Cavemanon/cavepaintings
7
Fork 2
Code Issues 3 Pull Requests Projects Releases Wiki Activity

die louder if CSRF is missing for admin actions

Browse Source
This commit is contained in:
Shish
2024-01-16 10:55:03 +00:00
parent 7f20b17a59
commit ea1867f92d
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ext/admin/main.php
View File

@ -58,6 +58,8 @@ class AdminPage extends Extension
shm_set_timeout(null); shm_set_timeout(null);
$database->set_timeout(null); $database->set_timeout(null);
send_event($aae); send_event($aae);
} else {
throw new SCoreException("Invalid CSRF token");
} }
if ($aae->redirect) { if ($aae->redirect) {