Digitalstack/myaac
2
0
Fork 0
mirror of https://github.com/slawkens/myaac.git synced 2025-10-14 09:44:55 +02:00
Code Issues Packages Projects Releases Wiki Activity

Protect against csrf in more places (accounts & guilds pages)

Browse Source
This commit is contained in:
slawkens
2025-05-24 09:52:56 +02:00
parent 72cdd290da
commit 6eda38603c
21 changed files with 43 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
system/pages/account/characters/change-comment.php
View File

@@ -20,6 +20,8 @@ if(!$logged) {
return;
}
csrfProtect();
$player = null;
$player_name = isset($_REQUEST['name']) ? stripslashes(urldecode($_REQUEST['name'])) : null;
$new_comment = isset($_POST['comment']) ? htmlspecialchars(stripslashes(substr($_POST['comment'],0,2000))) : NULL;