-26-2016, 02:12 PM
US4 Include Classes - by mudmin - 02-26-2016, 05:54 PM
US4 Include Classes - by brian - 02-26-2016, 05:56 PM
US4 Include Classes - by mudmin - 02-26-2016, 06:42 PM
US4 Include Classes - by brian - 02-26-2016, 06:48 PM
US4 Include Classes - by Popkultur - 04-22-2017, 11:17 AM
US4 Include Classes - by mudmin - 04-23-2017, 01:53 PM
US4 Include Classes - by bladerunner - 12-14-2017, 11:57 AM

Forum Jump:


Users browsing this thread: 5 Guest(s)