From 1abd8c271a758d1b0ec5be57546fd0c988f26643 Mon Sep 17 00:00:00 2001
From: Dennis Eichhorn <spl1nes.com@googlemail.com>
Date: Sun, 27 Dec 2015 11:48:07 +0100
Subject: [PATCH] Fixing csrf generation process

---
 DataStorage/Session/HttpSession.php | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/DataStorage/Session/HttpSession.php b/DataStorage/Session/HttpSession.php
index ec3ab676b..d27a40f44 100644
--- a/DataStorage/Session/HttpSession.php
+++ b/DataStorage/Session/HttpSession.php
@@ -64,8 +64,11 @@ class HttpSession implements SessionInterface
         $this->sid = session_id();
         session_write_close();
 
-        $CSRF = StringUtils::generateString(10, 16);
-        $this->set('CSRF', $CSRF, false);
+        if(($CSRF = $this->get('CSRF')) === null) {
+            $CSRF = StringUtils::generateString(10, 16);
+            $this->set('CSRF', $CSRF, false);
+        }
+
         UriFactory::setQuery('$CSRF', $CSRF);
     }