From 1ec271f9f9c0b17ecbee789c99350d2df0f4df5b Mon Sep 17 00:00:00 2001
From: AlexSheer <alex_sheer@inbox.lv>
Date: Mon, 6 May 2019 12:06:35 +0300
Subject: [PATCH] Update index.php

---
 index.php | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/index.php b/index.php
index 60e2b36..37ef278 100644
--- a/index.php
+++ b/index.php
@@ -98,6 +98,7 @@
 	// No active session?
 	if (!$stk_session)
 	{
+		add_form_key('stk_login_form', '_LOGIN');
 		// We're trying to login
 		if (isset($_POST['login']))
 		{
@@ -106,11 +107,10 @@
 				// Make sure that we do not have an stk_last_login cache file (expires after 3 seconds).  To prevent a bruteforce attack
 				$err_msg = 'STK_LOGIN_WAIT';
 			}
-/*			else if (!check_form_key('stk_login_form'))
+			else if (!check_form_key('stk_login_form'))
 			{
 				$err_msg = 'FORM_INVALID';
 			}
-*/
 			else
 			{
 				// Create a hash of the given token to compare the password
@@ -138,8 +138,6 @@
 		// Still no session. Make the user happy and show him something to work with
 		if (!$stk_session)
 		{
-			add_form_key('stk_login_form');
-
 			$template->assign_vars(array(
 				// Password field related
 				'TITLE'			=> $lang['SUPPORT_TOOL_KIT_PASSWORD'],