AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-11 08:14:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

Vendors: Add missing CSRF, need to update the permissions as a vendor can be client or global and permissions need to be set based off if the referal url has client_id or not

Browse Source
This commit is contained in:
johnnyq
2026-03-02 17:20:00 -05:00
parent 7e515afb79
commit 5b49908438
9 changed files with 65 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
agent/modals/vendor/vendor_export.php vendored
View File

@@ -15,6 +15,7 @@ ob_start();
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
<input type="hidden" name="client_id" value="<?= $client_id ?>">
<div class="modal-body">