add current dev version (WIP)

[GitHub/Stricted/Domain-Control-Panel.git] / lib / system / User.class.php

diff --git a/lib/system/User.class.php b/lib/system/User.class.php
index baa0d18b3b1f0209ea2a3628c9a9ed96e8ae8b98..17d02d0ddd09946326eac906093933675f9fe5c6 100644 (file)
--- a/lib/system/User.class.php
+++ b/lib/system/User.class.php
@@ -73,7 +73,7 @@ class User {
                                DNS::getSession()->register('username', $row["username"]);
                                DNS::getSession()->register('userID', $row["userID"]);
                                DNS::getSession()->register('status', intval($row["status"]));
-                               
+                               DNS::getSession()->register('csrf_token', DNS::generateRandomID());
                                return true;
                        }
                }
@@ -81,6 +81,10 @@ class User {
                return false;
        }
        
+       public static function getSecurityToken () {
+               return DNS::getSession()->csrf_token;
+       }       
+       
        /**
         * login the user
         *
@@ -98,6 +102,7 @@ class User {
                                DNS::getSession()->register('username', $row["username"]);
                                DNS::getSession()->register('userID', $row["userID"]);
                                DNS::getSession()->register('status', intval($row["status"]));
+                               DNS::getSession()->register('csrf_token', DNS::generateRandomID());
                                
                                if ($remember === true) {
                                        $sha1UserID = sha1($row["userID"]);