These are the values that the code is using when the error is trigerred
$timestamp 1540839336
Wednesday, October 31, 2018 3:00:19 PM GMT-04:00 DST
$old_token_date 1540839512
Your time zone: Monday, October 29, 2018 2:58:32 PM GMT-04:00 DST
$now 1541012312
Your time zone: Wednesday, October 31, 2018 2:58:32 PM GMT-04:00 DST
if (empty($max_token_age_days)) $max_token_age_days = 2;
$old_token_date = $now - ($max_token_age_days * 86400);
if ($timestamp < $old_token_date)
{
if (!$show_error) return FALSE;
// logout_error(_("S The current page request appears to have
originated from an untrusted source."));
logout_error(_("S The current page request $timestamp and
$old_token_date and $now."));
exit;
If $old_token_date and $timestamp are both integers then I cannot see
how this comparison if ($timestamp < $old_token_date) is passing. Is
there something that I am missing here?
--
*** e-Mail is NOT a SECURE channel ***
Do NOT transmit sensitive data via e-Mail
Do NOT open attachments nor follow links sent by e-Mail
James B. Byrne mailto:[email protected]
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3
-----
squirrelmail-users mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: [email protected]
List archives: http://news.gmane.org/gmane.mail.squirrelmail.user
List info (subscribe/unsubscribe/change options):
https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
