• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
CSRF Message

#1
[eluser]nuclearmaker[/eluser]
its really weird to show CSRF message to non geek/old people/normal user right?
""
so any idea?

instead

Code:
public function csrf_show_error()
{
  show_error('The action you have requested is not allowed.');
}

what if we do something like this



Code:
public function csrf_show_error()
{
  $url = (!empty($_SERVER['HTTPS'])) ? "https://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'] : "http://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'];
  
  header('Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0');
        header("Location: $url");
        exit();
}
}


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.