AS1024/Kanboard-Prod
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add missing CSRF check on avatar upload form

Browse Source
This commit is contained in:
Frédéric Guillot
2018-01-29 13:14:33 -08:00
parent 357316cdf9
commit 90984d6bb9
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
app/Controller/AvatarFileController.php
View File

@@ -30,6 +30,7 @@ class AvatarFileController extends BaseController
*/
public function upload()
{
$this->checkCSRFParam();
$user = $this->getUser();
if (! $this->avatarFileModel->uploadImageFile($user['id'], $this->request->getFileInfo('avatar'))) {