github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta synced 2025-08-21 05:44:08 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update secure_login.php

Browse source
This commit is contained in:
myvesta 2021-08-29 12:39:48 +02:00 committed by GitHub
commit 8a5469abcd
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
web/inc/secure_login.php
View file

@ -84,7 +84,7 @@ function prevent_get_csrf () {
if (file_exists('/usr/local/vesta/conf_web/dont_check_csrf')) return; if (file_exists('/usr/local/vesta/conf_web/dont_check_csrf')) return;
if ($_SERVER['REQUEST_METHOD'] == "GET") { if ($_SERVER['REQUEST_METHOD'] == "GET") {
if (isset($_GET[$login_url])) return; if (isset($_GET[$login_url])) return;
if ($_SERVER['REQUEST_URI']=="" || $_SERVER['REQUEST_URI']=="/" || $_SERVER['REQUEST_URI']=="/login/" || $_SERVER['REQUEST_URI']=="/list/web/") return; if ($_SERVER['REQUEST_URI']=="" || $_SERVER['REQUEST_URI']=="/" || $_SERVER['REQUEST_URI']=="/login/" || $_SERVER['REQUEST_URI']=="/list/user/" || $_SERVER['REQUEST_URI']=="/list/web/") return;
} }
if (isset($_SERVER['HTTP_HOST']) == false) return; if (isset($_SERVER['HTTP_HOST']) == false) return;
if (isset($_SERVER['SERVER_PORT']) == false) return; if (isset($_SERVER['SERVER_PORT']) == false) return;