Digitalstack/myaac
2
0
Fork 0
mirror of https://github.com/slawkens/myaac.git synced 2025-10-14 01:34:55 +02:00
Code Issues Packages Projects Releases Wiki Activity

feature: csrf protection

Browse Source
This commit is contained in:
slawkens
2023-09-16 09:23:51 +02:00
parent 046c0b5cf4
commit 0e33fd103c
72 changed files with 332 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
system/init.php
View File

@@ -7,6 +7,9 @@
* @copyright 2019 MyAAC
* @link https://my-aac.org
*/
use MyAAC\CsrfToken;
defined('MYAAC') or die('Direct access not allowed!');
if(!isset($config['installed']) || !$config['installed']) {
@@ -132,6 +135,12 @@ require_once LIBS . 'Settings.php';
$settings = Settings::getInstance();
$settings->load();
// csrf protection
$token = getSession('csrf_token');
if (!isset($token)) {
CsrfToken::generate();
}
// deprecated config values
require_once SYSTEM . 'compat/config.php';