From 00648c4f7b5c381187cfdf83c90bc9c3020ec72b Mon Sep 17 00:00:00 2001
From: David Coutadeur <david.coutadeur@worteks.com>
Date: Mon, 13 Jan 2025 16:13:41 +0100
Subject: [PATCH] fix missing token after form fail (#1038)

---
 htdocs/sendtoken.php | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/htdocs/sendtoken.php b/htdocs/sendtoken.php
index a0386867..efc6f85e 100644
--- a/htdocs/sendtoken.php
+++ b/htdocs/sendtoken.php
@@ -69,11 +69,9 @@
 # Check tokenform
 #==============================================================================
 
-$check_tokenform = false;
 if ( !$result ) {
     $formtoken = strval($_REQUEST["formtoken"]);
     $result = $sspCache->verify_form_token($formtoken);
-    $check_tokenform = true;
 }
 
 #==============================================================================
@@ -164,11 +162,11 @@
 
 #==============================================================================
 # if:
-#  * form token has been checked previously (and thus erased) and
+#  * this is not the first time we load this form (not emptysendtokenform), and
 #  * something bad happened (bad captcha,...)
 # regenerate a form token
 #==============================================================================
-if( $check_tokenform && $result != "" )
+if( $result != "emptysendtokenform" && $result != "" )
 {
     $formtoken = $sspCache->generate_form_token($cache_form_expiration);
 }