From 85d000e7920ec5ab56bc33e2e4b2d86036fee830 Mon Sep 17 00:00:00 2001
From: Mario <mario@mariovavti.com>
Date: Thu, 18 Mar 2021 19:51:30 +0000
Subject: air: revert min_livetime of the form security token - it has had its
 issues and air can be configured for delayed registration verification

---
 include/security.php | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/include/security.php b/include/security.php
index 4643de105..f433f8094 100644
--- a/include/security.php
+++ b/include/security.php
@@ -592,10 +592,9 @@ function check_form_security_token($typename = '', $formname = 'form_security_to
 	$hash = $_REQUEST[$formname];
 
 	$max_livetime = 10800; // 3 hours
-	$min_livetime = 3; // 3 sec
 
 	$x = explode('.', $hash);
-	if (time() > (IntVal($x[0]) + $max_livetime) || time() < (IntVal($x[0]) + $min_livetime))
+	if (time() > (IntVal($x[0]) + $max_livetime))
 		return false;
 
 	$sec_hash = hash('whirlpool', App::$observer['xchan_guid'] . ((local_channel()) ? App::$channel['channel_prvkey'] : '') . session_id() . $x[0] . $typename);
-- 
cgit v1.2.3