github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta synced 2025-08-14 18:49:21 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Checking token on adding and deleting favorites

Browse source
This commit is contained in:
myvesta 2021-08-29 16:05:33 +02:00
commit 475fe47984
3 changed files with 11 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

7
web/add/favorite/index.php
View file

@ -7,10 +7,9 @@ session_start();
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Check token
// if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
// header('location: /login/');
// exit();
// }
if ((!isset($_REQUEST['token'])) || ($_SESSION['token'] != $_REQUEST['token'])) {
die("Wrong token");
}
// Protect input
$v_section = escapeshellarg($_REQUEST['v_section']);