AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-01 03:14:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

Prevent post pages being accessed directly

Browse Source
This commit is contained in:
wrongecho
2025-01-09 16:09:39 +00:00
parent ec54b28b02
commit a67de7a8f1
91 changed files with 190 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
post/admin/admin_backup.php
View File

@@ -4,6 +4,8 @@
* ITFlow - GET/POST request handler for DB / master key backup
*/
defined('FROM_POST_HANDLER') || die("Direct file access is not allowed");
if (isset($_GET['download_database'])) {
validateCSRFToken($_GET['csrf_token']);