Ignore:
Timestamp:
2011/05/18 06:01:16 (13 years ago)
Author:
Seasoft
Message:

#1310 (トランザクションID周りの冗長な処理を改善する)

File:
1 edited

Legend:

Unmodified
Added
Removed

  • branches/version-2_11-dev/data/class/helper/SC_Helper_Session.php

    r20764 r20933  
    187187     */ 
    188188    function isValidToken($is_unset = false) { 
    189  
    190         $checkToken = ""; 
    191  
    192         // $_POST の値を優先する 
    193         if (isset($_POST[TRANSACTION_ID_NAME])) { 
    194  
    195             $checkToken = $_POST[TRANSACTION_ID_NAME]; 
    196         } elseif (isset($_GET[TRANSACTION_ID_NAME])) { 
    197  
    198             $checkToken = $_GET[TRANSACTION_ID_NAME]; 
    199         } 
    200  
    201         $ret = false; 
    202189        // token の妥当性チェック 
    203         if ($checkToken === $_SESSION[TRANSACTION_ID_NAME]) { 
    204             $ret = true; 
    205         } 
     190        $ret = $_REQUEST[TRANSACTION_ID_NAME] === $_SESSION[TRANSACTION_ID_NAME]; 
     191 
    206192        if ($is_unset || $ret === false) { 
    207193            SC_Helper_Session_Ex::destroyToken(); 
Note: See TracChangeset for help on using the changeset viewer.