mirror of
https://github.com/the-djmaze/snappymail.git
synced 2024-09-20 07:35:55 +08:00
Resolve #1754
This commit is contained in:
parent
bd2ffe5078
commit
a6ff022c0e
|
@ -100,14 +100,14 @@ class ServiceActions
|
||||||
if ($_SERVER['HTTP_X_SM_TOKEN'] !== $token) {
|
if ($_SERVER['HTTP_X_SM_TOKEN'] !== $token) {
|
||||||
$oAccount = $this->oActions->getAccountFromToken(false);
|
$oAccount = $this->oActions->getAccountFromToken(false);
|
||||||
$sEmail = $oAccount ? $oAccount->Email() : 'guest';
|
$sEmail = $oAccount ? $oAccount->Email() : 'guest';
|
||||||
$this->oActions->logWrite("{$_SERVER['HTTP_X_SM_TOKEN']} !== {$token} for {$sEmail}", \LOG_ERROR, 'Token');
|
$this->oActions->logWrite("{$_SERVER['HTTP_X_SM_TOKEN']} !== {$token} for {$sEmail}", \LOG_ERR, 'Token');
|
||||||
throw new Exceptions\ClientException(Notifications::InvalidToken, null, 'HTTP Token mismatch');
|
throw new Exceptions\ClientException(Notifications::InvalidToken, null, 'HTTP Token mismatch');
|
||||||
}
|
}
|
||||||
} else if ($this->oHttp->IsPost()) {
|
} else if ($this->oHttp->IsPost()) {
|
||||||
if (empty($_POST['XToken']) || $_POST['XToken'] !== $token) {
|
if (empty($_POST['XToken']) || $_POST['XToken'] !== $token) {
|
||||||
$oAccount = $this->oActions->getAccountFromToken(false);
|
$oAccount = $this->oActions->getAccountFromToken(false);
|
||||||
$sEmail = $oAccount ? $oAccount->Email() : 'guest';
|
$sEmail = $oAccount ? $oAccount->Email() : 'guest';
|
||||||
$this->oActions->logWrite("{$_POST['XToken']} !== {$token} for {$sEmail}", \LOG_ERROR, 'XToken');
|
$this->oActions->logWrite("{$_POST['XToken']} !== {$token} for {$sEmail}", \LOG_ERR, 'XToken');
|
||||||
throw new Exceptions\ClientException(Notifications::InvalidToken, null, 'XToken mismatch');
|
throw new Exceptions\ClientException(Notifications::InvalidToken, null, 'XToken mismatch');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue