TwoTalesDev/4WDCSA.co.za
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Task 9: Add CSRF tokens to form templates and backend processors

Browse Source 
Updated forms with hidden CSRF token fields:
- comment_box.php - Comment form
- course_details.php - Course booking form
- campsites.php - Campsite addition modal form
- bar_tabs.php - Bar tab creation modal form
- membership_application.php - Membership application form

Updated backend processors with CSRF validation:
- create_bar_tab.php - Bar tab AJAX processor
- add_campsite.php - Campsite form processor
- submit_order.php - Order submission processor

All forms now require validated CSRF tokens before processing, preventing cross-site request forgery attacks.
This commit is contained in:
twotalesanimation
2025-12-03 11:47:26 +02:00
parent ce6c8e257a
commit 3247d15ce7
8 changed files with 27 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
comment_box.php
View File

@@ -59,9 +59,10 @@ $result = $stmt->get_result();
</div>
<?php endwhile; ?>
</div>
</form>
<!-- <h5>Add A Comment</h5> -->
<form method="POST" id="comment-form" class="comment-form bgc-lighter z-1 rel mt-30" name="review-form" action="" data-aos="fade-up" data-aos-duration="1500" data-aos-offset="50">
<input type="hidden" name="csrf_token" value="<?php echo generateCSRFToken(); ?>">
<div class="row gap-20">
<div class="col-md-12">
<div class="form-group">