github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta synced 2025-08-21 05:44:08 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix for PHP Notice in vesta-php

Browse source
This commit is contained in:
myvesta 2022-07-12 20:40:20 +02:00 committed by GitHub
commit b2d7c5a1fd
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
web/inc/secure_login.php
View file

@ -91,7 +91,8 @@ function prevent_get_csrf () {
if (isset($_SERVER['SERVER_PORT']) == false) return;
if (isset($_SERVER['HTTP_REFERER']) == false) return;
$_SERVER['HTTP_HOST'] = strtolower($_SERVER['HTTP_HOST']);
$_SERVER['HTTP_ORIGIN'] = strtolower($_SERVER['HTTP_ORIGIN']);
if (isset($_SERVER['HTTP_ORIGIN'])) $_SERVER['HTTP_ORIGIN'] = strtolower($_SERVER['HTTP_ORIGIN']);
else $_SERVER['HTTP_ORIGIN']='';
if (substr($_SERVER['HTTP_REFERER'], 0, 8) != "file:///" && substr($_SERVER['HTTP_REFERER'], 0, 7) != "http://" && substr($_SERVER['HTTP_REFERER'], 0, 8) != "https://") return;
$host_arr = explode(":", $_SERVER['HTTP_HOST']);
$hostname = $host_arr[0];