Browse Source

Avoid leaking tokens

Nathaniel van Diepen 3 years ago
parent
commit
c418cd46ba
1 changed files with 2 additions and 2 deletions
  1. 2 2
      lib/security.php

+ 2 - 2
lib/security.php

@@ -112,7 +112,7 @@
 						$_SESSION['secret_key'] = $u['secret_key'];
 						$r = true;
 					}else{
-						$r = __("Token didn't match ").$u['secret_key'];
+						$r = __("Token didn't match");
 					}
 				break;
 				default:
@@ -273,4 +273,4 @@
 		$finalhash = pack("H*", sha1($firsthash.$salt));
 		return "$".base64_encode($salt)."$".base64_encode($finalhash);
 	}
-?>
+?>