|
@@ -175,14 +175,13 @@ function verify_csrf($method, $return = false)
|
|
|
{
|
|
{
|
|
|
if ($method['token'] !== $_SESSION['token'] || empty($method['token']) || empty($_SESSION['token'])) {
|
|
if ($method['token'] !== $_SESSION['token'] || empty($method['token']) || empty($_SESSION['token'])) {
|
|
|
if ($return === true) {
|
|
if ($return === true) {
|
|
|
- return false;
|
|
|
|
|
- } else {
|
|
|
|
|
- header('Location: /login/');
|
|
|
|
|
- die();
|
|
|
|
|
- }
|
|
|
|
|
|
|
+ return false;
|
|
|
} else {
|
|
} else {
|
|
|
- return true;
|
|
|
|
|
|
|
+ header('Location: /login/');
|
|
|
|
|
+ die();
|
|
|
}
|
|
}
|
|
|
|
|
+ } else {
|
|
|
|
|
+ return true;
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
|
|
|
|
@@ -463,4 +462,4 @@ function backendtpl_with_webdomains()
|
|
|
function validate_password($password)
|
|
function validate_password($password)
|
|
|
{
|
|
{
|
|
|
return preg_match('/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(.){8,}$/', $password);
|
|
return preg_match('/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(.){8,}$/', $password);
|
|
|
-}
|
|
|
|
|
|
|
+}
|
Jaap Marcus