mirror of
https://github.com/itflow-org/itflow
synced 2026-03-01 03:14:52 +00:00
Budget - CSRF + Perms
This commit is contained in:
@@ -2,6 +2,8 @@
|
||||
|
||||
require_once "inc_all.php";
|
||||
|
||||
enforceUserPermission('module_financial', 2);
|
||||
|
||||
// Fetch categories
|
||||
$query = "SELECT category_id, category_name FROM categories WHERE category_type ='Expense' AND category_archived_at IS NULL";
|
||||
$result = mysqli_query($mysqli, $query);
|
||||
@@ -52,6 +54,8 @@ $grandTotal = 0;
|
||||
</form>
|
||||
<form id="budgetForm" method="POST" action="post.php">
|
||||
<input type="hidden" name="year" value="<?php echo $currentYear; ?>">
|
||||
<input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
|
||||
|
||||
<table class="table table-bordered table-striped">
|
||||
<thead>
|
||||
<tr>
|
||||
|
||||
Reference in New Issue
Block a user