From bc4a8a4d7caa8c94a96f62817c07e4ea200ec91c Mon Sep 17 00:00:00 2001
From: Noah van der Aa <44026893+NoahvdAa@users.noreply.github.com>
Date: Wed, 23 Jan 2019 17:44:04 +0100
Subject: [PATCH] Adding CSRF to file manager

---
 var/www/html/login.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/var/www/html/login.php b/var/www/html/login.php
index 7129f93..53d70f3 100644
--- a/var/www/html/login.php
+++ b/var/www/html/login.php
@@ -53,6 +53,7 @@ if($_SERVER['REQUEST_METHOD']==='POST'){
 	}
 	if($ok){
 		$_SESSION['hosting_username']=$username;
+		$_SESSION['csrf_token']=sha1(uniqid());
 		session_write_close();
 		header('Location: home.php');
 		exit;