Digitalstack/myaac
2
0
Fork 0
mirror of https://github.com/slawkens/myaac.git synced 2025-10-17 11:13:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

Protect against csrf in more places (accounts & guilds pages)

Browse Source
This commit is contained in:
slawkens
2025-05-24 09:52:56 +02:00
parent 72cdd290da
commit 6eda38603c
21 changed files with 43 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
system/pages/forum/new_thread.php
View File

@@ -28,6 +28,8 @@ if(!$logged) {
return;
}
csrfProtect();
if(Forum::canPost($account_logged)) {
$players_from_account = $db->query('SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = '.(int) $account_logged->getId())->fetchAll();
$section_id = $_REQUEST['section_id'] ?? null;