Untitled diff

Created Diff never expires
4 removals
22 lines
7 additions
24 lines
<?php
<?php
protected function getCode() {
protected function getCode() {
if (isset($_REQUEST['code'])) {
$server_info = array_merge($_GET, $_POST, $_COOKIE);
if (isset($server_info['code'])) {
if ($this->state !== null &&
if ($this->state !== null &&
isset($_REQUEST['state']) &&
isset($server_info['state']) &&
$this->state === $_REQUEST['state']) {
$this->state === $server_info['state']) {
// CSRF state has done its job, so clear it
// CSRF state has done its job, so clear it
$this->state = null;
$this->state = null;
$this->clearPersistentData('state');
$this->clearPersistentData('state');
return $_REQUEST['code'];
return $server_info['code'];
} else {
} else {
self::errorLog('CSRF state token does not match one provided.');
self::errorLog('CSRF state token does not match one provided.');
return false;
return false;
}
}
}
}
return false;
return false;
}
}
?>
?>