This repository was archived by the owner on Dec 14, 2023. It is now read-only.
File tree Expand file tree Collapse file tree 1 file changed +11
-9
lines changed Expand file tree Collapse file tree 1 file changed +11
-9
lines changed Original file line number Diff line number Diff line change 1818 $ _SESSION "csrf " ] = md5 (uniqid (mt_rand (), true ));
1919}
2020
21- if (($ _GET $ _POST isset ($ _REQUEST "csrf " ]) || $ _REQUEST "csrf " ] !== $ _SESSION "csrf " ])) {
22- $ reqisset ($ _REQUEST "csrf " ]) ? xssClean ($ _REQUEST "csrf " ], "html " ) : "" ;
23- die ($ t'Bad CSRF token... ' ] . "<br><br>
24- CSRF issue:<br>
25- REQUEST: "$ req"<br>
26- SESSION: "xssClean ($ _SESSION "csrf " ], "html " ) . "<br>
27- FILE: "xssClean ($ _SERVER "SCRIPT_NAME " ], "html " ) . "<br>
28- GET: "xssClean (var_export ($ _GET true ), "html " ) . "<br>
29- POST: "xssClean (var_export ($ _POST true ), "html " ));
21+ if (($ _POST $ _GET $ _POST "csrf " ] && !$ _GET "csrf " ]) {
22+ $ reqxssClean ($ _POST "csrf " ] ?? $ _GET 'csrf ' ] ?? "" , "html " );
23+ if ($ req$ _SESSION "csrf " ]) {
24+ die ($ t'Bad CSRF token... ' ] . "<br><br>
25+ CSRF issue:<br>
26+ REQUEST: "$ req"<br>
27+ SESSION: "xssClean ($ _SESSION "csrf " ], "html " ) . "<br>
28+ FILE: "xssClean ($ _SERVER "SCRIPT_NAME " ], "html " ) . "<br>
29+ GET: "xssClean (var_export ($ _GET true ), "html " ) . "<br>
30+ POST: "xssClean (var_export ($ _POST true ), "html " ));
31+ }
3032}
3133
3234if (!headers_sent ()) {
You can’t perform that action at this time.
0 commit comments