chiark / gitweb /
_check_divert_core: Change handling of $parmt=='t'
This can mean that the form parameter refers to a cookie now deleted
from the db: ie one relating to a previous user session.
This is not a bug or (necessariloy) an attack; it might simply mean
that the submission comes from a page generated in a previous login
session.
So handle this case the same way as $parmt=='n' (ie, expired hidden
parameter value). (Double-checked by searching the function beyond
that point for references to parmt.)
Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>