AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Remove CSRF check

This commit is contained in:
johnnyq 2025-10-09 18:11:16 -04:00
parent 2c534d4d20
commit d122d90a47
1 changed files with 0 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
setup/index.php
View File

@ -126,15 +126,8 @@ if (isset($_POST['add_database'])) {
}
<?php
if (isset($_POST['restore'])) {
// ---------- Optional CSRF check (requires a hidden "csrf" in your restore form) ----------
if (!hash_equals($_SESSION['csrf'] ?? '', $_POST['csrf'] ?? '')) {
http_response_code(403);
exit("Invalid CSRF token.");
}
// ---------- Inline helpers (guarded) ----------
if (!function_exists('recursiveCopy')) {
function recursiveCopy(string $src, string $dst): void {