moodle/moodle
3
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-08-06 01:16:44 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
moodle/lib/classes/session
History
Damyon Wiese 6dfe428363 MDL-63183 auth: Login protection 
CSRF protection for the login form. The authenticate_user_login function was
extended to validate the token (in \core\session\manager) but by default it
does not perform the extra validation. Existing uses of this function from
auth plugins and features like "change password" will continue to work without
changes. New config value $CFG->disablelogintoken can bypass this check.
2018-11-07 00:14:48 +01:00
..
database.php MDL-46561 session: use full session validation in \core\session\manager::session_exists() 2014-08-07 08:59:24 +12:00
exception.php
file.php MDL-46561 session: use full session validation in \core\session\manager::session_exists() 2014-08-07 08:59:24 +12:00
handler.php MDL-46561 session: use full session validation in \core\session\manager::session_exists() 2014-08-07 08:59:24 +12:00
manager.php MDL-63183 auth: Login protection 2018-11-07 00:14:48 +01:00
memcached.php MDL-63329 core: Remove memcache session support 2018-09-12 08:15:35 +08:00
redis.php MDL-63050 redis: Make session check compatible with Redis 4.0 2018-08-02 10:57:53 +08:00