From: Tim Düsterhus <duesterhus@woltlab.com>
Date: Mon, 8 Aug 2022 08:54:57 +0000 (+0200)
Subject: Remove the `SECURITY_TOKEN` PHP constants
X-Git-Tag: 6.0.0_Alpha_1~1062^2
X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=011293191d36552a12c801247297410c188e9030;p=GitHub%2FWoltLab%2FWCF.git

Remove the `SECURITY_TOKEN` PHP constants

These are trivially replaced by the `{csrfToken}` template tag which was
backported all the way to 5.2.

see #3612
---

diff --git a/wcfsetup/install/files/lib/system/session/SessionHandler.class.php b/wcfsetup/install/files/lib/system/session/SessionHandler.class.php
index 8967a4e670..3accd7342d 100644
--- a/wcfsetup/install/files/lib/system/session/SessionHandler.class.php
+++ b/wcfsetup/install/files/lib/system/session/SessionHandler.class.php
@@ -400,8 +400,6 @@ final class SessionHandler extends SingletonFactory
      */
     public function initSession()
     {
-        $this->defineConstants();
-
         // assign language
         $this->languageID = $this->getVar('languageID') ?: $this->user->languageID;
 
@@ -428,23 +426,6 @@ final class SessionHandler extends SingletonFactory
         $this->disableTracking = true;
     }
 
-    /**
-     * Defines global wcf constants related to session.
-     */
-    protected function defineConstants()
-    {
-        // security token
-        if (!\defined('SECURITY_TOKEN')) {
-            \define('SECURITY_TOKEN', $this->getSecurityToken());
-        }
-        if (!\defined('SECURITY_TOKEN_INPUT_TAG')) {
-            \define(
-                'SECURITY_TOKEN_INPUT_TAG',
-                '<input type="hidden" name="t" class="xsrfTokenInput" value="NOT_MODIFIED">'
-            );
-        }
-    }
-
     /**
      * Initializes security token.
      */