open-dsi
/
nextcloud-server
mirror of https://github.com/nextcloud/server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Validate cookie to prevent auth bypasses.

Browse Source
remotes/origin/stable45
Lukas Reschke 12 years ago committed by Jörn Friedrich Dreyer
parent 76e0ca785b
commit 360c22fd28
1 changed files with 1 additions and 1 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      index.php

2
index.php
Unescape View File

@ -77,7 +77,7 @@ elseif(OC_User::isLoggedIn()) {
}
// confirm credentials in cookie
if(isset($_COOKIE['oc_token']) && OC_User::userExists($_COOKIE['oc_username']) &&
OC_Preferences::getValue($_COOKIE['oc_username'], "login", "token") == $_COOKIE['oc_token']) {
OC_Preferences::getValue($_COOKIE['oc_username'], "login", "token") === $_COOKIE['oc_token']) {
OC_User::setUserId($_COOKIE['oc_username']);
OC_Util::redirectToDefaultPage();
}

Write Preview
Loading…
Cancel
Save