Skip to content

Commit

Permalink
Default expiry date on form tokens
Browse files Browse the repository at this point in the history
  • Loading branch information
@Crecket
Crecket committed Mar 14, 2016
1 parent 9386296 commit 455904f
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 2 deletions.
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ Returns the decryped output as a string using [defuse/php-encryption](https://gi
### encrypt($input, $key = false)
Encrypt a string, if no key is given one will be generated for you (Recommended) using [defuse/php-encryption](https://github.com/defuse/php-encryption)'s library.

### getFormToken('form_token_id', $_POST['form_token'], $limit = false)
### getFormToken('form_token_id', $form_token, $limit = 300)
Verify a form token for the given id. The $limit is optional andm ust be given in seconds, if the limit is 300 and the token is used after 300 seconds it will be considered invalid.

### password_hash($password)
Expand Down
3 changes: 2 additions & 1 deletion src/SecureFuncs.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ public static function encrypt($input, $key = false)
* @param $limit_time
* @return md5hash
*/
public static function getFormToken($id, $token, $limit_time = false)
public static function getFormToken($id, $token, $limit_time = 300)
{
$valid = false;
// Check if isset
Expand All @@ -74,6 +74,7 @@ public static function getFormToken($id, $token, $limit_time = false)
}
}
unset($_SESSION['formtoken'][$id]);
unset($_SESSION['formtoken_time'][$id]);
return $valid;
}

Expand Down

0 comments on commit 455904f

Please sign in to comment.