| Summary | checkRequestToken in Horde.php -> all tokens are only valid for 0min |
| Queue | Horde Framework Packages |
| Queue Version | FRAMEWORK_3 |
| Type | Bug |
| State | Resolved |
| Priority | 2. Medium |
| Owners | chuck (at) horde (dot) org |
| Requester | harakiri_23 (at) yahoo (dot) com |
| Created | 12/05/2008 (6174 days ago) |
| Due | |
| Updated | 12/08/2008 (6171 days ago) |
| Assigned | |
| Resolved | 12/08/2008 (6171 days ago) |
| Github Issue Link | |
| Github Pull Request | |
| Milestone | |
| Patch | No |
Assigned to Chuck Hagenbuch
Summary ⇒ checkRequestToken in Horde.php -> all tokens are only valid for 0min
State ⇒ Resolved
Priority ⇒ 2. Medium
http://cvs.horde.org/diff.php/framework/Horde/Horde.php?r1=1.697&r2=1.698&ty=u
Priority ⇒ 3. High
Patch ⇒ No
Milestone ⇒
Queue ⇒ Horde Framework Packages
Summary ⇒ checkRequestToken in Horde.php -> all tokens are only valid for 0min
Type ⇒ Bug
State ⇒ Unconfirmed
paranthesis are missing :
instead of
if ($_SESSION['horde_form_secrets'][$token] +
$GLOBALS['conf']['urls']['token_lifetime'] * 60 < time()) {
return PEAR::raiseError(sprintf(_("This request cannot be
completed because the link you followed or the form you submitted was
only valid for %s minutes"),
$GLOBALS['conf']['urls']['token_lifetime']));
}
it should be
if (($_SESSION['horde_form_secrets'][$token] +
$GLOBALS['conf']['urls']['token_lifetime']) * 60 < time()) {
return PEAR::raiseError(sprintf(_("This request cannot be
completed because the link you followed or the form you submitted was
only valid for %s minutes"),
$GLOBALS['conf']['urls']['token_lifetime']));
}
no matter which setting you chose for token_lifetime - it will always
complain about that the link is no longer valid.