AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-11 00:04:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Invoice: Add missing CSRF checks and missing permissions

Browse Source
This commit is contained in:
johnnyq
2026-03-01 22:22:21 -05:00
parent 2c47001b19
commit 4440581f14
10 changed files with 85 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
agent/modals/invoice/invoice_add.php
View File

@@ -14,6 +14,7 @@ ob_start();
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
<div class="modal-body">