AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-13 17:24:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Recurring Invoice: Add missing CSRF checks and missing permissions in POST

Browse Source
This commit is contained in:
johnnyq
2026-03-01 22:37:51 -05:00
parent 4440581f14
commit f653752026
7 changed files with 59 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
agent/modals/recurring_invoice/recurring_invoice_export.php
View File

@@ -8,6 +8,7 @@
</button>
</div>
<form action="post.php" method="post" autocomplete="off">
<input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?>">
<input type="hidden" name="client_id" value="<?php echo $client_id; ?>">
<div class="modal-body">