diff options
Diffstat (limited to 'core/Plugin/Controller.php')
-rw-r--r-- | core/Plugin/Controller.php | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/core/Plugin/Controller.php b/core/Plugin/Controller.php index 43e385f263..b65823be58 100644 --- a/core/Plugin/Controller.php +++ b/core/Plugin/Controller.php @@ -828,7 +828,9 @@ abstract class Controller */ protected function checkTokenInUrl() { - if (Common::getRequestVar('token_auth', false) != Piwik::getCurrentUserTokenAuth()) { + $requestTokenAuth = Common::getRequestVar('token_auth', false); + $currentUserTokenAuth = Piwik::getCurrentUserTokenAuth(); + if ($requestTokenAuth !== $currentUserTokenAuth) { throw new NoAccessException(Piwik::translate('General_ExceptionInvalidToken')); } } |