Digitalstack/myaac
2
0
Fork 0
mirror of https://github.com/slawkens/myaac.git synced 2025-11-28 22:26:51 +01:00
Code Issues Packages Projects Releases Wiki Activity

Protect against csrf in more places (accounts & guilds pages)

Browse Source
This commit is contained in:
slawkens
2025-05-24 09:52:56 +02:00
parent 72cdd290da
commit 6eda38603c
21 changed files with 43 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
system/pages/account/register.php
View File

@@ -17,6 +17,8 @@ if(!$logged) {
return;
}
csrfProtect();
$_POST['reg_password'] = $_POST['reg_password'] ?? '';
$reg_password = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $_POST['reg_password']);
$old_key = $account_logged->getCustomField("key");