github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta synced 2025-08-21 13:54:28 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Checking token on adding and deleting favorites

Browse source
This commit is contained in:
myvesta 2021-08-29 16:05:33 +02:00
commit 475fe47984
3 changed files with 11 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

5
web/delete/favorite/index.php
View file

@ -5,6 +5,11 @@
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Check token
if ((!isset($_REQUEST['token'])) || ($_SESSION['token'] != $_REQUEST['token'])) {
die("Wrong token");
}
unset($_SESSION['favourites'][strtoupper($_REQUEST['v_section'])][$_REQUEST['v_unit_id']]);
$v_section = escapeshellarg($_REQUEST['v_section']);