mirror/Wallos
1
0
Fork 0
mirror of https://github.com/ellite/Wallos.git synced 2026-04-17 21:50:11 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
Wallos/libs/csrf.php
Miguel Ribeiro 4fd87c3014 fix: session expiration on pwa on android (#1023) 
fix: image search failing to save
2026-03-21 18:05:59 +00:00

24 lines
720 B
PHP
Raw Permalink Blame History

<?php
$secondsInMonth = 30 * 24 * 60 * 60;
if (session_status() === PHP_SESSION_NONE) {
session_set_cookie_params([
'lifetime' => $secondsInMonth,
'httponly' => true,
'samesite' => 'Lax'
]);
session_start();
}
function generate_csrf_token(): string {
if (empty($_SESSION['csrf_token'])) {
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
}
return $_SESSION['csrf_token'];
}
function verify_csrf_token(?string $token): bool {
if (empty($_SESSION['csrf_token']) || empty($token)) return false;
// Use hash_equals to avoid timing attacks
return hash_equals($_SESSION['csrf_token'], $token);
}
Reference in New Issue View Git Blame Copy Permalink