frodovdr/raspap-webgui
1
0
Fork 0
mirror of https://github.com/billz/raspap-webgui.git synced 2025-12-26 23:26:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Ensure a CSRF token exists in session

Browse Source
This commit is contained in:
billz
2025-03-25 06:49:18 -07:00
parent 821ac9c1f8
commit 48e492bf10
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/RaspAP/Tokens/CSRFTokenizer.php
View File

@@ -19,6 +19,12 @@ class CSRFTokenizer {
public function __construct()
{
$this->ensureSession();
// ensure a CSRF token exists in the session
if (empty($_SESSION['csrf_token'])) {
$this->ensureCSRFSessionToken;
}
if ($this->csrfValidateRequest() && !$this->CSRFValidate($_SESSION['csrf_token'])) {
$this->handleInvalidCSRFToken();
}