Commit 55a8ff64 authored by Richard Mansfield's avatar Richard Mansfield
Browse files

log out users with incorrect json sesskey

parent 63de4a81
...@@ -176,10 +176,10 @@ if (!get_config('installed') ...@@ -176,10 +176,10 @@ if (!get_config('installed')
} }
if (defined('JSON')) { if (defined('JSON')) {
$sesskey = param_variable('sesskey'); $sesskey = param_variable('sesskey', null);
global $USER; global $USER;
if ($sesskey === null || $USER->get('sesskey') != $sesskey) { if ($sesskey === null || $USER->get('sesskey') != $sesskey) {
redirect(get_config('wwwroot')); $USER->logout();
} }
} }
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment