revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-18 19:40:55 +01:00
Code Issues Releases Wiki Activity

Use a class constant instead of a hardcoded string

Browse source 
Test Plan: Submitted a form - saw nothing out of ordinary.

Reviewers: #blessed_reviewers

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D13167
This commit is contained in:
Erik Fercak 2015-06-05 07:27:31 -07:00 committed by epriestley
parent 006a877996
commit 5deaeec668
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
src/applications/people/storage/PhabricatorUser.php
View file

@ -355,7 +355,8 @@ final class PhabricatorUser
// discussion in T3684.
$token = $this->getRawCSRFToken();
$hash = PhabricatorHash::digest($token, $salt);
return 'B@'.$salt.substr($hash, 0, self::CSRF_TOKEN_LENGTH);
return self::CSRF_BREACH_PREFIX.$salt.substr(
$hash, 0, self::CSRF_TOKEN_LENGTH);
}
public function validateCSRFToken($token) {