AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-02-28 02:44:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fixed a vulnerability in the setup.php file and other code cleanups. Thanks to the person that wishes to remain anonymous for reporting and providing a patch Also added a notice to readme to not use this web app during beta for production use

Browse Source
This commit is contained in:
johnnyq
2022-01-01 17:02:31 -05:00
parent a70105e731
commit cf3c0a6410
6 changed files with 68 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
login.php
View File

@@ -2,14 +2,11 @@
if(!file_exists('config.php')){
header("Location: setup.php");
exit;
}
?>
<?php include("config.php"); ?>
<?php include("functions.php"); ?>
<?php
include("config.php");
include("functions.php");
//SESSION FINGERPRINT
$ip = strip_tags(mysqli_real_escape_string($mysqli,get_ip()));
@@ -19,10 +16,6 @@ $browser = strip_tags(mysqli_real_escape_string($mysqli,get_web_browser()));
$user_agent = "$os - $browser";
?>
<?php
session_start();
if(isset($_POST['login'])){