修复CSRF保护措施绕过漏洞 · de68bca7d1 - DedeCMSv5 - 这里写：项目代码托管平台

修复CSRF保护措施绕过漏洞

master

tianya 4 years ago

parent

435c2a4b0d

commit

de68bca7d1

1 changed files with 1 additions and 1 deletions

Unified View

							
								+ 1
								
								- 1
							
src/dede/config.phpView File
								
																@@ -64,7 +64,7 @@ function csrf_check()
															
																{
																
																{
															
																    global $token;
																
																    global $token;
															
																    if(!isset($token) || strcasecmp($token, $_SESSION['token']) != 0){
																
																    if(!isset($token) || strcasecmp($token, $_SESSION['token']) !== 0){
															
																        echo '<a href="http://bbs.dedecms.com/907721.html">DedeCMS:CSRF Token Check Failed!</a>';
																
																        echo '<a href="http://bbs.dedecms.com/907721.html">DedeCMS:CSRF Token Check Failed!</a>';
															
																        exit;
																
																        exit;
															
																    }
																
																    }