fix csrf_token for single user mode

author Andrew Dolgov <fox@fakecake.org>

Wed, 4 Apr 2012 04:37:34 +0000 (08:37 +0400)

committer Andrew Dolgov <fox@fakecake.org>

Wed, 4 Apr 2012 04:37:34 +0000 (08:37 +0400)
author Andrew Dolgov <fox@fakecake.org>
Wed, 4 Apr 2012 04:37:34 +0000 (08:37 +0400)
committer Andrew Dolgov <fox@fakecake.org>
Wed, 4 Apr 2012 04:37:34 +0000 (08:37 +0400)
diff --git a/include/functions.php b/include/functions.php

index 6bc3ca4f9a5ea08a0910d13348497f7a513cb486..27c24f8ed1556ebce51925424b9b75353b1f5fe2 100644 (file)
--- a/include/functions.php
+++ b/include/functions.php
@@ -838,7 +838,10 @@
                         $_SESSION["uid"] = 1;
                         $_SESSION["name"] = "admin";
                         $_SESSION["access_level"] = 10;
-                       $_SESSION["csrf_token"] = sha1(uniqid(rand(), true));
+
+                       if (!$_SESSION["csrf_token"]) {
+                               $_SESSION["csrf_token"] = sha1(uniqid(rand(), true));
+                       }
  
                         $_SESSION["ip_address"] = $_SERVER["REMOTE_ADDR"];
author	Andrew Dolgov <fox@fakecake.org>
	Wed, 4 Apr 2012 04:37:34 +0000 (08:37 +0400)
committer	Andrew Dolgov <fox@fakecake.org>
	Wed, 4 Apr 2012 04:37:34 +0000 (08:37 +0400)