diff --git a/includes/functions.php b/includes/functions.php
index 54b4939c..6ef53ea4 100755
--- a/includes/functions.php
+++ b/includes/functions.php
@@ -306,82 +306,6 @@ function filter_comments($var)
return $var[0] != '#';
}
-/**
- * Saves a CSRF token in the session
- */
-function ensureCSRFSessionToken()
-{
- if (empty($_SESSION['csrf_token'])) {
- $_SESSION['csrf_token'] = bin2hex(random_bytes(32));
- }
-}
-
-/**
- * Add CSRF Token to form
- */
-function CSRFTokenFieldTag()
-{
- $token = htmlspecialchars($_SESSION['csrf_token']);
- return '';
-}
-
-/**
- * Retuns a CSRF meta tag (for use with xhr, for example)
- */
-function CSRFMetaTag()
-{
- $token = htmlspecialchars($_SESSION['csrf_token']);
- return '';
-}
-
-/**
- * Validate CSRF Token
- */
-function CSRFValidate()
-{
- if (empty($_SESSION['csrf_token']) || !is_string($_SESSION['csrf_token'])) {
- error_log('Session expired or CSRF token is missing.');
- header('Location: /login');
- exit;
- }
-
- $post_token = $_POST['csrf_token'] ?? null;
- $header_token = $_SERVER['HTTP_X_CSRF_TOKEN'] ?? null;
-
- if (empty($post_token) && is_null($header_token)) {
- error_log('CSRF token missing in the request');
- return false;
- }
- $request_token = $post_token ?: $header_token;
-
- if (hash_equals($_SESSION['csrf_token'], $request_token)) {
- return true;
- } else {
- error_log('CSRF token mismatch');
- return false;
- }
-}
-
-/**
- * Should the request be CSRF-validated?
- */
-function csrfValidateRequest()
-{
- $request_method = strtolower($_SERVER['REQUEST_METHOD']);
- return in_array($request_method, [ "post", "put", "patch", "delete" ]);
-}
-
-/**
- * Handle invalid CSRF
- */
-function handleInvalidCSRFToken()
-{
- header('HTTP/1.1 500 Internal Server Error');
- header('Content-Type: text/plain');
- echo 'Invalid CSRF token';
- exit;
-}
-
/**
* Test whether array is associative
*/