Skip to content

Commit

Permalink
Fix php warning
Browse files Browse the repository at this point in the history
  • Loading branch information
@craigk5n
craigk5n committed Sep 13, 2023
1 parent 3366a85 commit f947a5c
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions includes/formvars.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,10 @@ function preventHacking ( $name, $instr ) {
// CSRF protection can be disabled in Admin Settings, but
// the tokens are still added to forms.
if (empty($CSRF_PROTECTION) || $CSRF_PROTECTION != 'N') {
if (empty($_REQUEST['csrf_form_key'])) {
die_miserable_death (translate('Fatal Error') . ': '
. translate('Invalid form request'));
}
$formKey = $_REQUEST['csrf_form_key'];
if ($formKey == $_SESSION['csrf_form_key'] && !empty($_SESSION['csrf_form_key'])) {
// Okay to proceed
Expand Down

0 comments on commit f947a5c

Please sign in to comment.