Generate token before session close

author jakubvrana <jakubvrana@7c3ca157-0c34-0410-bff1-cbf682f78f5c>

Wed, 11 Jul 2007 08:03:08 +0000 (08:03 +0000)

committer jakubvrana <jakubvrana@7c3ca157-0c34-0410-bff1-cbf682f78f5c>

Wed, 11 Jul 2007 08:03:08 +0000 (08:03 +0000)
author jakubvrana <jakubvrana@7c3ca157-0c34-0410-bff1-cbf682f78f5c>
Wed, 11 Jul 2007 08:03:08 +0000 (08:03 +0000)
committer jakubvrana <jakubvrana@7c3ca157-0c34-0410-bff1-cbf682f78f5c>
Wed, 11 Jul 2007 08:03:08 +0000 (08:03 +0000)
diff --git a/auth.inc.php b/auth.inc.php

index 69fe4f75c7514a328f0b3aeb1628d60c5c36fceb..41e9ab837e16018c348777df6021296aef3583fd 100644 (file)
--- a/auth.inc.php
+++ b/auth.inc.php
@@ -30,6 +30,9 @@ if (isset($_POST["server"])) {
  }
  
  if (!isset($_SESSION["usernames"][$_GET["server"]]) || !$mysql->connect($_GET["server"], $_SESSION["usernames"][$_GET["server"]], $_SESSION["passwords"][$_GET["server"]])) {
+       if ($_POST["token"]) {
+               $_POST["token"] = token();
+       }
         page_header(lang('Login'));
         if (isset($_SESSION["usernames"][$_GET["server"]])) {
                 echo "<p class='error'>" . lang('Invalid credentials.') . "</p>\n";
@@ -56,8 +59,6 @@ if (!isset($_SESSION["usernames"][$_GET["server"]]) || !$mysql->connect($_GET["s
                                         }
                                 }
                         }
-               } elseif ($key == "token") {
-                       echo '<input type="hidden" name="token" value="' . token() . '" />';
                 } elseif (!in_array($key, $ignore)) {
                         echo '<input type="hidden" name="' . htmlspecialchars($key) . '" value="' . htmlspecialchars($val) . '" />';
                 }
author	jakubvrana <jakubvrana@7c3ca157-0c34-0410-bff1-cbf682f78f5c>
	Wed, 11 Jul 2007 08:03:08 +0000 (08:03 +0000)
committer	jakubvrana <jakubvrana@7c3ca157-0c34-0410-bff1-cbf682f78f5c>
	Wed, 11 Jul 2007 08:03:08 +0000 (08:03 +0000)