Remove the `SECURITY_TOKEN` PHP constants

These are trivially replaced by the `{csrfToken}` template tag which was
backported all the way to 5.2.

see #3612

diff --git a/wcfsetup/install/files/lib/system/session/SessionHandler.class.php b/wcfsetup/install/files/lib/system/session/SessionHandler.class.php
index 8967a4e670ac763925a9bdfb976d2966a67a8164..3accd7342d202ee8c91f455ca90a7474b772f7b5 100644 (file)
--- a/wcfsetup/install/files/lib/system/session/SessionHandler.class.php
+++ b/wcfsetup/install/files/lib/system/session/SessionHandler.class.php
@@ -400,8 +400,6 @@ final class SessionHandler extends SingletonFactory
      */
     public function initSession()
     {
-        $this->defineConstants();
-
         // assign language
         $this->languageID = $this->getVar('languageID') ?: $this->user->languageID;
 
@@ -428,23 +426,6 @@ final class SessionHandler extends SingletonFactory
         $this->disableTracking = true;
     }
 
-    /**
-     * Defines global wcf constants related to session.
-     */
-    protected function defineConstants()
-    {
-        // security token
-        if (!\defined('SECURITY_TOKEN')) {
-            \define('SECURITY_TOKEN', $this->getSecurityToken());
-        }
-        if (!\defined('SECURITY_TOKEN_INPUT_TAG')) {
-            \define(
-                'SECURITY_TOKEN_INPUT_TAG',
-                '<input type="hidden" name="t" class="xsrfTokenInput" value="NOT_MODIFIED">'
-            );
-        }
-    }
-
     /**
      * Initializes security token.
      */