mirror of
https://github.com/billz/raspap-webgui.git
synced 2023-10-10 13:37:24 +02:00
Fix php notices w/ proper var checks
This commit is contained in:
parent
55c0a49911
commit
c64bdb42c8
@ -318,23 +318,23 @@ function CSRFMetaTag()
|
|||||||
*/
|
*/
|
||||||
function CSRFValidate()
|
function CSRFValidate()
|
||||||
{
|
{
|
||||||
$post_token = $_POST['csrf_token'];
|
if(isset($_POST['csrf_token'])) {
|
||||||
$header_token = $_SERVER['HTTP_X_CSRF_TOKEN'];
|
$post_token = $_POST['csrf_token'];
|
||||||
|
$header_token = $_SERVER['HTTP_X_CSRF_TOKEN'];
|
||||||
|
|
||||||
if (empty($post_token) && empty($header_token)) {
|
if (empty($post_token) && empty($header_token)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
$request_token = $post_token;
|
||||||
$request_token = $post_token;
|
if (empty($post_token)) {
|
||||||
if (empty($post_token)) {
|
$request_token = $header_token;
|
||||||
$request_token = $header_token;
|
}
|
||||||
}
|
if (hash_equals($_SESSION['csrf_token'], $request_token)) {
|
||||||
|
return true;
|
||||||
if (hash_equals($_SESSION['csrf_token'], $request_token)) {
|
} else {
|
||||||
return true;
|
error_log('CSRF violation');
|
||||||
} else {
|
return false;
|
||||||
error_log('CSRF violation');
|
}
|
||||||
return false;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -685,8 +685,10 @@ function getColorOpt()
|
|||||||
}
|
}
|
||||||
function getSidebarState()
|
function getSidebarState()
|
||||||
{
|
{
|
||||||
if ($_COOKIE['sidebarToggled'] == 'true' ) {
|
if(isset($_COOKIE['sidebarToggled'])) {
|
||||||
return"toggled";
|
if ($_COOKIE['sidebarToggled'] == 'true' ) {
|
||||||
|
return "toggled";
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user