From f72ec8f68513da6f407b943b099d274945d16f21 Mon Sep 17 00:00:00 2001 From: David Todd Date: Mon, 20 Oct 2014 20:36:15 -0500 Subject: [PATCH] Make generated tokens expire now. These don't do anything other than slow down the requests by a little bit. They store no information and are not needed. --- Website/Include/PHP/token.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/Website/Include/PHP/token.php b/Website/Include/PHP/token.php index 21420ea..2e2af2e 100644 --- a/Website/Include/PHP/token.php +++ b/Website/Include/PHP/token.php @@ -12,6 +12,8 @@ } } while(1); - $redis->set("tokens:$token", 0); // Store the token forever, when set to 1, don't allow token to be used anymore. + $now = time(null); + $redis->set("tokens:$token", 0); // Store the token, when set to 1, don't allow token to be used anymore. + $redis->expire("tokens:$token", $now+60) // Expire the token after 1 minute on the server $_SESSION['token'] = $token; -?> \ No newline at end of file +?>