diff options
Diffstat (limited to 'includes/specials/SpecialUserlogin.php')
-rw-r--r-- | includes/specials/SpecialUserlogin.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/includes/specials/SpecialUserlogin.php b/includes/specials/SpecialUserlogin.php index 01dc9a1c..0e5baa2d 100644 --- a/includes/specials/SpecialUserlogin.php +++ b/includes/specials/SpecialUserlogin.php @@ -1114,9 +1114,9 @@ class LoginForm extends SpecialPage { */ public static function setLoginToken() { global $wgRequest; - // Use User::generateToken() instead of $user->editToken() + // Generate a token directly instead of using $user->editToken() // because the latter reuses $_SESSION['wsEditToken'] - $wgRequest->setSessionData( 'wsLoginToken', User::generateToken() ); + $wgRequest->setSessionData( 'wsLoginToken', MWCryptRand::generateHex( 32 ) ); } /** @@ -1140,7 +1140,7 @@ class LoginForm extends SpecialPage { */ public static function setCreateaccountToken() { global $wgRequest; - $wgRequest->setSessionData( 'wsCreateaccountToken', User::generateToken() ); + $wgRequest->setSessionData( 'wsCreateaccountToken', MWCryptRand::generateHex( 32 ) ); } /** |