AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-11 00:04:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add missing CSRF Checks in admin area and settings

Browse Source
This commit is contained in:
johnnyq
2026-03-02 22:15:36 -05:00
parent 6da8821f2c
commit 918b40afbe
48 changed files with 160 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
admin/post/settings_company.php
View File

@@ -54,6 +54,8 @@ if (isset($_POST['edit_company'])) {
if (isset($_GET['remove_company_logo'])) {
validateCSRFToken($_GET['csrf_token']);
$sql = mysqli_query($mysqli,"SELECT company_logo FROM companies");
$row = mysqli_fetch_assoc($sql);
$company_logo = $row['company_logo']; // FileSystem Operation Logo is already sanitized