Require CSRF token to edit more admin settings - thanks again to @stehled

2026-03-14 09:44:51 +00:00 · 2023-11-25 18:15:25 +00:00
parent 51ac53dc50
commit 8068cb6081
19 changed files with 54 additions and 10 deletions
--- a/settings_tax_add_modal.php
+++ b/settings_tax_add_modal.php
@@ -8,6 +8,8 @@
        </button>
      </div>
      <form action="post.php" method="post" autocomplete="off">
+        <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
+
        <div class="modal-body bg-white">
          <div class="form-group">
            <label>Name <strong class="text-danger">*</strong></label>
@@ -25,4 +27,4 @@
      </form>
    </div>
  </div>
-</div>
+</div>