Change CSRFP epoch and check if token is empty.

This commit is contained in:
Pachira 2023-07-11 22:11:56 +00:00
parent 4d92459731
commit 31798a6b53
2 changed files with 3 additions and 3 deletions

View file

@ -1 +1 @@
0.2307.112200 0.2307.112211

View file

@ -12,7 +12,7 @@ use Index\Serialisation\Serialiser;
*/ */
class CSRFP { class CSRFP {
private const TOLERANCE = 30 * 60; private const TOLERANCE = 30 * 60;
private const EPOCH = 1682985600; private const EPOCH = 1575158400;
private const HASH_ALGO = 'sha3-256'; private const HASH_ALGO = 'sha3-256';
private const TIMESTAMP_LENGTH = 4; private const TIMESTAMP_LENGTH = 4;
@ -74,7 +74,7 @@ class CSRFP {
* @return bool true if the token is valid, false if not. * @return bool true if the token is valid, false if not.
*/ */
public function verifyToken(string $token, int $tolerance = -1, int $time = -1): bool { public function verifyToken(string $token, int $tolerance = -1, int $time = -1): bool {
if($tolerance === 0) if($tolerance === 0 || empty($token))
return false; return false;
if($tolerance < 0) if($tolerance < 0)
$tolerance = $this->tolerance; $tolerance = $this->tolerance;