From bc959df0c9df3fdf250fb93ef30dbb81cbd848c7 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Thu, 19 May 2016 15:46:30 +0200
Subject: Fix CSRF token checking; improve token/sid generation

---
 inc/util.inc.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'inc/util.inc.php')

diff --git a/inc/util.inc.php b/inc/util.inc.php
index c0b77f96..1b29aa39 100644
--- a/inc/util.inc.php
+++ b/inc/util.inc.php
@@ -103,7 +103,7 @@ SADFACE;
 	}
 
 	/**
-	 * Verify the user's token that protects agains CSRF.
+	 * Verify the user's token that protects against CSRF.
 	 * If the user is logged in and there is no token variable set in
 	 * the request, or the submitted token does not match the user's
 	 * token, this function will return false and display an error.
@@ -111,9 +111,9 @@ SADFACE;
 	 */
 	public static function verifyToken()
 	{
-		if (Session::get('main.token') === false)
+		if (!User::isLoggedIn() && Session::get('token') === false)
 			return true;
-		if (isset($_REQUEST['main.token']) && Session::get('main.token') === $_REQUEST['main.token'])
+		if (isset($_REQUEST['token']) && Session::get('token') === $_REQUEST['token'])
 			return true;
 		Message::addError('main.token');
 		return false;
-- 
cgit v1.2.3-55-g7522