'token-salt-debug-ok'

郭成尧
Commit fec0a614f465e82b7312be4bc6cd446aa9a5b7e4 1 parent d4c3f682
Showing 1 changed file with 2 additions and 4 deletions
library/Action/AbstractAction.php
--- a/library/Action/AbstractAction.php
View file @fec0a61
+++ b/library/Action/AbstractAction.php
View file @fec0a61
@@ -354,7 +354,6 @@ class AbstractAction extends Controller_Abstract
             $useSession = false;
         }
         //$useSession = false;
- 
         if (!$this->_uid) {
             $cookie = $this->getCookie('_UID');
             // 兼容老的
@@ -363,10 +362,9 @@ class AbstractAction extends Controller_Abstract
                 $cookieList[1] = intval(Encryption::decrypt($cookieList[1]));
                 if (isset($cookieList[1]) && $cookieList[1]) {
                     if ($useSession) {
-                         $token = $cookieList[3];
+                         $token = $this->getCookie('_TOKEN');
                         $salt = substr($token, -8);
- 
-                         if ($token === Helpers::makeToken($cookieList[1] . $salt)) {
+                         if ($cookieList[3] === Helpers::makeToken($cookieList[1] . $salt)) {
                             $this->_uid = $cookieList[1];
                         }
                     } else {