AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-02-28 02:44:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Validate user email before sending welcome message

Browse Source 
- Remove old code from edit_user - we now enforce admin role properly
- Users may only edit their own profiles - enforced via session id rather than role
- Rem ticket views deletion comment - ticket views are cleaned up daily via cron
- Require CSRF Token when adding/removing 2FA and backing up master key
This commit is contained in:
Marcus Hill
2023-01-02 21:06:51 +00:00
parent 1b96f8659e
commit b70052b864
3 changed files with 12 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
settings_backup.php
View File

@@ -18,6 +18,7 @@
<div class="card-body">
<center>
<form action="post.php" method="POST">
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
<div class="input-group col-4">
<div class="input-group-prepend">
<input type="password" class="form-control" placeholder="Enter your account password" name="password" autocomplete="new-password" required>