From f3cc2c3985d20b9d7c75998ad100cacf5cad5789 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 21 May 2015 05:32:26 -0400
Subject: [PATCH] - session removal fix (csrf)

---
 interface/lib/classes/tform.inc.php |    8 ++++++--
 1 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/interface/lib/classes/tform.inc.php b/interface/lib/classes/tform.inc.php
index 94f72c0..d0bb7d1 100644
--- a/interface/lib/classes/tform.inc.php
+++ b/interface/lib/classes/tform.inc.php
@@ -680,11 +680,13 @@
 			}
 			if($_csrf_valid !== true) {
 				$app->log('CSRF attempt blocked. Referer: ' . (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : 'unknown'), LOGLEVEL_WARN);
+				$errmsg = 'err_csrf_attempt_blocked';
+				$this->errorMessage .= ($api == true ? $errmsg : $this->wordbook[$errmsg]."<br />") . "\r\n";
 				unset($_POST);
 				unset($record);
 			}
-			$_SESSION['_csrf'][$_csrf_id] = ' ';
-			$_SESSION['_csrf_timeout'][$_csrf_id] = ' ';
+			$_SESSION['_csrf'][$_csrf_id] = null;
+			$_SESSION['_csrf_timeout'][$_csrf_id] = null;
 			unset($_SESSION['_csrf'][$_csrf_id]);
 			unset($_SESSION['_csrf_timeout'][$_csrf_id]);
 			
@@ -694,6 +696,8 @@
 					if($timeout < time()) $to_unset[] = $_csrf_id;
 				}
 				foreach($to_unset as $_csrf_id) {
+					$_SESSION['_csrf'][$_csrf_id] = null;
+					$_SESSION['_csrf_timeout'][$_csrf_id] = null;
 					unset($_SESSION['_csrf'][$_csrf_id]);
 					unset($_SESSION['_csrf_timeout'][$_csrf_id]);
 				}

--
Gitblit v1.9.1