Merge pull request #26 from ziadoz/patch-1

silentworks · silentworks · commit 6f520a506f93 · 2012-08-15T05:20:28.000-07:00
Fixed bug in CSRFGuard session checking code.
diff --git a/Middleware/CsrfGuard.php b/Middleware/CsrfGuard.php
@@ -54,7 +54,7 @@ public function call() {
      */
     public function check() {
         // Create token
-        if ( session_id() === "" ){
+        if ( session_id() !== "" ){
             if ( ! isset( $_SESSION[ $this->key ] ) ){
                 $_SESSION[ $this->key ] = sha1( serialize( $_SERVER ) . rand( 0, 0xffffffff ) );
             }

Original file line number	Diff line number	Diff line change
`@@ -54,7 +54,7 @@ public function call() {`
`54`	`54`	`*/`
`55`	`55`	`public function check() {`
`56`	`56`	`// Create token`
`57`		`- if ( session_id() === "" ){`
	`57`	`+ if ( session_id() !== "" ){`
`58`	`58`	`if ( ! isset( $_SESSION[ $this->key ] ) ){`
`59`	`59`	`$_SESSION[ $this->key ] = sha1( serialize( $_SERVER ) . rand( 0, 0xffffffff ) );`
`60`	`60`	`}`