From 0df5c01bb75578675b2e5f0773b5b93f7bbc0ff2 Mon Sep 17 00:00:00 2001
From: Marcus Hill <bcf8c9f2@opayq.com>
Date: Sun, 11 May 2025 12:25:13 +0100
Subject: [PATCH] Project - Require CSRF token to delete a project

---
 post/user/project.php | 3 +++
 project_details.php   | 2 +-
 projects.php          | 2 +-
 3 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/post/user/project.php b/post/user/project.php
index 75450b1f..39e5d618 100644
--- a/post/user/project.php
+++ b/post/user/project.php
@@ -170,6 +170,9 @@ if (isset($_GET['delete_project'])) {
 
     enforceUserPermission('module_support', 3);
 
+    // CSRF Check
+    validateCSRFToken($_GET['csrf_token']);
+
     $project_id = intval($_GET['delete_project']);
 
     // Get Project Name and Client ID for logging
diff --git a/project_details.php b/project_details.php
index eae26b9e..4157c230 100644
--- a/project_details.php
+++ b/project_details.php
@@ -259,7 +259,7 @@ if (isset($_GET['project_id'])) {
                             <?php } ?>
                             <?php if (!empty($project_archived_at) && lookupUserPermission("module_support" >= 3)) { ?>
                                 <div class="dropdown-divider"></div>
-                                <a class="dropdown-item text-danger confirm-link" href="post.php?delete_project=<?php echo $project_id; ?>">
+                                <a class="dropdown-item text-danger confirm-link" href="post.php?delete_project=<?php echo $project_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
                                     <i class="fas fa-fw fa-trash mr-2"></i>Delete
                                 </a>
                             <?php } ?>
diff --git a/projects.php b/projects.php
index 9057747e..7df64258 100644
--- a/projects.php
+++ b/projects.php
@@ -320,7 +320,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli, "SELECT FOUND_ROWS()"));
                                             </a>
                                             <?php if (lookupUserPermission("module_support" >= 3)) { ?>
                                                 <div class="dropdown-divider"></div>
-                                                <a class="dropdown-item text-danger confirm-link" href="post.php?delete_project=<?php echo $project_id; ?>">
+                                                <a class="dropdown-item text-danger confirm-link" href="post.php?delete_project=<?php echo $project_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">
                                                     <i class="fas fa-fw fa-archive mr-2"></i>Delete
                                                 </a>
                                             <?php } ?>