Commit 55a8ff64 authored by Richard Mansfield's avatar Richard Mansfield

log out users with incorrect json sesskey

parent 63de4a81
......@@ -176,10 +176,10 @@ if (!get_config('installed')
}
if (defined('JSON')) {
$sesskey = param_variable('sesskey');
$sesskey = param_variable('sesskey', null);
global $USER;
if ($sesskey === null || $USER->get('sesskey') != $sesskey) {
redirect(get_config('wwwroot'));
$USER->logout();
}
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment