Commit 287567c0 authored by Victor Emanouilov's avatar Victor Emanouilov

[FIX] CSRF token check possibility of token expiry time and current time match...

[FIX] CSRF token check possibility of token expiry time and current time match (same second upload of multiple files, for example)
parent 08362d77
Pipeline #50508768 failed with stages
in 27 minutes and 58 seconds
......@@ -501,7 +501,7 @@ class TikiAccessLib extends TikiLib
$ticketTime = $_SESSION['tickets'][$this->ticket];
global $prefs;
$maxTime = $prefs['site_security_timeout'];
if ($ticketTime < time() && $ticketTime > (time() - $maxTime)) {
if ($ticketTime <= time() && $ticketTime > (time() - $maxTime)) {
$this->ticketMatch = true;
} else {
//ticket is expired
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment