Require CSRF token to edit Stripe settings - thanks to @stehled

This commit is contained in:
Marcus Hill
2023-11-25 16:36:05 +00:00
parent c1d0a2368d
commit 432488eca3
2 changed files with 4 additions and 2 deletions

View File

@@ -331,6 +331,7 @@ if (isset($_GET['generate_cron_key'])) {
if (isset($_POST['edit_online_payment_settings'])) {
validateCSRFToken($_POST['csrf_token']);
validateAdminRole();
$config_stripe_enable = intval($_POST['config_stripe_enable']);