Jakach/jakach-login
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

adding enhanced csrf protection
Deploy / deploy (push) Successful in 33s
Details

Browse Source
This commit is contained in:
janis steiner
2026-05-06 09:07:48 +02:00
parent 7ae7df0a11
commit d82a08f77b
25 changed files with 132 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app-code/api/manage/delete_user.php
+1
View File
@@ -3,6 +3,7 @@ header('Content-Type: application/json');
include "../utils/security.php";
secure_session_start();
require_same_origin_request();
require_csrf_token();
//check for permisisons
if (!isset($_SESSION["logged_in"]) || $_SESSION["logged_in"] !== true || !is_admin_session() ) {
echo(json_encode(['success' => false, 'message'=>'not authenticated']));